www.herald-dispatch.com Open in urlscan Pro
192.104.183.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.heralddispatch.com/
Effective URL:
https://www.herald-dispatch.com/
Submission: On October 07 via api (October 7th 2022, 2:24:44 pm UTC) from US — Scanned from DE

Summary HTTP 301 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 40 domains to perform 301 HTTP transactions. The main IP is 192.104.183.109, located in United States and belongs to LEE-ASN, US. The main domain is www.herald-dispatch.com. The Cisco Umbrella rank of the primary domain is 529780.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on September 13th 2022. Valid for: 3 months.

This is the only time www.herald-dispatch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 11	192.104.183.109 192.104.183.109	10668 (LEE-ASN) (LEE-ASN)
41	104.16.133.24 104.16.133.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.9 18.66.97.9	16509 (AMAZON-02) (AMAZON-02)
17	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
3	13.32.105.95 13.32.105.95	16509 (AMAZON-02) (AMAZON-02)
23	35.175.7.63 35.175.7.63	14618 (AMAZON-AES) (AMAZON-AES)
21	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
3	44.194.179.148 44.194.179.148	14618 (AMAZON-AES) (AMAZON-AES)
1	52.160.40.218 52.160.40.218	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
6	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
4	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:f400:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	108.138.4.150 108.138.4.150	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.68 141.95.98.68	16276 (OVH) (OVH)
1	2001:41d0:701... 2001:41d0:701:1000::2fb3	16276 (OVH) (OVH)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1	44.193.125.215 44.193.125.215	14618 (AMAZON-AES) (AMAZON-AES)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	18.66.115.169 18.66.115.169	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	23.111.9.57 23.111.9.57	33438 (STACKPATH) (STACKPATH)
2	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
20	20.60.81.107 20.60.81.107	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2 20	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
12	54.92.238.99 54.92.238.99	14618 (AMAZON-AES) (AMAZON-AES)
6	108.138.17.105 108.138.17.105	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	5.79.106.138 5.79.106.138	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2606:4700:303... 2606:4700:3031::ac43:bced	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
4	104.244.43.131 104.244.43.131	54113 (FASTLY) (FASTLY)
2	52.217.90.204 52.217.90.204	16509 (AMAZON-02) (AMAZON-02)
28	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	34.247.1.169 34.247.1.169	16509 (AMAZON-02) (AMAZON-02)
301	55

11 192.104.183.109 (United States) 3 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

www.heralddispatch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
herald-dispatch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.herald-dispatch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 104.16.133.24 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

bloximages.newyork1.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-9.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

cdn.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.105.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-105-95.fra60.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 35.175.7.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-7-63.compute-1.amazonaws.com

heralddispatch.friends2follow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.friends2follow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
antifraudjs.friends2follow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.194.179.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-179-148.compute-1.amazonaws.com

wvcarfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:f400:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:701:1000::2fb3 (France)

ASN16276 (OVH, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.193.125.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-125-215.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.115.169 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-115-169.fra56.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:d::1737:6e8f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

csp.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.9.57 (United States)

ASN33438 (STACKPATH, US)

twemoji.maxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 20.60.81.107 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

citysparkstorage.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.92.238.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-238-99.compute-1.amazonaws.com

analytics-prd.aws.wehaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.17.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-105.fra56.r.cloudfront.net

cars-static.wehaacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.79.106.138 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: d2.adspeed.us

g.adspeed.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:bced (United States)

ASN13335 (CLOUDFLARENET, US)

adserver.paywallproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.244.43.131 (United States)

ASN54113 (FASTLY, US)

abs-0.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.90.204 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

friends2follow-us.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

scontent-iad3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.1.169 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-1-169.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	townnews.com bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 26322	543 KB
34	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 170	952 KB
33	twimg.com abs.twimg.com — Cisco Umbrella Rank: 1910 abs-0.twimg.com — Cisco Umbrella Rank: 2428 pbs.twimg.com — Cisco Umbrella Rank: 673	93 KB
27	twitter.com platform.twitter.com — Cisco Umbrella Rank: 991 syndication.twitter.com — Cisco Umbrella Rank: 1241	1 MB
23	friends2follow.com heralddispatch.friends2follow.com tracking.friends2follow.com — Cisco Umbrella Rank: 120559 antifraudjs.friends2follow.com — Cisco Umbrella Rank: 194837	303 KB
20	windows.net citysparkstorage.blob.core.windows.net — Cisco Umbrella Rank: 64748	2 MB
20	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 171	189 KB
12	wehaa.net analytics-prd.aws.wehaa.net — Cisco Umbrella Rank: 482387	3 KB
10	herald-dispatch.com 2 redirects herald-dispatch.com — Cisco Umbrella Rank: 502272 www.herald-dispatch.com — Cisco Umbrella Rank: 529780	119 KB
9	google.com ampcid.google.com — Cisco Umbrella Rank: 2411 adservice.google.com — Cisco Umbrella Rank: 136 www.google.com — Cisco Umbrella Rank: 19 apis.google.com — Cisco Umbrella Rank: 232	42 KB
6	wehaacdn.com cars-static.wehaacdn.com — Cisco Umbrella Rank: 388274	187 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	265 KB
5	segment.com cdn.segment.com — Cisco Umbrella Rank: 2553	38 KB
4	maxcdn.com twemoji.maxcdn.com — Cisco Umbrella Rank: 10942	4 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	4 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 850 www.linkedin.com — Cisco Umbrella Rank: 840 px4.ads.linkedin.com — Cisco Umbrella Rank: 6680	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	40 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 391 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 750	48 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	240 KB
3	fbcdn.net scontent-iad3-1.xx.fbcdn.net — Cisco Umbrella Rank: 7973	77 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 115	3 KB
3	adspeed.net g.adspeed.net — Cisco Umbrella Rank: 103671	2 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 358	11 KB
3	gstatic.com fonts.gstatic.com	132 KB
3	wvcarfinder.com wvcarfinder.com	39 KB
3	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1563 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1096	12 KB
2	amazonaws.com friends2follow-us.s3.amazonaws.com — Cisco Umbrella Rank: 174909	35 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5221 ampcid.google.de — Cisco Umbrella Rank: 37983	1 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1743 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1864	574 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1477 id5-sync.com — Cisco Umbrella Rank: 642	17 KB
2	cityspark.com cdn.cityspark.com — Cisco Umbrella Rank: 65501 p.cityspark.com — Cisco Umbrella Rank: 49052	14 KB
1	paywallproject.com adserver.paywallproject.com	124 KB
1	azureedge.net csp.azureedge.net — Cisco Umbrella Rank: 62946	61 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1003	420 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1339	201 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 977	30 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1597	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1571	3 KB
1	connatix.com cdn.connatix.com — Cisco Umbrella Rank: 18676
1	heralddispatch.com 1 redirects www.heralddispatch.com	167 B
301	40

	Domain	Requested by
41	bloximages.newyork1.vip.townnews.com	www.herald-dispatch.com heralddispatch.friends2follow.com
28	pbs.twimg.com	syndication.twitter.com platform.twitter.com
21	platform.twitter.com	www.herald-dispatch.com platform.twitter.com syndication.twitter.com
20	tpc.googlesyndication.com	2 redirects securepubads.g.doubleclick.net www.herald-dispatch.com d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com
20	citysparkstorage.blob.core.windows.net	www.herald-dispatch.com
17	heralddispatch.friends2follow.com	www.herald-dispatch.com heralddispatch.friends2follow.com
16	securepubads.g.doubleclick.net	www.herald-dispatch.com securepubads.g.doubleclick.net www.googletagservices.com d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com
12	analytics-prd.aws.wehaa.net	wvcarfinder.com
12	pagead2.googlesyndication.com	www.herald-dispatch.com pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
9	www.herald-dispatch.com	1 redirects www.herald-dispatch.com
6	cars-static.wehaacdn.com	wvcarfinder.com code.jquery.com
6	www.googletagservices.com	securepubads.g.doubleclick.net d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com
6	syndication.twitter.com	platform.twitter.com www.herald-dispatch.com syndication.twitter.com
5	www.google.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	cdn.segment.com	www.herald-dispatch.com cdn.segment.com
4	abs-0.twimg.com	syndication.twitter.com platform.twitter.com
4	twemoji.maxcdn.com	heralddispatch.friends2follow.com
4	tracking.friends2follow.com	heralddispatch.friends2follow.com www.herald-dispatch.com
4	fonts.googleapis.com	heralddispatch.friends2follow.com client code.jquery.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.herald-dispatch.com wvcarfinder.com
4	www.googletagmanager.com	www.herald-dispatch.com www.googletagmanager.com
3	scontent-iad3-1.xx.fbcdn.net	www.herald-dispatch.com
3	www.facebook.com	heralddispatch.friends2follow.com
3	g.adspeed.net	d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com g.adspeed.net
3	cdnjs.cloudflare.com	cdn.cityspark.com code.jquery.com bloximages.newyork1.vip.townnews.com
3	fonts.gstatic.com	fonts.googleapis.com
3	wvcarfinder.com	www.herald-dispatch.com wvcarfinder.com code.jquery.com
3	c.amazon-adsystem.com	www.herald-dispatch.com c.amazon-adsystem.com
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	friends2follow-us.s3.amazonaws.com	www.herald-dispatch.com
2	apis.google.com	heralddispatch.friends2follow.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	antifraudjs.friends2follow.com	heralddispatch.friends2follow.com
2	px.ads.linkedin.com	2 redirects
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	abs.twimg.com	platform.twitter.com
1	adserver.paywallproject.com	d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com
1	csp.azureedge.net	cdn.cityspark.com
1	ampcid.google.de	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ampcid.google.com	www.google-analytics.com
1	id5-sync.com	cdn.id5-sync.com
1	ping.chartbeat.net	www.herald-dispatch.com
1	code.jquery.com	wvcarfinder.com
1	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	px4.ads.linkedin.com	www.herald-dispatch.com
1	www.linkedin.com	1 redirects
1	static.chartbeat.com	www.herald-dispatch.com
1	cdn.id5-sync.com	www.herald-dispatch.com
1	snap.licdn.com	www.herald-dispatch.com
1	p.cityspark.com	cdn.cityspark.com
1	cdn.cityspark.com	www.herald-dispatch.com
1	cdn.connatix.com	www.herald-dispatch.com
1	tags.crwdcntrl.net	www.herald-dispatch.com
1	herald-dispatch.com	1 redirects
1	www.heralddispatch.com	1 redirects
301	61

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
heralddispatch.newzware.com
www.waynecountynews.com
herald-dispatch.newsbank.com
portal.cityspark.com
www.instagram.com
www.hdclassifieds.com
wvlegals.com
herald-dispatch.adperfect.com
www.facebook.com
twitter.com
instagram.com
www.wvgazettemail.com
wa.me
hdmediallc.com
bloxcms.com
townnews.com

Subject Issuer	Validity	Valid
herald-dispatch.com ZeroSSL ECC Domain Secure Site CA	`2022-09-13` - `2022-12-12`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2022-08-22` - `2023-09-23`	a year	crt.sh
sni0f49gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-24` - `2023-09-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
friends2follow.com Amazon	`2021-11-11` - `2022-12-09`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
autoevents.aws.wehaa.net Amazon	`2022-08-18` - `2023-09-16`	a year	crt.sh
*.cityspark.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-08` - `2023-03-11`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
*.azureedge.net Microsoft Azure ECC TLS Issuing CA 01	`2022-07-27` - `2023-07-22`	a year	crt.sh
twemoji.maxcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-13` - `2022-11-09`	a year	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 01	`2022-08-18` - `2023-08-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.aws.wehaa.net Amazon	`2022-05-29` - `2023-06-27`	a year	crt.sh
*.wehaacdn.com Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.adspeed.net Sectigo RSA Domain Validation Secure Server CA	`2022-07-13` - `2023-08-01`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-16` - `2022-10-14`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://www.herald-dispatch.com/
Frame ID: 87AA2E11B495C82B058363EE7B164ED7
Requests: 124 HTTP requests in this frame

Frame: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/5/0/12/140/1/1/1/0/0
Frame ID: 356EB7649A6DF9716E85136FA25EC983
Requests: 23 HTTP requests in this frame

Frame: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1
Frame ID: 56366A216AE0ED1A69EFF23209CAD3EA
Requests: 35 HTTP requests in this frame

Frame: https://wvcarfinder.com/event/i/?id=607&e=1&size=300x600C
Frame ID: B88C914D00B16CDD92F79562C36FA458
Requests: 19 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.herald-dispatch.com
Frame ID: C6D8028F49E83AB618CD8877FDE4F124
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
Frame ID: CC5649EEC4179A804775DBA2588BB856
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7816267718295528&output=html&adk=1812271804&adf=3025194257&lmt=1665151256&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.herald-dispatch.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665152675841&bpp=4&bdt=546&idt=318&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2941000625481&frm=20&pv=2&ga_vid=718849610.1665152676&ga_sid=1665152676&ga_hid=1093172635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31068919&oid=2&pvsid=843843567629664&tmod=1064046313&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=351
Frame ID: C1721A6FC013A311F8163A21C6FAE1A2
Requests: 1 HTTP requests in this frame

Frame: https://syndication.twitter.com/srv/timeline-list/screen-name/heralddispatch/slug/hd-news-4?dnt=true&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.herald-dispatch.com%2F&sessionId=1122c611835ed6df3fcd1ff6c818d7d9ac962cbc&showHeader=true&siteScreenName=heralddispatch&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Frame ID: 49E5287A7B5F0F3A0CE2C4C877CB18F2
Requests: 49 HTTP requests in this frame

Frame: https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 43F38279D27221A2949C465684264DE3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttpdGhAV7TV8cxE8x8btmNr-8MQ3I9fd6Ruvws3cXRN9a7kimox0KOEMhYkRCV7Wa2q3NoYu_JazBg2xvdWH_kSzx7D1Yyw4E-_XRC4Q6_pt8NieiP1UF8Ue_O7Jv1jb5juD-Uv3LyxFMxxaK8e27bNMSk4mjrK9je64Tp8RxUctQg4oDs-CzBk6tbARzZQd9H3Eos-Qft1ZR-m4dRweNaaTWhSorH5hjwrhDRou_QtZ0ASPyqA3q2eKxIFXzt1yS9wAx1ZGRITlXZXVf1os31PwKfmplw7pFQtr5elsuAsEHYzM8MTyiJtJJfYKjJ6Czu8zIpLgQyS7Liph3jQEstumtSUF4bHSUM6vCzPg&sai=AMfl-YTmXTVPYh-UeRzFo096wuLHK28DHkqBBAps172rdnUw4MOG0N-NLPl1wgpHntkQXdYSH83YAcSNZMHb5XZQqOsqMHFcsmTkMdBujF12huEzwpRF_rsz6t981LOdOJBUcpFC&sig=Cg0ArKJSzBSrnEUksriyEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1A76B8BE1231489765D945F459F4440D
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7l7dKmlomZIBERwvPGDcjp_-qL95myv8AG5eu0Dlio6vaC2PuVqidI4ZkeI7fBc7nIN5nm3BZPTUjS_6se90a1joVz_OQefaCGtDT_xMxiqR7gV38dPZK6dGwK2WmDV1RclmFgxWaFUwhbDmsC4IVbdun36k_a7jJRRP14d-EnouTE1tAyR5DZT8S-N7YhXzG2oC1w5JmWPct4dq-NdejcsXfWgyLmXEIPYE9sy60J96OlHCiweyBoLW1BOJipO7Dzb3yt2KusI6ADYBXmjjPZd55ucGPkPNU-Z_QIjnWinJ09TNoWl00U0MrN5Vi4rsNj6EIYLvTxdBO31okN5pNMEwlW7p3xb0dJg&sai=AMfl-YT2UGCBHr7DsD7PdC5K8h4X5hV6yCCBYOJakxzAEPJ97NF1f9momLoHdN-OIqQpX5MsyPN1-N4dabhJXFOQm-Wm3wj-3a4stjtxMpTDvsKsGUp4MCRljVJ1i2MoibnzT-gw&sig=Cg0ArKJSzEw5-MdQrrATEAE&uach_m=[UACH]&adurl=
Frame ID: 091EC1FC58DB688B535A5966FCB4835C
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9goOb68fSgQsn8OAXj0RBNizzH1S3TolH6-YcDRC9Sj_PBySIqxIhGA0QTT_-eKUOa2RmpMik3C75QjeggrXqDfR7E7cOvw0CJQQ1xh67pJbmeXFk6WW6oOSt6jmZiH6P-nflpuZOLbWjnwWYSgAPjJLR43smOD-X7dy4-sJ3k0Hct9A7Tvl1PFwy6EKPeVlIDWB1WtBpoP0yVGFw6NBjMKDkI7nhHJi4PRjPFvcC23WW9xkQ2DkU7uHW92CtUu9msMVNdItmI0CCEP2L0pN4DWnOjdEZBgFkjJKhTlAh3WePY2yzFc16ANq_XZH3SxD-EjAcQ2-yOIdK6wBY9MmILhOx24tMC8qg0g&sai=AMfl-YRHadE75lq4zsywV_poOEXweTSvteT9OBYV5eRCuWJqQcuzupFkQOuIAHsJTGQBbe-DkumzoGfwGhOjJP6nHgHwUIU_cpwH91U7BEhuXbPZUsQUibprMiKoYn_2KDfo2lN7&sig=Cg0ArKJSzJHYYZZGiCNBEAE&uach_m=[UACH]&adurl=
Frame ID: C4439E29124291D05542278650929251
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQyib6YDIAT5g4r5tau6TtUjwapElFjwivgrDLMEXseIuluTKl-1ZMNnSMfZnpcDfhdbtcF-fjw2M29qDNHtDiyrDdhRq-Cbecy2Pjbcf7gvTQNAmRvj944udBYKpiCCKoWFdSxFpw2_stPiIa07TEWY0-UGZ6ngu3zXcD68KCl0Qmi6UM0SPAFldlw4dQF7_aPKfpRogL4u58U2p_Z5-NMKDY_zbW0Pwg8lSprlWeceRIyqyT4rYZ_OeaTtxp3d3iNT4f3HcPC5Am_lGUBu8kXBO4BKHjrm2EDFpswIAFCqKgriR2eqcQ90EmMSlyLPsXS0mnYmDIkDCgLofoKGNvDgg9tMU_Gyeh3k3nOw&sai=AMfl-YQjVpTUrlb0crpJOWKB_7n0ESSdJ5o09005rfKemGdMzc3XHNv-I4-sqzDVkdGz37M3A75ZP30AE9A5LLDP07nkXAPxftV6168o42A_CbNbrd7UYZ6H7QiAaXC-C7iiwb2T&sig=Cg0ArKJSzIj1v9h8THBeEAE&uach_m=[UACH]&adurl=
Frame ID: 78BAED2CB0B18BBF427C00B79DD4FCED
Requests: 9 HTTP requests in this frame

Frame: https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D5B8466689AEF703208122135F554FD0
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_K9Ix-LT4UqnwFbeO-YqQfYTjXclciaf5gE3atPXvNNihjCVNHvp43XppYfrKoMa4BuCNs3jdpm-8ss8-NRIIG08PxGINhWV5y7NYKYaMM4JAGQH9V68oZYRNt5sfyIDg4GFWOSoJGvWDQt0ClkRU2UHSlyYGjvxe1679doPd8fFTAhDCWft5Vuazv1CQlbCRQkZjQyyCZPcNiH1fh2b5O6nEZMQw8qjNnYu6927iGd6O0rYq1hR0g6ENb5dUHN0B17t9SI0vVfvBwbJyZFGEJcY6HPM94nHYoyMnHPj8-jU0I5236VuQUA7m7gcgmC6fclJ5Y-gi23WnIaVsD-2jTMCP1nHU3t4HYQ&sai=AMfl-YSIEpdgSntu35QyRTMupFl0I8jFMDPic0Cz5wDIHdQIdidxLyXko-PS9xKU11jiRGlDfwYf9ujvh2DRZsbdM88rv0-v-cL3Xs0WxFCycyByzb6-F2H1iOGNpdp9ojjmMzV5&sig=Cg0ArKJSzKyj1yCSSOsxEAE&uach_m=[UACH]&adurl=
Frame ID: 8C79ABF2631AD9DE4ADD4ABACEEC942D
Requests: 9 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fheralddispatch.friends2follow.com
Frame ID: DB47EF45A3337091402E97B8CC1493D2
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fheralddispatch.friends2follow.com
Frame ID: 63F4F46ED9CC809328D4A921F3E3AC4C
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F418184251531752&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
Frame ID: 4540506EEE53056DD2249049E47FE2D9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F1648105645259454&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
Frame ID: 9DE67FA1C9822E7FE7E6AC0DEE4F0114
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F112485035462394&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
Frame ID: B8D6E14943A33E826B4352DEE10D1A06
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=16029/rand=965464567/pv=y/rb=%7B%22meta_tag%22%3A%22the%20herald-dispatch%22%7D/rt=ifr
Frame ID: 31463CAA6C51005334A8CB33DD93DCC1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ED51D7CA3A46A6A05F4E0E0ABBA7BA3F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 86F660E800BE8DB12B155638BB05C646
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

herald-dispatch.comArticle with imagesArticle with imagesArticle with imagesImage galleryImage galleryImage galleryImage galleryImage galleryArticle with imagesArticle with imagesArticlesCollectionsArrow LeftArrow Right

Page URL History Show full URLs

http://www.heralddispatch.com/ HTTP 301
http://herald-dispatch.com/ HTTP 301
https://www.herald-dispatch.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

301
Requests

99 %
HTTPS

58 %
IPv6

40
Domains

61
Subdomains

55
IPs

7
Countries

6441 kB
Transfer

13939 kB
Size

23
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssjTa-HzFKC6SefgvkfdYuYkB2ob5JEWK3BC3gZaCbdtWTQjaGnuf_WgjO9uM4SmMOJ0L5RlINdP-TnQB53KljF7_h5H-rxUGXN6ccwp9CUK066KsrsxK8I4ER2k_kcEbdPMvWUF--NbncUUiDeJ1trckixHxrlO0D6LExtk_Ra3wUhcPkzSgynDVbGBlHVVftbtyU0vJR78hvoZI14gaKtJvcc0SsyL8m0H3pAs36kMguIQLs2IiIM4g7ttV7zNgvmgjeHPtB-bF15S1hvQyP_6x4OpQIo4N7VSbq7gSLAgDGDJvjMxO8Vto7EyAR6LpHFPWRSOhIE24N78N-_ziMgZBKCXqtXSw%2526sai%253DAMfl-YT-DgofemUJnqh-VdV7XqhPnaqWvmFySCZMAifteRB418R2Dq-x8AG4RLvgU2q1Xh7ixDxsQwFtxJLK5N4UkBCuM2Taf9lAL595rqv2DffMB5gt7g8Kz3AFmUdIaD72CZQh%2526sig%253DCg0ArKJSzOrfDiZm1fW5EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253Dhttps://www.huntingtonfederal.com/about/convenient-locations/?utm_source=herald_dispatch_website&utm_medium=display&utm_campaign=24_mo_cd&utm_content=rates_are_rising

Search URL Search Domain Scan URL

URL: https://heralddispatch.newzware.com/ss70v2/huntin02/common/template.jsp?nwmodule=sso&init=nonsub&nwpage=sso&rpage=https%3A%2F%2Fwww.herald-dispatch.com%2Ftncms%2Fauth%2Fbegin%2F%3Fprovider%3DNewzware%26return%3Dhttps%253A%252F%252Fwww.herald-dispatch.com%252F
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.waynecountynews.com/
Title: Wayne County News

Search URL Search Domain Scan URL

URL: https://herald-dispatch.newsbank.com/
Title: Digital Archives

Search URL Search Domain Scan URL

URL: https://portal.cityspark.com/add/event/TheHeraldDispatch
Title: Promote Your Event

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heralddispatch/
Title: HD on Instagram

Search URL Search Domain Scan URL

URL: https://heralddispatch.newzware.com/ss70v2/huntin02/common/template.jsp
Title: My Account

Search URL Search Domain Scan URL

URL: https://www.hdclassifieds.com/huntington/rentals/search
Title: For Rent

Search URL Search Domain Scan URL

URL: https://www.hdclassifieds.com/huntington/merchandise/search
Title: Items for Sale

Search URL Search Domain Scan URL

URL: https://wvlegals.com/author/herald_dispatch/
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://herald-dispatch.adperfect.com/
Title: Place a Classified Ad

Search URL Search Domain Scan URL

URL: https://www.facebook.com/theheralddispatch
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/heralddispatch/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/heralddispatch/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.wvgazettemail.com/live/outside_the_echo_chamber/

Search URL Search Domain Scan URL

URL: https://www.wvgazettemail.com/sports/lowe_pod/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2Fbond-increased-for-ohio-man-who-cut-off-ankle-monitor-before-trial%2Farticle_ebdc2af8-501e-5fbe-8013-0bd6239703c5.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=Bond%20increased%20for%20Ohio%20man%20who%20cut%20off%20ankle%20monitor%20before%20trial&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2Fbond-increased-for-ohio-man-who-cut-off-ankle-monitor-before-trial%2Farticle_ebdc2af8-501e-5fbe-8013-0bd6239703c5.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/news/bond-increased-for-ohio-man-who-cut-off-ankle-monitor-before-trial/article_ebdc2af8-501e-5fbe-8013-0bd6239703c5.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2F6th-street-bridge-to-be-painted-in-spring-2023%2Farticle_6d5a6d26-3b74-53f1-94f9-99f60c383764.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=6th%20Street%20bridge%20to%20be%20painted%20in%20spring%202023&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2F6th-street-bridge-to-be-painted-in-spring-2023%2Farticle_6d5a6d26-3b74-53f1-94f9-99f60c383764.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/news/6th-street-bridge-to-be-painted-in-spring-2023/article_6d5a6d26-3b74-53f1-94f9-99f60c383764.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2Flawrence-commissioners-ok-manual-for-county-employees%2Farticle_beb8d897-0ce9-55bc-8ead-abbc02f36e87.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=Lawrence%20commissioners%20OK%20manual%20for%20county%20employees&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2Flawrence-commissioners-ok-manual-for-county-employees%2Farticle_beb8d897-0ce9-55bc-8ead-abbc02f36e87.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/news/lawrence-commissioners-ok-manual-for-county-employees/article_beb8d897-0ce9-55bc-8ead-abbc02f36e87.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2Fe-cigarette-use-remains-prominent-in-middle-high-schools%2Farticle_843268f0-0170-5835-9979-74051ca3ebbd.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=E-cigarette%20use%20remains%20prominent%20in%20middle%2C%20high%20schools&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2Fe-cigarette-use-remains-prominent-in-middle-high-schools%2Farticle_843268f0-0170-5835-9979-74051ca3ebbd.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/news/e-cigarette-use-remains-prominent-in-middle-high-schools/article_843268f0-0170-5835-9979-74051ca3ebbd.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: http://hdmediallc.com/2021-senior-resource-guide/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2Fcoronavirus%2Fcovid-transmission-level-drops-in-region%2Farticle_82eaca1b-2140-5521-b4d1-b77581d406bd.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=COVID%20transmission%20level%20drops%20in%20region&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2Fcoronavirus%2Fcovid-transmission-level-drops-in-region%2Farticle_82eaca1b-2140-5521-b4d1-b77581d406bd.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/coronavirus/covid-transmission-level-drops-in-region/article_82eaca1b-2140-5521-b4d1-b77581d406bd.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2Fcoronavirus%2Factive-covid-cases-drop-in-west-virginia%2Farticle_2e343c3b-17aa-57fa-ad23-eaf11e938309.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=Active%20COVID%20cases%20drop%20in%20West%20Virginia&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2Fcoronavirus%2Factive-covid-cases-drop-in-west-virginia%2Farticle_2e343c3b-17aa-57fa-ad23-eaf11e938309.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/coronavirus/active-covid-cases-drop-in-west-virginia/article_2e343c3b-17aa-57fa-ad23-eaf11e938309.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2Fcoronavirus%2Fwest-virginia-reports-42-new-covid-deaths%2Farticle_c5c63bcd-603a-5a52-a534-da869b144536.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=West%20Virginia%20reports%2042%20new%20COVID%20deaths&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2Fcoronavirus%2Fwest-virginia-reports-42-new-covid-deaths%2Farticle_c5c63bcd-603a-5a52-a534-da869b144536.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/coronavirus/west-virginia-reports-42-new-covid-deaths/article_c5c63bcd-603a-5a52-a534-da869b144536.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2Ffeatures_entertainment%2Fjanet-mccormick-warm-spices-make-this-soup-a-bowl-of-comfort%2Farticle_c1f09842-fd06-56e0-80a7-9b41dc03fd31.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=Janet%20McCormick%3A%20Warm%20spices%20make%20this%20soup%20a%20bowl%20of%20comfort&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2Ffeatures_entertainment%2Fjanet-mccormick-warm-spices-make-this-soup-a-bowl-of-comfort%2Farticle_c1f09842-fd06-56e0-80a7-9b41dc03fd31.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/features_entertainment/janet-mccormick-warm-spices-make-this-soup-a-bowl-of-comfort/article_c1f09842-fd06-56e0-80a7-9b41dc03fd31.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2Ffeatures_entertainment%2Fholiday-romance-movie-filmed-at-the-greenbrier-to-debut-thanksgiving-day%2Farticle_7b80bab3-5038-54a3-af71-5ca94c447c3b.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=Holiday%20romance%20movie%20filmed%20at%20The%20Greenbrier%20to%20debut%20Thanksgiving%20Day&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2Ffeatures_entertainment%2Fholiday-romance-movie-filmed-at-the-greenbrier-to-debut-thanksgiving-day%2Farticle_7b80bab3-5038-54a3-af71-5ca94c447c3b.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/features_entertainment/holiday-romance-movie-filmed-at-the-greenbrier-to-debut-thanksgiving-day/article_7b80bab3-5038-54a3-af71-5ca94c447c3b.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2F_zapp%2Fwatch-extreme-athletes-jump-off-the-new-river-gorge-bridge-at-next-weekends-bridge-day%2Farticle_0cd54680-26ff-5b9d-94ff-1f8b6280ab74.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=Watch%20extreme%20athletes%20jump%20off%20the%20New%20River%20Gorge%20Bridge%20at%20next%20weekend%27s%20Bridge%20Day%20festival&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2F_zapp%2Fwatch-extreme-athletes-jump-off-the-new-river-gorge-bridge-at-next-weekends-bridge-day%2Farticle_0cd54680-26ff-5b9d-94ff-1f8b6280ab74.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/_zapp/watch-extreme-athletes-jump-off-the-new-river-gorge-bridge-at-next-weekends-bridge-day/article_0cd54680-26ff-5b9d-94ff-1f8b6280ab74.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2Fsports%2Flate-push-sends-georgia-southern-past-herd-2-0%2Farticle_6a8828a9-dffc-50ea-a064-2b298c304a20.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=Late%20push%20sends%20Georgia%20Southern%20past%20Herd%2C%202-0&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2Fsports%2Flate-push-sends-georgia-southern-past-herd-2-0%2Farticle_6a8828a9-dffc-50ea-a064-2b298c304a20.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/sports/late-push-sends-georgia-southern-past-herd-2-0/article_6a8828a9-dffc-50ea-a064-2b298c304a20.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2Fsports%2Ffeaganes-makes-hole-in-one-at-sugarwood%2Farticle_8b80e556-fb02-58c6-bf56-538443be1ea8.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=Feaganes%20makes%20hole%20in%20one%20at%20Sugarwood&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2Fsports%2Ffeaganes-makes-hole-in-one-at-sugarwood%2Farticle_8b80e556-fb02-58c6-bf56-538443be1ea8.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/sports/feaganes-makes-hole-in-one-at-sugarwood/article_8b80e556-fb02-58c6-bf56-538443be1ea8.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2Fsports%2Fmcclure-aces-no-12-at-riverside%2Farticle_990ddaa4-e80a-56e0-9686-400604147126.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=McClure%20aces%20No.%2012%20at%20Riverside&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2Fsports%2Fmcclure-aces-no-12-at-riverside%2Farticle_990ddaa4-e80a-56e0-9686-400604147126.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/sports/mcclure-aces-no-12-at-riverside/article_990ddaa4-e80a-56e0-9686-400604147126.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2Fopinion%2Fjim-ross-larson-watterson-still-snubbed-by-nobel-committee%2Farticle_8c7d6339-2007-5023-a48a-11325b443d3e.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=Jim%20Ross%3A%20Larson%2C%20Watterson%20still%20snubbed%20by%20Nobel%20committee&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2Fopinion%2Fjim-ross-larson-watterson-still-snubbed-by-nobel-committee%2Farticle_8c7d6339-2007-5023-a48a-11325b443d3e.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/opinion/jim-ross-larson-watterson-still-snubbed-by-nobel-committee/article_8c7d6339-2007-5023-a48a-11325b443d3e.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2Fbusiness%2Flawrence-county-celebrates-manufacturers%2Farticle_22430996-384e-5212-a449-5dbeb23cb5d5.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=Lawrence%20County%20celebrates%20manufacturers&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2Fbusiness%2Flawrence-county-celebrates-manufacturers%2Farticle_22430996-384e-5212-a449-5dbeb23cb5d5.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/business/lawrence-county-celebrates-manufacturers/article_22430996-384e-5212-a449-5dbeb23cb5d5.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://portal.cityspark.com/EventEntry/EventEntry/TheHeraldDispatch
Title: Add Your Event

Search URL Search Domain Scan URL

URL: https://twitter.com/heralddispatch
Title: Twitter

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://townnews.com/
Title: TownNews.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.heralddispatch.com/ HTTP 301
http://herald-dispatch.com/ HTTP 301
https://www.herald-dispatch.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://www.herald-dispatch.com/tncms/media/thumbnail_candidatenewsbannerv2/ HTTP 302
https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/media/a/b1/ab1c5878-b1e5-11ec-aff4-d34383d0c64f/62473dd3c437d.image.jpg?resize=378%2C78

Request Chain 68

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4136466&time=1665152675919&url=https%3A%2F%2Fwww.herald-dispatch.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4136466%26time%3D1665152675919%26url%3Dhttps%253A%252F%252Fwww.herald-dispatch.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4136466&time=1665152675919&url=https%3A%2F%2Fwww.herald-dispatch.com%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4136466&time=1665152675919&url=https%3A%2F%2Fwww.herald-dispatch.com%2F&liSync=true&e_ipv6=AQKHI-s03CBqngAAAYOy1XNfGQewVB11r3YP7K2bVE62xSO7v6bwclmcrXrYvJbr3iNAm5g2

Request Chain 218

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgOCEr-bQVhABGAEyCM-R4PJsyDmc HTTP 301
https://tpc.googlesyndication.com/simgad/13495212211061845771

Request Chain 219

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgOCEr4bAXxABGAEyCCmx6kL34IPv HTTP 301
https://tpc.googlesyndication.com/simgad/9965562390043455076

Request Chain 303

https://bcp.crwdcntrl.net/5/c=16029/rand=965464567/pv=y/rb=%7B%22meta_tag%22%3A%22the%20herald-dispatch%22%7D/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=16029/rand=965464567/pv=y/rb=%7B%22meta_tag%22%3A%22the%20herald-dispatch%22%7D/rt=ifr

301 HTTP transactions
24 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.herald-dispatch.com/
Redirect Chain

http://www.heralddispatch.com/
http://herald-dispatch.com/
https://www.herald-dispatch.com/

401 KB
61 KB

380ms
178ms

Document
text/html

192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

9f948964d21a572179f5c66287338ad0cbea0d9c96f19ef74703affd5add3a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1418
cache-control: public, max-age=10
content-encoding: gzip
content-length: 60259
content-type: text/html; charset=UTF-8
date: Fri, 07 Oct 2022 14:00:56 GMT
etag: W/71c8da56264165413e3faace67204d1c
last-modified: Fri, 07 Oct 2022 14:00:56 GMT
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.cfb7b302c42616744a59428baa754111.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.81be8dcdc3040973d38ec593fcfe8805.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
vary: X-IPCountry, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.64.0; app2; 0.59s; 6.6M
x-ua-compatible: IE=edge
x-vcache: HIT
x-xrds-location: https://www.herald-dispatch.com/tncms/xrds/
x-xss-protection: 1; mode=block

Redirect headers

age: 170
cache-control: public, max-age=300
content-encoding: gzip
content-length: 1811
content-type: text/html; charset=UTF-8
date: Fri, 07 Oct 2022 14:21:44 GMT
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
location: https://www.herald-dispatch.com/
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.64.1; app15; 0.01s; 1.3M
x-vcache: HIT
x-xrds-location: https://www.herald-dispatch.com/tncms/xrds/
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
34 KB 84ms
41ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 9176348
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: HIT
server: cloudflare
etag: W/"60e609f2-1882c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1cec39bb71-FRA
expires: Wed, 31 Aug 2022 19:01:52 GMT

GET
H2 200 user.js Show response
www.herald-dispatch.com/shared-content/art/tncms/user/ 12 KB
4 KB 96ms
95ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald-dispatch.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:20:22 GMT
content-encoding: gzip
last-modified: Thu, 06 Oct 2022 20:53:09 GMT
x-vcache: HIT
age: 253
etag: W/"633f4035-2f01"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 4332
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 98ms
56ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 181234
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1cec1abb71-FRA
expires: Thu, 25 May 2023 05:59:40 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 32 KB
13 KB 108ms
65ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 366518
cross-origin-resource-policy: cross-origin
last-modified: Thu, 15 Sep 2022 13:14:57 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63232551-8154"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1cec20bb71-FRA
expires: Fri, 22 Sep 2023 23:04:04 GMT

GET
H2 200 tnt.cfb7b302c42616744a59428baa754111.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 22 KB
6 KB 79ms
36ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.cfb7b302c42616744a59428baa754111.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7376ac5d189aa6709ce824da6ab6a3c2c85bacb7cf8dafbf5c423de19c891e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 366518
cross-origin-resource-policy: cross-origin
last-modified: Tue, 12 Jul 2022 17:52:02 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62cdb4c2-580e"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1cec1cbb71-FRA
expires: Wed, 13 Sep 2023 19:01:13 GMT

GET
H2 200 application.81be8dcdc3040973d38ec593fcfe8805.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 92ms
50ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.81be8dcdc3040973d38ec593fcfe8805.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfd126ac0ab625bcf5593a41432b04177248382666e755aeeaf5458a822bee72

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2052870
cross-origin-resource-policy: cross-origin
last-modified: Fri, 09 Sep 2022 13:51:13 GMT
x-vcache: MISS
server: cloudflare
etag: W/"631b44d1-113a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1cec29bb71-FRA
expires: Wed, 13 Sep 2023 19:01:13 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
968 B 90ms
48ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 955492
last-modified: Thu, 23 Jun 2022 13:40:11 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62b46d3b-9ae"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1cec23bb71-FRA
expires: Thu, 06 Jul 2023 19:02:00 GMT

GET
H2 200 bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 79ms
39ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 163629
last-modified: Tue, 04 Jan 2022 21:06:09 GMT
x-vcache: MISS
server: cloudflare
etag: W/"61d4b6c1-1ab8e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1cebfebb71-FRA
expires: Thu, 05 Jan 2023 20:01:26 GMT

GET
H2 200 layout.214f487d157f8d3739105bfac8086bac.css
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 156 KB
28 KB 86ms
46ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.214f487d157f8d3739105bfac8086bac.css

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d3a6046c5bd7ed05c2d929511a0a1b74774f083062876f2bce9333f76c86500

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 163629
cross-origin-resource-policy: cross-origin
last-modified: Fri, 23 Sep 2022 13:03:55 GMT
x-vcache: MISS
server: cloudflare
etag: W/"632daebb-26fdd"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1cec04bb71-FRA
expires: Wed, 27 Sep 2023 19:01:19 GMT

GET
H2 200 theme-basic.6ee2c17f3ef34e32b5fa02524f5978e7.css
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 41 KB
8 KB 89ms
49ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.6ee2c17f3ef34e32b5fa02524f5978e7.css

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10a7a0628a349694c1156941903e2b965e98f1056a4dfea35ec010d09259569b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 5965014
last-modified: Mon, 20 Jun 2022 13:24:17 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62b07501-a44c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1cec17bb71-FRA
expires: Wed, 21 Jun 2023 19:01:14 GMT

GET
H2 200 site.css
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/live/global/resources/styles/ 201 B
287 B 138ms
98ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/live/global/resources/styles/site.css?_dc=1531499659

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46db277207e35c59c276d4484cc079b8fc80d3d0db00a32b7a2875cf7ef177ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1413453
last-modified: Fri, 13 Jul 2018 16:34:19 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5b48d48b-c9"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1cec13bb71-FRA
expires: Sun, 23 Apr 2023 02:03:57 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/16029/ 38 KB
11 KB 40ms
12ms Script
application/json 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/16029/cc.js?ns=_cc16029
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e4b20212d98a2f01baec4f580070ed9fb9ce9504caf76767bf071e744ed5914

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 03:19:18 GMT
content-encoding: gzip
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified: Thu, 24 Feb 2022 00:55:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 39917
x-amz-server-side-encryption: AES256
etag: W/"2afa8effe386b9e3c6592337f19997dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age: 86400
x-amz-cf-id: Xwx8twf7PaS31_wOY1udrSOd60cUxoa3YxEyZS7fwG6YUURHPgvRLA==

GET
H2 200 access.js Show response
www.herald-dispatch.com/shared-content/art/tncms/api/ 86 KB
34 KB 90ms
90ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald-dispatch.com/shared-content/art/tncms/api/access.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de

Request headers

Referer: https://www.herald-dispatch.com/
Origin: https://www.herald-dispatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:19:51 GMT
content-encoding: gzip
last-modified: Fri, 16 Sep 2022 13:21:04 GMT
x-vcache: HIT
age: 283
etag: W/"63247840-15686"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 34923
service-worker-allowed: /

GET
H2 200 user-controls.578df3df79d812af55ab13bae47f9857.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 532 B
441 B 30ms
21ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

321fb426ca5f214a70f2faf9f9ded0e9332a1d134c0279983cb821d50c94b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 163629
last-modified: Fri, 01 Apr 2022 13:29:35 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6246fe3f-214"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1dceb9bb71-FRA
expires: Sun, 23 Apr 2023 02:05:39 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 130ms
43ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ab0b6c27b1556041b306d4ecffd8675c1a08b38b5acec0a85ff75c2baeb8eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27709
x-xss-protection: 0
server: sffe
etag: "1356 / 776 of 1000 / last-modified: 1665141015"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 07 Oct 2022 14:24:35 GMT

GET
H2 200 sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 1 KB
783 B 39ms
31ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 267931
last-modified: Tue, 10 May 2022 15:14:29 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a8155-5bb"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1dcebbbb71-FRA
expires: Thu, 25 May 2023 05:59:41 GMT

GET
H2 200 tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 9 KB
3 KB 90ms
52ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c96243483fe1107223c07f837885d057ec2b7515e349bd51523ab2ef6666bf43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 163629
last-modified: Tue, 10 May 2022 15:14:26 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a8152-24cb"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1cec3bbb71-FRA
expires: Wed, 24 May 2023 10:52:58 GMT

GET
H2 200 tnt.ads.load.6a3c47703ee96f20ef132e36033ca1bc.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 888 B
644 B 32ms
24ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2c2161d216b3f6f05411fb2ae1c43a501c51f1763c450326757baad4af344ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 7361
last-modified: Tue, 10 May 2022 15:14:26 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a8152-378"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1dcebdbb71-FRA
expires: Thu, 25 May 2023 16:16:52 GMT

GET
H2 200 tracking.js Show response
www.herald-dispatch.com/shared-content/art/tncms/ 3 KB
1 KB 92ms
91ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald-dispatch.com/shared-content/art/tncms/tracking.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:19:51 GMT
content-encoding: gzip
last-modified: Thu, 06 Oct 2022 20:53:09 GMT
x-vcache: HIT
age: 283
etag: W/"633f4035-a4b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1149
service-worker-allowed: /

GET
H2 200 admanager.js Show response
www.herald-dispatch.com/shared-content/art/tncms-ad-manager/ 39 KB
13 KB 93ms
91ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald-dispatch.com/shared-content/art/tncms-ad-manager/admanager.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: a95eebd3e069c109f82214724fac3cbd9e0a09071fb20ccf270c2bbb2e57a93c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:23:12 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 20:38:01 GMT
x-vcache: HIT
age: 83
etag: W/"631f98a9-9d77"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 12873
service-worker-allowed: /

GET
H2 200 impressions.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/ads/ 83 B
203 B 166ms
128ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/ads/impressions.js?_dc=1665149711

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

742bf5df4748257a53fb9b64c862e0599ae2b4c3ea9bc2e227665de77f36a825

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
last-modified: Fri, 07 Oct 2022 13:35:11 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63402b0f-53"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1cec32bb71-FRA
expires: Sat, 07 Oct 2023 13:40:21 GMT

GET
H2 200 traffic.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/ads/ 1 KB
888 B 78ms
40ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/ads/traffic.js?_dc=1665117310

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2015cd1d8c00dc3b6a1925c7e516916f87bc5220451ef6c84d2f777403f485b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 7361
cross-origin-resource-policy: cross-origin
last-modified: Fri, 07 Oct 2022 04:35:10 GMT
x-vcache: MISS
server: cloudflare
etag: W/"633fac7e-5fb"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1cec2fbb71-FRA
expires: Sat, 07 Oct 2023 04:40:12 GMT

GET
H2 200 settings.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/ads/ 3 KB
867 B 80ms
42ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/ads/settings.js?_dc=1647636210

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

950fcf7d4ecc0eefbae4ec9125d65f771d5e795377603239b4a7d93ec94987be

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 178294
last-modified: Fri, 18 Mar 2022 20:43:30 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6234eef2-d89"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1cec2bbb71-FRA
expires: Sat, 18 Mar 2023 20:48:46 GMT

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 200 B
276 B 83ms
45ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 372228
last-modified: Tue, 10 May 2022 15:15:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a8184-c8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1cec34bb71-FRA
expires: Thu, 25 May 2023 05:59:40 GMT

GET
H2 200 fontawesome.dd9f72114a809f3dc0619831f68070f4.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 263 KB
95 KB 39ms
32ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.dd9f72114a809f3dc0619831f68070f4.js

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

678d4ac4a14d788e91c631db4c545df5acc5197735f47a9a66d4008a445caede

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 163629
cross-origin-resource-policy: cross-origin
last-modified: Fri, 09 Sep 2022 13:51:30 GMT
x-vcache: MISS
server: cloudflare
etag: W/"631b44e2-41d78"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1dcebfbb71-FRA
expires: Wed, 13 Sep 2023 19:01:13 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
54 KB 171ms
73ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d457e683ab53d5ac997126f5211b5b1a28097fcd855bc6c45d20b51c867f69ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54585
x-xss-protection: 0
server: cafe
etag: 16041238353230721086
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 14:24:35 GMT

GET
H2 200 tracker.js Show response
www.herald-dispatch.com/shared-content/art/stats/common/ 9 KB
3 KB 120ms
119ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald-dispatch.com/shared-content/art/stats/common/tracker.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:19:51 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 15:26:09 GMT
x-vcache: HIT
age: 283
etag: W/"61b0ce91-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 625dba5987e80.image.png
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/media/d/2b/d2bb73b8-bf4c-11ec-a812-eb418bfb87f6/ 20 KB
20 KB 28ms
21ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/media/d/2b/d2bb73b8-bf4c-11ec-a812-eb418bfb87f6/625dba5987e80.image.png

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab3b99d91926220f54ff0e9b80a3c052b646fd969f5ee679cf49bf45ddcffbed

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 45954
cf-polished: origFmt=png, origSize=35928
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="625dba5987e80.webp"
content-length: 20186
cf-bgj: imgq:85,h2pri
last-modified: Mon, 18 Apr 2022 19:22:01 GMT
server: cloudflare
x-vcache: MISS
etag: "625dba59-8c58"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 75674d1dcec1bb71-FRA
expires: Thu, 05 Oct 2023 20:28:07 GMT

GET
H2 200 d0ff6b1a-eb52-11ec-aa4a-8317815f5855.png
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/custom/image/ 14 KB
15 KB 32ms
25ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/custom/image/d0ff6b1a-eb52-11ec-aa4a-8317815f5855.png

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2ead6518019c8006851cafa7890a6b17a2b3fad47cb7010deecdae69eaeebd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 45954
cf-polished: origFmt=png, origSize=26322
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="d0ff6b1a-eb52-11ec-aa4a-8317815f5855.webp"
content-length: 14706
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Jun 2022 19:55:46 GMT
server: cloudflare
x-vcache: MISS
etag: "62a79642-66d2"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 75674d1dcec4bb71-FRA
expires: Thu, 05 Oct 2023 21:29:15 GMT

GET
H2 200 6262aa882ffb0.image.png
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/media/5/5a/55a01b96-c23e-11ec-88ae-6fa7d10cb20c/ 50 KB
50 KB 36ms
29ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/media/5/5a/55a01b96-c23e-11ec-88ae-6fa7d10cb20c/6262aa882ffb0.image.png

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3b0dcb9037334071e7e418d2b3a130bb23b1564ccdca566436fdc40fb2aeb38

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 45954
cf-polished: origFmt=png, origSize=77944
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="6262aa882ffb0.webp"
content-length: 51272
cf-bgj: imgq:85,h2pri
last-modified: Fri, 22 Apr 2022 13:15:52 GMT
server: cloudflare
x-vcache: MISS
etag: "6262aa88-13078"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 75674d1dcec6bb71-FRA
expires: Tue, 19 Sep 2023 20:18:55 GMT

GET
H2 200 7cb1d406-c7d7-11ec-8cbc-df06123ebcd1.jpg
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/custom/image/ 14 KB
14 KB 34ms
28ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/custom/image/7cb1d406-c7d7-11ec-8cbc-df06123ebcd1.jpg

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7810d7a6af36cef7a1b60ccf9f65305b300bd9e621375db8e963848929426e42

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 45954
cf-polished: qual=85, origFmt=jpeg, origSize=21407
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="7cb1d406-c7d7-11ec-8cbc-df06123ebcd1.webp"
content-length: 13942
cf-bgj: imgq:85,h2pri
last-modified: Fri, 29 Apr 2022 16:14:46 GMT
server: cloudflare
x-vcache: MISS
etag: "626c0ef6-539f"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 75674d1dcec7bb71-FRA
expires: Thu, 05 Oct 2023 21:04:04 GMT

GET
H2

200

62473dd3c437d.image.jpg
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/media/a/b1/ab1c5878-b1e5-11ec-aff4-d34383d0c64f/
Redirect Chain

https://www.herald-dispatch.com/tncms/media/thumbnail_candidatenewsbannerv2/
https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/media/a/b1/ab1c5878-b1e5-11ec-aff4-d34383d0c64f/62473dd3c437d.image.jpg?resize=378%2C78

12 KB
12 KB

24ms
23ms

Image
image/jpeg

104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/media/a/b1/ab1c5878-b1e5-11ec-aff4-d34383d0c64f/62473dd3c437d.image.jpg?resize=378%2C78

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc1c1e850ca179e3a8af3b32597ef430c778ecc25ee1ad81998e7d6cd0b13a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 45953
cf-polished: origSize=12208, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 12135
cf-bgj: imgq:85,h2pri
last-modified: Fri, 01 Apr 2022 18:00:51 GMT
server: cloudflare
x-vcache: MISS
etag: "8212c2585d6a25d240e667c148e64137"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 75674d1e8882bb71-FRA
expires: Tue, 03 Oct 2023 17:33:50 GMT

Redirect headers

date: Fri, 07 Oct 2022 12:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6390
content-length: 784
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 01 Apr 2022 18:00:54 GMT
x-vcache: HIT
etag: W/3167a4530799fe0cbc9bd0d4d240af38
x-frame-options: SAMEORIGIN
vary: X-IPCountry, Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/media/a/b1/ab1c5878-b1e5-11ec-aff4-d34383d0c64f/62473dd3c437d.image.jpg?resize=378%2C78
x-tncms: 1.64.0; app15; 0.02s; 1M
cache-control: public, max-age=86400
x-robots-tag: noarchive
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin

GET
H2 200 5b7eeae3bffc1.image.jpg
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/9/7f/97f58b18-a6f7-11e8-b9d2-3f3dc9bc0814/ 9 KB
9 KB 35ms
29ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/9/7f/97f58b18-a6f7-11e8-b9d2-3f3dc9bc0814/5b7eeae3bffc1.image.jpg

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c941fd5cd0422d20628c9f3f0c2a840a7104fe4be62c6f4a3803e97ca9c784d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 9176347
cf-polished: qual=85, origFmt=jpeg, origSize=12519
content-disposition: inline; filename="5b7eeae3bffc1.webp"
content-length: 9420
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 Aug 2018 17:12:03 GMT
server: cloudflare
x-vcache: MISS
etag: "5b7eeae3-30e7"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 75674d1dceccbb71-FRA
expires: Thu, 18 May 2023 21:08:46 GMT

GET
H2 500 connatix.renderer.infeed.min.js
cdn.connatix.com/min/ 0
0 54ms
7ms Script
text/html 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 get.js Show response
cdn.cityspark.com/wid/ 2 KB
1 KB 102ms
10ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cityspark.com/wid/get.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB9) /
Resource Hash: 948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 07 Oct 2022 14:24:35 GMT
content-encoding: gzip
content-md5: DgH26NwpVpUJ7mY3mCxUbA==
age: 137618
x-cache: HIT
content-length: 919
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 07 May 2020 14:25:32 GMT
server: ECAcc (frc/4CB9)
etag: "0x8D7F2927FD84964+gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 70ad9d28-e01e-006c-6d18-d9139a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2014-02-14

GET
H2 200 tnt.ads.core.eb2d788dd02bb4634ca3eb2ee783cd11.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 11 KB
4 KB 18ms
18ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.eb2d788dd02bb4634ca3eb2ee783cd11.js

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

743c538563abf169a1e298a80e06cf976bb508c76d1a38969c5dceaef3348d7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 5409938
last-modified: Mon, 23 May 2022 19:55:02 GMT
x-vcache: MISS
server: cloudflare
etag: W/"628be696-2dd1"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1d8df3bb71-FRA
expires: Wed, 31 May 2023 19:01:39 GMT

GET
H2 200 size.c64dc99a317e16a5077928a82f18f46d.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 635 B
482 B 22ms
22ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/size.c64dc99a317e16a5077928a82f18f46d.js

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d86f6f1dcb959cf9f8bff351c3a90a50d97fb037664b48e7228cabdd70bf32cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 45954
last-modified: Thu, 21 Jul 2022 21:07:06 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62d9bffa-27b"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1dbe84bb71-FRA
expires: Wed, 26 Jul 2023 11:31:55 GMT

GET
H2 200 tnt.poll.aa4a56a35da582e986ed8bbce2004ea4.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/editorial/resources/scripts/ 4 KB
2 KB 32ms
24ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/editorial/resources/scripts/tnt.poll.aa4a56a35da582e986ed8bbce2004ea4.js

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d998fb54196874a655aefd9dff360558af81c3f854b3f2af47660d990a5e3d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 163599
last-modified: Thu, 21 Jul 2022 21:07:50 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62d9c026-f69"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1dbeaabb71-FRA
expires: Thu, 27 Jul 2023 06:25:39 GMT

GET
H2 200 sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 4 KB
2 KB 39ms
31ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c66013cda2311853afac3fb10ca1e7bec5f583d26cfd6eaf8a2a87a610072d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 45954
cross-origin-resource-policy: cross-origin
last-modified: Fri, 23 Sep 2022 13:03:04 GMT
x-vcache: MISS
server: cloudflare
etag: W/"632dae88-1008"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1dceb1bb71-FRA
expires: Wed, 27 Sep 2023 19:03:10 GMT

GET
H2 200 tnt.regions.b44801b45845a81b995eeaad12f4f276.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 25ms
16ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39d6835ee4b7c5b33295b8e6ca78c56ce6fbcf44d80e79d218d528a2453fb185

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 119868
last-modified: Mon, 20 Jun 2022 13:22:52 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62b074ac-1015"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1dceb7bb71-FRA
expires: Wed, 21 Jun 2023 19:01:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 200 KB
68 KB 151ms
59ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e76decd6cc56457739ebe733a209e3178161cdddae4acc3a10d502485434139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68878
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Oct 2022 14:24:35 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 176 KB
44 KB 47ms
7ms Script
application/javascript 13.32.105.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.105.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-105-95.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d5aeb863142a8ddac2ae6d950ad4995d72ecb88e8657e7d9c505459dc930ba7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:06:13 GMT
content-encoding: gzip
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
last-modified: Thu, 06 Oct 2022 22:15:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA60-P1
age: 1103
etag: W/"13600701857be6a3c4cd98a7b8e7133a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: siDIOodoipwRf4B3P4CO7B102vDXkcUrlZ-qyKatYEGmUOHLtI7zIg==

GET
H2 200 / Show response
www.herald-dispatch.com/_services/v1/client_ip_info/ 80 B
175 B 90ms
89ms XHR
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald-dispatch.com/_services/v1/client_ip_info/
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 0ef39fb905169948ed56fd3413b5e74814755613c430281fd9197d747ddd86e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
cache-control: private, max-age=3600
content-length: 80
content-type: application/json

GET
H2 403 tracker.gif
www.herald-dispatch.com/shared-content/art/stats/common/ 0
48 B 90ms
90ms Image
text/plain 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald-dispatch.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=166515267547316001200941036194751&tnms_dt=herald-dispatch.com&tnms_upage=1&tnms_do=www.herald-dispatch.com&tnms_uri=/&tnms_ref=&rt=1665152675481
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
content-length: 0

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0 Show response
heralddispatch.friends2follow.com/f2f/widget/html/socialstack/5/0/12/140/1/1/1/0/ Frame 356E 42 KB
7 KB 334ms
105ms Document
text/html 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/5/0/12/140/1/1/1/0/0

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2194a07fbaeae561b641b07488f895154d98daf15b82dae39b5e2f95ba51da49

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff

Request headers

Referer: https://www.herald-dispatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 107
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 7032
content-type: text/html; charset=UTF-8
date: Fri, 07 Oct 2022 14:24:35 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
server: Apache
vary: Accept-Encoding
via: 1.1 varnish
x-content-type-options: nosniff nosniff
x-varnish: 349111098 349102753
x-varnish-cache: HIT

GET
H2 200 1 Show response
heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/ Frame 5636 59 KB
10 KB 439ms
213ms Document
text/html 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

c0c8cb9221366d28fcb6c25a0774f835e9aecfd31fb501f7a4fbb55db246fc22

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff

Request headers

Referer: https://www.herald-dispatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 107
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 9706
content-type: text/html; charset=UTF-8
date: Fri, 07 Oct 2022 14:24:35 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
server: Apache
vary: Accept-Encoding
via: 1.1 varnish
x-content-type-options: nosniff nosniff
x-varnish: 1666278743 1666270400
x-varnish-cache: HIT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 51ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:35 GMT
Content-Encoding: gzip
Age: 1192
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29223
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
Server: ECS (frb/67D3)
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 / Show response
wvcarfinder.com/event/i/ Frame B88C 616 B
622 B 333ms
109ms Document
text/html 44.194.179.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wvcarfinder.com/event/i/?id=607&e=1&size=300x600C
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.179.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-179-148.compute-1.amazonaws.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 7e06297f17476bc38618e5256930aaef375660fa9f039ec74e1e48b64742ca1b

Request headers

Referer: https://www.herald-dispatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-encoding: gzip
content-length: 395
content-type: text/html; charset=UTF-8
date: Fri, 07 Oct 2022 14:24:35 GMT
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding

GET
H2 200 633f0992b2864.image.jpg
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/0/96/096d0d0f-edf4-5246-bee6-19963e1ea9dd/ 10 KB
10 KB 119ms
119ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/0/96/096d0d0f-edf4-5246-bee6-19963e1ea9dd/633f0992b2864.image.jpg?resize=146%2C200

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6435a8a3ac4212dc8a787603bfd21b717cf0ff74ac929113819ba8392b1b04e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=10148, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Oct 2022 17:00:03 GMT
server: cloudflare
x-vcache: MISS
etag: "b6699cec638bb41281dd5cc05dc85ce0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1ea8ddbb71-FRA
expires: Fri, 06 Oct 2023 20:48:24 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 428 B
793 B 12ms
12ms XHR
application/json 13.32.105.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.herald-dispatch.com&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.105.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-105-95.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 38cbad3f0760fd779e554bb11c9ba0811125c5409237405f99d94d087afcf16c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:16:10 GMT
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
age: 11304
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.herald-dispatch.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 428
x-amz-cf-id: UPJ92faRyRyRAQCEbWhjpQxZS7lgXQycu7zK5k8yvCjWt0WGLD3kZQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 29ms
12ms XHR
application/javascript 13.32.105.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.105.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-105-95.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: YousslGi_alc9N7i1PBVBMNtdY1LkTzi
content-encoding: gzip
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
date: Fri, 07 Oct 2022 14:24:35 GMT
x-amz-cf-pop: FRA60-P1
age: 40962
x-cache: Hit from cloudfront
last-modified: Thu, 06 Oct 2022 01:32:47 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: T0UJPyO8_TYYGJCte6xYR1lhhIBg0yZQWrVksOXLpqCjt9m5_d4G8A==

GET
H/1.1 200
OK widgetinfo Show response
p.cityspark.com/api/widgets/ 40 KB
12 KB 542ms
167ms Script
application/json 52.160.40.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cityspark.com/api/widgets/widgetinfo?wid=8558&callback=jsonp1665153660677
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7a0e0f51c7b9064dc77938cf562114bbf41fb9c189a5702d826bd83a2b4e13f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:35 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 48ms
7ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=77296
accept-ranges: bytes
content-length: 3063

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 56 KB
16 KB 90ms
43ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 13:13:44 GMT
server: cloudflare
x-amz-request-id: BNJ6QE5JEPQ6QZQN
age: 1112
etag: W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 75674d1f3da76958-FRA
x-amz-id-2: hJmPwVJFjVRFjjxB02rGj7iGRK80JkfiG0N/xC3qR9uTKG4G8bnSsVqbVVPjooGi44s5hsva9Y4=

GET
H2 200 pubads_impl_2022100301.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
128 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 10:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130906
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 05 Oct 2023 10:23:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 284 B
176 B 127ms
47ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.herald-dispatch.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36e29eb6ae0d8dab54e3231426b3b0ce3cfe8264caea1c864576ff912bb94535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 151
x-xss-protection: 0
expires: Fri, 07 Oct 2022 14:24:35 GMT

GET
H/1.1 200
OK widget_iframe.7dae38096d06923d683a2a807172322a.html Show response
platform.twitter.com/widgets/ Frame C6D8 320 KB
104 KB 9ms
9ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.herald-dispatch.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.herald-dispatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 663597
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Fri, 07 Oct 2022 14:24:35 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 22fce642-46a8-11e5-abe7-9bde14e42eb5.png
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/custom/image/ 14 KB
14 KB 24ms
24ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/custom/image/22fce642-46a8-11e5-abe7-9bde14e42eb5.png?resize=640%2C81

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08ed2a989efb360915032b1cc11f0e66209db59f4eb7d7907bc281a031ed2441

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 45953
cf-polished: origFmt=png, origSize=27833
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="22fce642-46a8-11e5-abe7-9bde14e42eb5.webp"
cf-bgj: imgq:85,h2pri
last-modified: Wed, 19 Aug 2015 19:26:06 GMT
server: cloudflare
x-vcache: MISS
etag: "23bed4fb85cd867eaa53211abb89902d"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d1f6a95bb71-FRA
expires: Thu, 05 Oct 2023 21:38:05 GMT

GET
H2 200 633f707916cd0.image.jpg
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/a/2b/a2b9dcff-9c26-55e6-8af6-f89df7e7bd1b/ 16 KB
16 KB 131ms
130ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/a/2b/a2b9dcff-9c26-55e6-8af6-f89df7e7bd1b/633f707916cd0.image.jpg?resize=540%2C360

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c803f4059ef5f5cd2455693ccea17601a7e129024f40b9c5f99e7292d462667

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=21686
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="633f707916cd0.webp"
content-length: 16372
cf-bgj: imgq:85,h2pri
last-modified: Fri, 07 Oct 2022 00:19:05 GMT
server: cloudflare
x-vcache: MISS
etag: "2edc52932f9b18934568f1ac8107072a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 75674d1f6a9abb71-FRA
expires: Sat, 07 Oct 2023 14:00:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 349 KB
115 KB 191ms
112ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7816267718295528&plah=www.herald-dispatch.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44f8e596972e9454fd88d1e0c1692c4638b90c8af2926496c26a2b0d9680a858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117214
x-xss-protection: 0
server: cafe
etag: 5237103352196169626
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 14:24:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/ Frame CC56 10 KB
5 KB 119ms
35ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 09:24:44 GMT
etag: 9671129459699598864
expires: Fri, 21 Oct 2022 09:24:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame C6D8 851 B
676 B 149ms
116ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=1122c611835ed6df3fcd1ff6c818d7d9ac962cbc

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.herald-dispatch.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 106
date: Fri, 07 Oct 2022 14:24:35 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 07 Oct 2022 14:24:35 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 73f34a0917f73e8e
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: fd77f4f118b7d5a743f27d3bc114020b56b38a16a8d0064a0a2ff220b22e0681
content-length: 355

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 105ms
32ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 13:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4118
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 07 Oct 2022 15:15:57 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
42 KB 134ms
55ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8591b8ad3524d04da7007f9a721870cb596c4ebda1e7727815a7b43fee3cf954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43105
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Oct 2022 14:24:36 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 162 KB
57 KB 152ms
73ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8c03f0d6246966385c7e6c0bfc7e08677e200d80b6a0fd0d2e11d432dd74a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57996
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Oct 2022 14:24:36 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 62ms
9ms Script
application/x-javascript 2600:9000:223c:f400:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:41:11 GMT
content-encoding: gzip
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 6204
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: itYZigcR7U6AXtP5sPz3x0oLZL74phd8t7yBXcTVOflDgPI0lp0cyw==
expires: Fri, 07 Oct 2022 14:41:11 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4136466&time=1665152675919&url=https%3A%2F%2Fwww.herald-dispatch.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4136466%26time%3D1665152675919%26url%3Dhttps%253A%252F%252Fwww.herald-dispatch.co...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4136466&time=1665152675919&url=https%3A%2F%2Fwww.herald-dispatch.com%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4136466&time=1665152675919&url=https%3A%2F%2Fwww.herald-dispatch.com%2F&liSync=true&e_ipv6=AQKHI-s03CBqngAAAYOy1XNfGQewVB11r3YP7K2bVE62xSO7v6bwcl...

0
266 B

210ms
184ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4136466&time=1665152675919&url=https%3A%2F%2Fwww.herald-dispatch.com%2F&liSync=true&e_ipv6=AQKHI-s03CBqngAAAYOy1XNfGQewVB11r3YP7K2bVE62xSO7v6bwclmcrXrYvJbr3iNAm5g2
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7E753B436F6F4678876C5BBA36FF8B55 Ref B: FRAEDGE1105 Ref C: 2022-10-07T14:24:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXqcpHPDuMFfXAi0K9wgQ==

Redirect headers

date: Fri, 07 Oct 2022 14:24:36 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4D0D26C469284AF2B6EEE5B833D14F36 Ref B: VIEEDGE1317 Ref C: 2022-10-07T14:24:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4136466&time=1665152675919&url=https%3A%2F%2Fwww.herald-dispatch.com%2F&liSync=true&e_ipv6=AQKHI-s03CBqngAAAYOy1XNfGQewVB11r3YP7K2bVE62xSO7v6bwclmcrXrYvJbr3iNAm5g2
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXqcpHKfWLtRsMhtq0MvQ==

GET
H2 200 friends2follow_socialstack.min.css
heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 356E 70 KB
10 KB 107ms
105ms Stylesheet
text/css 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20221006

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/5/0/12/140/1/1/1/0/0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

76347fa5a9acd1fcfce47b162ea30fc9e5f91d3a7092181a01c0695c71ebf66d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/5/0/12/140/1/1/1/0/0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 07 Oct 2022 14:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Jul 2022 15:09:58 GMT
server: Apache
age: 137
vary: Accept-Encoding
content-type: text/css
x-varnish: 349111106 349100683
via: 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 10122
expires: Fri, 21 Oct 2022 14:22:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 356E 5 KB
1 KB 149ms
60ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/5/0/12/140/1/1/1/0/0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 14:16:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 14:24:36 GMT

GET
H2 200 jquery.min.js Show response
heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 356E 91 KB
33 KB 211ms
210ms Script
application/javascript 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20221006

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/5/0/12/140/1/1/1/0/0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

de71fa7acfd31b2b19a4ee556a3772b9c6fe285606ba65830037a3e0670c3bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/5/0/12/140/1/1/1/0/0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 07 Oct 2022 14:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 26 May 2018 17:40:47 GMT
server: Apache
age: 148
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 1666278751 1666267702
via: 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 33080
expires: Fri, 21 Oct 2022 14:22:08 GMT

GET
H2 200 friends2follow_tracking.min.js Show response
tracking.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 356E 6 KB
2 KB 280ms
266ms Script
application/javascript 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_tracking.min.js?v=20221006

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/5/0/12/140/1/1/1/0/0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

f43581454cc4d007baf49f3103c8b754302a7ce5a097f1ef6648a7d1fab3d73e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 07 Oct 2022 14:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 20:39:32 GMT
server: Apache
age: 153
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 1666278753 1666267321
via: 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1605
expires: Fri, 21 Oct 2022 14:22:02 GMT

GET
H2 200 friends2follow_antifraud.min.js Show response
antifraudjs.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 356E 35 KB
11 KB 280ms
268ms Script
application/javascript 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://antifraudjs.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_antifraud.min.js?v=20221006

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/5/0/12/140/1/1/1/0/0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

35344c8fadf8cc7e65b9adc5e6f8a6ebaa48548dc006d8066052775b3e209310

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 07 Oct 2022 14:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Dec 2019 16:40:28 GMT
server: Apache
age: 143
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 349111109 349100353
via: 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 10755
expires: Fri, 21 Oct 2022 14:22:12 GMT

GET
H2 200 friends2follow_socialstack.min.js Show response
heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 356E 97 KB
31 KB 175ms
174ms Script
application/javascript 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.js?v=20221006

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/5/0/12/140/1/1/1/0/0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

d447a9c01e75fa1dfe27c29dfae520fb0be73775ed6eda7a2d13bf1e175ed627

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/5/0/12/140/1/1/1/0/0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 07 Oct 2022 14:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 20:43:15 GMT
server: Apache
age: 139
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 349111107 349100574
via: 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 31199
expires: Fri, 21 Oct 2022 14:22:16 GMT

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 64 B
509 B 194ms
117ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.herald-dispatch.com%2F&pid=psuMSrYdKV3yN&cb=0&ws=1600x1200&v=22.10.32118&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1065710%22%2C%22s%22%3A%5B%222x1%22%5D%2C%22sn%22%3A%22%2F132916964%2C1047893%2Fherald-dispatch.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-849181%22%2C%22s%22%3A%5B%22140x120%22%5D%2C%22sn%22%3A%22%2F132916964%2C1047893%2Fherald-dispatch.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-998323%22%2C%22s%22%3A%5B%22145x51%22%5D%2C%22sn%22%3A%22%2F132916964%2C1047893%2Fherald-dispatch.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-1065701%22%2C%22s%22%3A%5B%221170x90%22%2C%22970x90%22%2C%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F132916964%2C1047893%2Fherald-dispatch.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-1065705%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F132916964%2C1047893%2Fherald-dispatch.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-1065711%22%2C%22s%22%3A%5B%221170x90%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F132916964%2C1047893%2Fherald-dispatch.com%2Fhomepage%22%7D%5D&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: PNKN8EYXPKHFA06SPM56
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.herald-dispatch.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: SGeGZGKXGpmsgxacrLGA6V0ris6S-uftolnACCC3Fn-APQ8RJn85tA==

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
337 B 48ms
9ms XHR
application/json 141.95.98.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3216657.ip-141-95-98.eu
Software: /
Resource Hash: bb9a67c0bd8a184cc47b0a4acc667278e2f666c9b89d319dfd8d5f1931bf4375

Request headers

Referer: https://www.herald-dispatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.herald-dispatch.com
date: Fri, 07 Oct 2022 14:24:35 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
237 B 70ms
10ms XHR
application/json 2001:41d0:701:1000::2fb3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::2fb3 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7f93e8c9625c68c4ff7abbfc01514bd47fa3194608f0843f359a67a710980288

Request headers

Referer: https://www.herald-dispatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.herald-dispatch.com
date: Fri, 7 Oct 2022 14:24:36 GMT
content-length: 54
vary: Origin
content-type: application/json

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ Frame B88C 85 KB
30 KB 73ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: wvcarfinder.com
URL: https://wvcarfinder.com/event/i/?id=607&e=1&size=300x600C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wvcarfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15283"
vary: Accept-Encoding
x-hw: 1665152676.dop146.am5.t,1665152676.cds318.am5.hn,1665152676.cds255.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 barkerweb-607.js Show response
wvcarfinder.com/event/ Frame B88C 268 KB
26 KB 488ms
488ms Script
application/javascript 44.194.179.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wvcarfinder.com/event/barkerweb-607.js?cu=&group=iframe
Requested by: Host: wvcarfinder.com
URL: https://wvcarfinder.com/event/i/?id=607&e=1&size=300x600C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.179.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-179-148.compute-1.amazonaws.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 45696787669ed47169bd459dcbf90d68021538543addb14563c32239249ed6b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wvcarfinder.com/event/i/?id=607&e=1&size=300x600C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, must-revalidate
content-length: 26575
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 356E 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adddf67e951bdd862698d47b291241fe2c63ab0831647afb27d20eb7cc0eaa29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 356E 99 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c166dd0402b60f1b6287f3ddd0c3e124a57eaa47418d2c63c68f13aeadd697ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 356E 153 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7079bd00295a43f5fcf94fc87d3a28e3656207c61672aa6154c2897f09f275b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 356E 106 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdb837c261b2b8d8df4b4ec5555bf11d94db7208b96d249037326c5bd87e4c1f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 356E 174 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28ed0e436b66326d203d34c131b22c2808c9b7eec6f97f0e9fda441d7b33b129

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 friends2follow_socialstack.min.css
heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 5636 70 KB
10 KB 189ms
189ms Stylesheet
text/css 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20221006

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

76347fa5a9acd1fcfce47b162ea30fc9e5f91d3a7092181a01c0695c71ebf66d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Jul 2022 15:09:58 GMT
server: Apache
age: 137
vary: Accept-Encoding
content-type: text/css
x-varnish: 349111113 349100683
via: 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 10122
expires: Fri, 21 Oct 2022 14:22:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5636 5 KB
740 B 57ms
57ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 13:52:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 14:24:36 GMT

GET
H2 200 socialmarketplace-f2f.jpg
heralddispatch.friends2follow.com/sites/rep-am.friends2follow.com/files/styles/large/public/friends2follow_widget_logos/ Frame 5636 10 KB
10 KB 282ms
263ms Image
image/jpeg 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heralddispatch.friends2follow.com/sites/rep-am.friends2follow.com/files/styles/large/public/friends2follow_widget_logos/socialmarketplace-f2f.jpg?itok=U_zaH9EP

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

756da3fa643aa43adcf59a64ba55d5690dc9fdf4a49ce98ace8bc923e4a5e958

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 07 Oct 2022 14:24:36 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
last-modified: Wed, 18 Nov 2020 17:11:17 GMT
server: Apache
age: 0, 0
content-type: image/jpeg
x-varnish: 2014494898, 1666278760
cache-control: max-age=1209600
accept-ranges: bytes, bytes, bytes
content-length: 10221
expires: Fri, 21 Oct 2022 14:24:36 GMT

GET
H2 200 633b4777197b8.image.jpg
bloximages.newyork1.vip.townnews.com/wvgazettemail.com/content/tncms/assets/v3/editorial/c/9b/c9b9bb8d-56d4-583c-8e55-a05a1e4b5f17/ Frame 5636 83 KB
83 KB 41ms
22ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/wvgazettemail.com/content/tncms/assets/v3/editorial/c/9b/c9b9bb8d-56d4-583c-8e55-a05a1e4b5f17/633b4777197b8.image.jpg?crop=1662,873,0,187&resize=1200,630&order=crop,resize&fb_obo=1&utld=fbcdn.net&stp=dst-emg0_q75&ccb=13-1&oh=06_Aaq8zvUjjSKe-gzBi-njAKXsvgCLAGaM-Q_6rWyah8davQ&oe=63412280&_nc_sid=5f3a21

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7650b0eb1e01c60b1467445a1964ae97d099c2dc6778f31472427f9e623c73f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 67835
cf-polished: qual=85, origFmt=jpeg, origSize=89559
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="633b4777197b8.webp"
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Oct 2022 20:35:03 GMT
server: cloudflare
x-vcache: MISS
etag: "41a5f82aedd9fec1e67bf61783c5ead4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d215f5abb71-FRA
expires: Fri, 06 Oct 2023 19:20:16 GMT

GET
H2 200 jquery.min.js Show response
heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 5636 91 KB
33 KB 216ms
195ms Script
application/javascript 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20221006

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

de71fa7acfd31b2b19a4ee556a3772b9c6fe285606ba65830037a3e0670c3bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 26 May 2018 17:40:47 GMT
server: Apache
age: 148
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 1666278758 1666267702
via: 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 33080
expires: Fri, 21 Oct 2022 14:22:08 GMT

GET
H2 200 friends2follow_tracking.min.js Show response
tracking.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 5636 6 KB
2 KB 183ms
163ms Script
application/javascript 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_tracking.min.js?v=20221006

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

f43581454cc4d007baf49f3103c8b754302a7ce5a097f1ef6648a7d1fab3d73e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 20:39:32 GMT
server: Apache
age: 156
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 349111115 349099248
via: 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1605
expires: Fri, 21 Oct 2022 14:22:00 GMT

GET
H2 200 friends2follow_antifraud.min.js Show response
antifraudjs.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 5636 35 KB
11 KB 283ms
263ms Script
application/javascript 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://antifraudjs.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_antifraud.min.js?v=20221006

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

35344c8fadf8cc7e65b9adc5e6f8a6ebaa48548dc006d8066052775b3e209310

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Dec 2019 16:40:28 GMT
server: Apache
age: 140
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 1666278759 1666268153
via: 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 10755
expires: Fri, 21 Oct 2022 14:22:15 GMT

GET
H2 200 friends2follow_socialstack.min.js Show response
heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 5636 97 KB
31 KB 214ms
194ms Script
application/javascript 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.js?v=20221006

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

d447a9c01e75fa1dfe27c29dfae520fb0be73775ed6eda7a2d13bf1e175ed627

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 20:43:15 GMT
server: Apache
age: 139
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 349111116 349100574
via: 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 31199
expires: Fri, 21 Oct 2022 14:22:16 GMT

GET
DATA 200
OK truncated
/ Frame 5636 106 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdb837c261b2b8d8df4b4ec5555bf11d94db7208b96d249037326c5bd87e4c1f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5636 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5665f8390a5ed541cbfd66da58c3212dd18a200dc62a0bd6096e9d9cfd3da9c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 328ms
109ms Image
image/gif 44.193.125.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=herald-dispatch.com&p=%2F&u=DVHjFfBURNXaEDIyU&d=herald-dispatch.com&g=66149&g0=No%20Section&g1=undefined&n=1&f=00001&c=0&x=0&m=0&y=6474&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1547&t=D3krABQ4rFjCeKOsdCHJ7QvCMRzSq&V=136&i=herald-dispatch.com&tz=0&sn=1&sv=BVmqJXBR4-MeCtjULCB0e9q_DRfl1V&sd=1&im=067b2fff&_
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.125.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-125-215.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 07 Oct 2022 14:24:36 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
DATA 200
OK truncated
/ Frame 5636 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adddf67e951bdd862698d47b291241fe2c63ab0831647afb27d20eb7cc0eaa29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5636 99 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c166dd0402b60f1b6287f3ddd0c3e124a57eaa47418d2c63c68f13aeadd697ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5636 851 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c27f83815ee5e82d069d97beb8e40ce3add52e98311b54736ec1ecbf839a8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200 914.json Show response
id5-sync.com/g/v2/ 216 B
633 B 41ms
8ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/914.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

729bfb4c379646cb175d7c0f454ebe6c5876809cf8d380353c379a69cc55b505

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.herald-dispatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.herald-dispatch.com
date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
538 B 151ms
51ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.herald-dispatch.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5636 174 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28ed0e436b66326d203d34c131b22c2808c9b7eec6f97f0e9fda441d7b33b129

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5636 149 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53640ec13a448733648c21fe9ef813b76785a87ae811309cf09da8ffeb37f284

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5636 145 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f870a62996e703f7e9ca99bcbdf5f18b9383f85be71dcb5cd7b4a979a9fceb8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5636 925 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef6077bddf0feb21daa84ecf83fa6dfa41c40f2a4ec5472d396c6f3bcfd97730

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5636 996 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43cd78e70bd0e0bf65c44a14b98484d01f877b5f83304de76ecbeaac136a7173

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK horizon_timeline.a7991bb824d62c8d5038ddd875db8389.js Show response
platform.twitter.com/js/ 8 KB
3 KB 9ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/horizon_timeline.a7991bb824d62c8d5038ddd875db8389.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: f6cd4ac8d4ffaa5a4fd82befb072cca2943bb6e27a832cf68713cfce32c38f4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:36 GMT
Content-Encoding: gzip
Age: 663598
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 2955
Last-Modified: Wed, 28 Sep 2022 20:04:20 GMT
Server: ECS (frb/669F)
Etag: "c908b448c0ca2496f191efa1401a04ff+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
122 B 114ms
113ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?dnt=1&l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1665152676099%2C%22dnt%22%3Atrue%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=1122c611835ed6df3fcd1ff6c818d7d9ac962cbc

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 106
date: Fri, 07 Oct 2022 14:24:35 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 07 Oct 2022 14:24:36 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: d1b0a23b04e2ddbe
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: fd77f4f118b7d5a743f27d3bc114020b56b38a16a8d0064a0a2ff220b22e0681
content-length: 43

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 356E 44 KB
44 KB 125ms
40ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heralddispatch.friends2follow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 329642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 18:50:34 GMT

GET
H2 200 social.woff2
heralddispatch.friends2follow.com/sites/all/modules/friends2follow/font/ Frame 356E 5 KB
5 KB 207ms
207ms Font
text/plain 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/font/social.woff2?49894406

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20221006

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

3ebd026647714647aaa1e9ce958a12670dee2ff940ac4b334d2d718f780400bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20221006
Origin: https://heralddispatch.friends2follow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 07 Oct 2022 14:24:36 GMT
via: 1.1 varnish
x-content-type-options: nosniff
last-modified: Fri, 14 Feb 2020 20:14:31 GMT
server: Apache
age: 0
x-varnish: 349111121
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes, bytes
content-length: 5316
expires: Fri, 21 Oct 2022 14:24:36 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 223 B
420 B 45ms
45ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.herald-dispatch.com&callback=_gfp_s_&client=ca-pub-7816267718295528

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7816267718295528&plah=www.herald-dispatch.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd72e76d7bc762bb706f915decabd68b3b2933ef34d99a73a219b0665f83fd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 5636 44 KB
44 KB 108ms
85ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heralddispatch.friends2follow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 329642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 18:50:34 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 137ms
49ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.herald-dispatch.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 145ms
48ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.herald-dispatch.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.herald-dispatch.com%2F&tn=DIV&id=sticky-anchor&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 14:24:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C172 0
19 B 194ms
110ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7816267718295528&output=html&adk=1812271804&adf=3025194257&lmt=1665151256&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.herald-dispatch.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665152675841&bpp=4&bdt=546&idt=318&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2941000625481&frm=20&pv=2&ga_vid=718849610.1665152676&ga_sid=1665152676&ga_hid=1093172635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31068919&oid=2&pvsid=843843567629664&tmod=1064046313&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=351

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 14:24:36 GMT
expires: Fri, 07 Oct 2022 14:24:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 96 KB
27 KB 33ms
10ms Script
text/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3c21fcdec7e1b94d85c94aac21d969329a41494bc54594e139fdaafdba399ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: i3uu2peqmrsKXJmQkX2D6VLw1eflkz_G
content-encoding: gzip
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
date: Fri, 07 Oct 2022 14:23:16 GMT
x-amz-cf-pop: FRA56-P5
age: 84
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 31 Aug 2022 18:26:28 GMT
server: AmazonS3
etag: W/"56a5d0385c98ba3d3989ec2cab0e94a5"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: tGWL-ydC0W0FgePCPnV9EN0iarxAxFXavYMtxKJ_rXQGl3pmj4delw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e152c2b1dd70b469bc5260c71a464459cf70419f07bb470ecab3eba1132e2b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75338
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 Oct 2022 14:24:36 GMT

GET
H2 200 hd-news-4 Show response
syndication.twitter.com/srv/timeline-list/screen-name/heralddispatch/slug/ Frame 49E5 251 KB
21 KB 887ms
886ms Document
text/html 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/srv/timeline-list/screen-name/heralddispatch/slug/hd-news-4?dnt=true&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.herald-dispatch.com%2F&sessionId=1122c611835ed6df3fcd1ff6c818d7d9ac962cbc&showHeader=true&siteScreenName=heralddispatch&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

a52d5098faa624a10ad792202311ce9b83e93ee1ed1bcb17c7edd61ea05b7294

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, max-age=60
content-encoding: gzip
content-length: 21433
content-type: text/html; charset=utf-8
date: Fri, 07 Oct 2022 14:24:36 GMT
etag: "3ea58-3oj+3rdeZSLFy6wY3Y4w70Cy6HI"
perf: 7626143928
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: fd77f4f118b7d5a743f27d3bc114020b56b38a16a8d0064a0a2ff220b22e0681
x-response-time: 873
x-transaction-id: e1d52bf6766d7d52
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 215 KB
28 KB 437ms
437ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?u_sd=1&bih=1200&iu_parts=132916964%3A1047893%2Cherald-dispatch.com%2Chomepage&pvsid=843843567629664&ifi=2&cookie_enabled=1&dt=1665152676244&dlt=1665152675296&msz=1600x1%7C204x120%7C321x51%7C1600x90%7C370x250%7C1600x-1&bc=31&ga_sid=1665152676&nvt=1&adys=0%2C97%2C161%2C342%2C496%2C1110&scr_x=0&u_w=1600&eid=31069182%2C31069635%2C31070045%2C31070086%2C31070138%2C31068366%2C31068919&vrg=2022100301&prev_scp=pos%3Dimpact-top%26amznbid%3D2%26amznp%3D2%7Cpos%3Dheader_subpromo%2Cheader-promo%26amznbid%3D2%26amznp%3D2%7Cpos%3Dweather-sponsor%2Cweather_sponsor%26amznbid%3D2%26amznp%3D2%7Cpos%3Dleaderboard-one%26amznbid%3D2%26amznp%3D2%7Cpos%3Drectangle-one%26amznbid%3D2%26amznp%3D2%7Cpos%3Dsticky-anchor%26amznbid%3D2%26amznp%3D2&vis=1&ga_vid=718849610.1665152676&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_cd=24&scr_y=0&ga_fc=false&gdfp_req=1&fws=4%2C4%2C4%2C4%2C4%2C516&u_ah=1200&sc=1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&cust_params=browser%3DChrome%26k%3Dthe%2520herald-dispatch%26page%3Dhomepage%252Capp-editorial&lmt=1665151256&idt=646&fsapi=false&u_aw=1600&dmc=8&u_h=1200&ptt=17&btvi=0%7C0%7C0%7C0%7C0%7C0&psz=1600x1%7C204x120%7C321x71%7C1600x90%7C370x250%7C1600x-1&sfv=1-0-38&correlator=1377327185662940&eri=1&abxe=1&frm=20&oid=2&output=ldjh&biw=1600&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600&u_his=2&ucis=1%7C2%7C3%7C4%7C5%7C6&impl=fifs&adxs=799%2C800%2C1034%2C215%2C1015%2C215&prev_iu_szs=2x1%2C140x120%2C145x51%2C1170x90%7C970x90%7C728x90%7C970x250%2C300x250%2C1170x90%7C970x90%7C728x90&ga_hid=1093172635&url=https%3A%2F%2Fwww.herald-dispatch.com%2F&adks=1780002927%2C3075153396%2C190974657%2C2217893518%2C2885611068%2C42920074

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8f46e981d4f0febbe91cb719df936cf7c37bf51dcbb6a0c56477e6fb1a7ac48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28429
x-xss-protection: 0
google-lineitem-id: 6124709974,6124688620,5918083344,6124689730,6124706137,6125584505
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138405426480,138349196407,138380903957,138403411165,138401717795,138407359662
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.herald-dispatch.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 43F3 6 KB
4 KB 173ms
44ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 14:24:36 GMT
expires: Sat, 07 Oct 2023 14:24:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 633f5494d207a.image.jpg
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/9/58/958cfffa-df17-5722-b15d-27f3a6bd9756/ 21 KB
21 KB 131ms
129ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/9/58/958cfffa-df17-5722-b15d-27f3a6bd9756/633f5494d207a.image.jpg?crop=1175%2C1175%2C294%2C0&resize=300%2C300&order=crop%2Cresize

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3c2cae4b455b162046b69983dd9ef385a8b6ba93d88356153c74e16b271e890

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: degrade=85, origSize=23207, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 21335
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Oct 2022 22:20:05 GMT
server: cloudflare
x-vcache: MISS
etag: "29f3df93ee0eb50bfad1969dffa7dde8"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 75674d22ca46bb71-FRA
expires: Sat, 07 Oct 2023 04:20:54 GMT

GET
H2 200 626818a63339c.image.jpg
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/7/4e/74e05482-b1fe-5a26-b0af-b159f2f9fd9a/ 3 KB
3 KB 109ms
106ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/7/4e/74e05482-b1fe-5a26-b0af-b159f2f9fd9a/626818a63339c.image.jpg?resize=150%2C99

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45b166507f459f64a69f2cad241f10c23bab59d1d189f4cf2b317b90c3323e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=3678
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="626818a63339c.webp"
content-length: 3186
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Apr 2022 16:07:02 GMT
server: cloudflare
x-vcache: MISS
etag: "8a459f87f6e6ffb2e527a5022af23717"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 75674d22ca47bb71-FRA
expires: Fri, 06 Oct 2023 04:05:32 GMT

GET
H2 200 6175d79e79a33.image.jpg
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/f/c7/fc7f8638-209a-5726-85eb-81de26488042/ 5 KB
5 KB 135ms
133ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/f/c7/fc7f8638-209a-5726-85eb-81de26488042/6175d79e79a33.image.jpg?resize=150%2C106

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c514d348374995cb497c3c74dfe564beb6af0a288ab0a55a83019fc85d14dc29

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=5007, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 4851
cf-bgj: imgq:85,h2pri
last-modified: Sun, 24 Oct 2021 22:01:02 GMT
server: cloudflare
x-vcache: MISS
etag: "18a28f23a973c5e32071c89c5793e578"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 75674d22ca4abb71-FRA
expires: Sat, 07 Oct 2023 04:06:01 GMT

GET
H2 200 611e870a1c48e.image.jpg
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/b/93/b93747a7-20fa-5262-a5af-c275ba4121c1/ 7 KB
7 KB 114ms
113ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/b/93/b93747a7-20fa-5262-a5af-c275ba4121c1/611e870a1c48e.image.jpg?resize=150%2C150

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa025e4f1f2dcce20eb01854d59b38f6bc0c388d07633623d089ef47ec91be52

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=7214, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 7039
cf-bgj: imgq:85,h2pri
last-modified: Thu, 19 Aug 2021 16:30:02 GMT
server: cloudflare
x-vcache: MISS
etag: "27084c0dfba7dbef33c71097e285b605"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 75674d22ca4cbb71-FRA
expires: Sat, 07 Oct 2023 04:05:16 GMT

GET
H2 200 605cf3d06b3a2.image.jpg
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/2/d6/2d668da2-eaf4-5f42-a9fb-71ffff65b8b8/ 3 KB
4 KB 115ms
113ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/2/d6/2d668da2-eaf4-5f42-a9fb-71ffff65b8b8/605cf3d06b3a2.image.jpg?resize=150%2C107

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

795a688d2b9a53441038a2c7a01ca9231230867506b942e5f725d669fc334889

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=3612, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 3453
cf-bgj: imgq:85,h2pri
last-modified: Thu, 25 Mar 2021 20:34:24 GMT
server: cloudflare
x-vcache: MISS
etag: "af01792c67e61dbcc9d5ab15ab6e1b5d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 75674d22ca4fbb71-FRA
expires: Sat, 07 Oct 2023 04:05:56 GMT

GET
H2 200 social.woff2
heralddispatch.friends2follow.com/sites/all/modules/friends2follow/font/ Frame 5636 5 KB
5 KB 110ms
109ms Font
text/plain 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/font/social.woff2?49894406

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20221006

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

3ebd026647714647aaa1e9ce958a12670dee2ff940ac4b334d2d718f780400bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20221006
Origin: https://heralddispatch.friends2follow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 07 Oct 2022 14:24:36 GMT
via: 1.1 varnish
x-content-type-options: nosniff
last-modified: Fri, 14 Feb 2020 20:14:31 GMT
server: Apache
age: 0
x-varnish: 349111137
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes, bytes
content-length: 5316
expires: Fri, 21 Oct 2022 14:24:36 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
467 B 139ms
45ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.herald-dispatch.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H2 200 tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 2 KB
1 KB 34ms
16ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1536132
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 573
last-modified: Mon, 04 May 2020 16:17:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffd-882"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BR7pZivKF4o06hC3hzXXAkfqiGjv9wDjb1WH7TM%2BPU0FPS%2FC7ltu5pQlM8ZaaeNOrRjKW2rehSr71VeJ6Wct9mjcxiJ4e79pS4Vw%2BF8UbBHRveGm9BlH1ln8hGXq70imSXf1mqTrH1rWwS%2BQw7J6f5%2Fp"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75674d232d186961-FRA
expires: Wed, 27 Sep 2023 14:24:36 GMT

GET
H2 200 one.js Show response
csp.azureedge.net/cdn/OneCol/ 138 KB
61 KB 95ms
34ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/OneCol/one.js?v=7
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 22:43:11 GMT
server: Microsoft-IIS/10.0
etag: "1d8a39c948c0162"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 61870

GET
H2 200 friends2follow_socialstack_on_init.min.js Show response
heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 356E 87 KB
25 KB 107ms
106ms XHR
application/javascript 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack_on_init.min.js

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20221006

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2ef6098b152764c985338092267e7207676c7040d8f12187c4a9b419f1d41e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/5/0/12/140/1/1/1/0/0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2017 17:48:57 GMT
server: Apache
age: 171
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 1666278795 1666265980
via: 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 25376
expires: Fri, 21 Oct 2022 14:21:45 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 805 B
1 KB 21ms
7ms XHR
application/json 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe8390d7cfd8396d63a8c81eb7b91e6d67b84b1ad3cc185ce6d4b5effe1feebd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: U_DmAvTTpoQ6C.9IdBZR.E.jS2H.lkmM
date: Fri, 07 Oct 2022 14:16:05 GMT
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 512
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 805
last-modified: Mon, 29 Aug 2022 20:40:06 GMT
server: AmazonS3
etag: "7bf7698e1a3707083bae5a0fc51dd25e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: m9hwO1mQPiMue1EUkAicBDdb_hW9uXQcZc7-R0aEjyAEE7L0xw7-Hg==

GET
H2 200 f2fi.php
tracking.friends2follow.com/ Frame 356E 43 B
269 B 118ms
118ms Image
image/gif 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.friends2follow.com/f2fi.php?domain=heralddispatch.friends2follow.com&wi=5&it=206/16517/16518,205/16501/16510,205/16501/16502,205/16501/16503,205/16501/16504,205/16501/16505,205/16501/16506,206/16517/16519,206/16517/16520,206/16517/16521,206/16517/16522&ti=1665152568&ha=be0a9efbcc9837c5da42e72868c04baf&fi=2c15e50c4517f3ab4b2847272519e901

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 07 Oct 2022 14:24:36 GMT
via: 1.1 varnish
x-content-type-options: nosniff
server: Apache
age: 0
content-type: image/gif
x-varnish: 349111158
cache-control: must-revalidate
accept-ranges: bytes
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 friends2follow_socialstack_on_init.min.js Show response
heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 5636 87 KB
25 KB 107ms
106ms XHR
application/javascript 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack_on_init.min.js

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20221006

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2ef6098b152764c985338092267e7207676c7040d8f12187c4a9b419f1d41e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2017 17:48:57 GMT
server: Apache
age: 171
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 1666278806 1666265980
via: 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 25376
expires: Fri, 21 Oct 2022 14:21:45 GMT

GET
H2 200 1f4e3.png
twemoji.maxcdn.com/36x36/ Frame 5636 386 B
800 B 42ms
5ms Image
image/png 23.111.9.57
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/36x36/1f4e3.png
Requested by: Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: cdee5d1f278c710038004e10db6cab1179b7fa2a89cdebedea39c969ffe39e02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fastly-request-id: 579c1a50957d60c982139a549894d614778fa290
date: Fri, 07 Oct 2022 14:24:36 GMT
x-proxy-cache: MISS
x-cache: HIT
powered-by: MaxCDN
content-length: 386
last-modified: Thu, 31 Mar 2022 03:24:14 GMT
server: NetDNA-cache/2.2
x-github-request-id: 0819:10185:54512:56218:633EE047
etag: "62451ede-182"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Sun, 06 Nov 2022 14:24:36 GMT

GET
H2 200 1f499.png
twemoji.maxcdn.com/36x36/ Frame 5636 316 B
733 B 42ms
6ms Image
image/png 23.111.9.57
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/36x36/1f499.png
Requested by: Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4ba3590e83d4ea197a7aa2e905f25ab081f363477ab25aaf969907a424109224

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fastly-request-id: 128b679761f7fb1b87fc0cf79233a982e85e3c82
date: Fri, 07 Oct 2022 14:24:36 GMT
x-proxy-cache: MISS
x-cache: HIT
powered-by: MaxCDN
content-length: 316
last-modified: Thu, 31 Mar 2022 03:24:14 GMT
server: NetDNA-cache/2.2
x-github-request-id: 0820:4354:F87AAD:FEFC8B:633CB243
etag: "62451ede-13c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Sun, 06 Nov 2022 14:24:36 GMT

GET
H2 200 1f389.png
twemoji.maxcdn.com/36x36/ Frame 5636 1 KB
1 KB 43ms
7ms Image
image/png 23.111.9.57
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/36x36/1f389.png
Requested by: Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2f198451d4e8eedad66c3ca7ebe39b697b88afd26861cef5b2d2f6abdbcb78ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fastly-request-id: 5175144fb9803755b34c2fbdb2c21034293b3992
date: Fri, 07 Oct 2022 14:24:36 GMT
x-proxy-cache: MISS
x-cache: HIT
powered-by: MaxCDN
content-length: 1026
last-modified: Thu, 31 Mar 2022 03:24:14 GMT
server: NetDNA-cache/2.2
x-github-request-id: 081A:12A47:D998C7:DFCE42:633CA04C
etag: "62451ede-402"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Sun, 06 Nov 2022 14:24:36 GMT

GET
H2 200 1f360.png
twemoji.maxcdn.com/36x36/ Frame 5636 639 B
1 KB 43ms
7ms Image
image/png 23.111.9.57
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/36x36/1f360.png
Requested by: Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 11cb8af2db77970e148ee8bc427e67d276e365343f1434dbc2efad1552e99811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fastly-request-id: e4aea27c723d4720c12731171724c66a53526c14
date: Fri, 07 Oct 2022 14:24:36 GMT
x-proxy-cache: MISS
x-cache: HIT
powered-by: MaxCDN
content-length: 639
last-modified: Thu, 31 Mar 2022 03:24:14 GMT
server: NetDNA-cache/2.2
x-github-request-id: 0802:A763:4B4D9A:4DFF54:633E7F17
etag: "62451ede-27f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Sun, 06 Nov 2022 14:24:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
445 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-54716522-7&cid=718849610.1665152676&jid=628725163&gjid=423693206&_gid=1992365645.1665152676&_u=QCDAgUABAAQCAEAAI~&z=1603471047

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herald-dispatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 07 Oct 2022 14:24:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.herald-dispatch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 106ms
40ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1093172635&t=pageview&_s=1&dl=https%3A%2F%2Fwww.herald-dispatch.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=herald-dispatch.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QCHAAUABAAQCAGAAIAB~&jid=462580601&gjid=296302053&cid=718849610.1665152676&tid=UA-2621936-1&_gid=1992365645.1665152676&_r=1&gtm=2wga50PDQV3N&z=1764711944

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herald-dispatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 14:24:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.herald-dispatch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 101ms
35ms Image
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=1093172635&t=pageview&_s=1&dl=https%3A%2F%2Fwww.herald-dispatch.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=herald-dispatch.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QCDAgUABAAQCAAAAI~&jid=628725163&gjid=423693206&cid=718849610.1665152676&tid=UA-54716522-7&_gid=1992365645.1665152676&gtm=2wga50PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.herald-dispatch.com%2F&cd15=3.155.0&cd16=No&cd17=Page%20View&cm1=591&z=218338723

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 23:15:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54537
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 masonry.pkgd.min.js Show response
heralddispatch.friends2follow.com/sites/all/modules/friends2follow/js/ Frame 356E 23 KB
7 KB 109ms
107ms XHR
application/javascript 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/js/masonry.pkgd.min.js

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20221006

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

13aebf2418a90a3a408fd528fcf45f90027657e5db7cd180312135b639da37c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/5/0/12/140/1/1/1/0/0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2016 21:28:54 GMT
server: Apache
age: 508
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 1666278812 1666241217
via: 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 7034
expires: Fri, 21 Oct 2022 14:16:08 GMT

GET
H2 200 f2fi.php
tracking.friends2follow.com/ Frame 5636 43 B
270 B 112ms
111ms Image
image/gif 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.friends2follow.com/f2fi.php?domain=heralddispatch.friends2follow.com&wi=0&it=91/9559/16534,111/3625/16533,146/7289/16531,136/6325/16530,206/16517/16518,205/16501/16510,91/9559/16532,91/9559/16529,146/7289/16528,146/7289/16527,146/7289/16526,91/9559/16525&ti=1665152568&ha=d0f6bf6c37afe020c22670159e3f4671&fi=2c15e50c4517f3ab4b2847272519e901

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 07 Oct 2022 14:24:36 GMT
via: 1.1 varnish
x-content-type-options: nosniff
server: Apache
age: 0
content-type: image/gif
x-varnish: 1666278813
cache-control: must-revalidate
accept-ranges: bytes
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 870.bundle.323974846b6d45afb45e.js Show response
cdn.segment.com/analytics-next/bundles/ 17 KB
5 KB 8ms
8ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 01:38:35 GMT
x-amz-version-id: qltndKW7QqDrf8ZSZrei2HuGEvEC2x.O
content-encoding: br
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3588362
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 26 Aug 2022 03:04:21 GMT
server: AmazonS3
etag: W/"d471f2a8b801a51bbc09c91b3f90b749"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: hY83wpWvnYKnOOxm20xi5vQqYs5iRyIu5VuAloKCG2B6DAmOtL5SrQ==

GET
H2 200 ajs-destination.bundle.35a8f6f19959bf2f455f.js Show response
cdn.segment.com/analytics-next/bundles/ 10 KB
4 KB 8ms
8ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.35a8f6f19959bf2f455f.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 06:12:31 GMT
x-amz-version-id: 1ps0Y.cQfeUJnD6vrqu.rtfMUGfr8v9x
content-encoding: br
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3139926
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 30 Aug 2022 21:47:48 GMT
server: AmazonS3
etag: W/"e0f89f667fb8d2b50aa8e29a86a4c9b1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: lTOYgk9Ix2axl-QBTBsWvrjhgw8kPFfgSlm2MtA5piFWOJUX7Q6GdQ==

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame B88C 49 KB
20 KB 47ms
36ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: wvcarfinder.com
URL: https://wvcarfinder.com/event/barkerweb-607.js?cu=&group=iframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wvcarfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 13:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4119
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 07 Oct 2022 15:15:57 GMT

GET
H3 200 css
fonts.googleapis.com/ 5 KB
667 B 130ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 13:55:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 14:24:36 GMT

GET
H/1.1 200
OK 441a0802-63f3-4e34-b130-55a14ad5688c.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 137 KB
137 KB 677ms
164ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/441a0802-63f3-4e34-b130-55a14ad5688c.medium.png
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4f13862249864ba7c4f981ee7224a2e749aa4de0c65a3718135dde081c575d14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:37 GMT
Last-Modified: Thu, 01 May 2014 11:29:11 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 0BjPyF+8PwQrO751N1JGtg==
ETag: 0x8D13347B53D9E45
Content-Type: image/png
x-ms-request-id: 07ee8910-b01e-0011-6758-daa705000000
x-ms-version: 2009-09-19
Content-Length: 140140

GET
H/1.1 200
OK mKRtLUjd9kmHG7mMLf9_qQ.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 110 KB
110 KB 678ms
164ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/mKRtLUjd9kmHG7mMLf9_qQ.medium.png
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a7da6af348249ecfba8404327ca37bae257aea1401e5563f4ea5bf7779824882

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:36 GMT
Last-Modified: Fri, 30 Sep 2022 02:29:53 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: iIXhk4+G8TIjY7dq3ZJY/g==
ETag: 0x8DAA28BA89F9D4D
Content-Type: application/octet-stream
x-ms-request-id: 52b7a3c6-401e-0005-1558-daef6a000000
x-ms-version: 2009-09-19
Content-Length: 112513

GET
H/1.1 200
OK L9DIPAEUGkih52l0r1GKhw.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 19 KB
19 KB 677ms
163ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/L9DIPAEUGkih52l0r1GKhw.medium.jpg
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b4eb58b8b86ff36cf7a218336e60171b2bba0c2a3285a47bdbf7a248f58dc9d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:36 GMT
Last-Modified: Wed, 04 May 2022 14:38:14 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: lmf52V5db/5sM0N3/jC7Mg==
ETag: 0x8DA2DDBB8BF9F72
Content-Type: application/octet-stream
x-ms-request-id: 56ddce13-c01e-0079-3b58-dac195000000
x-ms-version: 2009-09-19
Content-Length: 19359

GET
H/1.1 200
OK 292bf5c0-3378-4fc3-a3e1-0be2b872bedd.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 92 KB
93 KB 679ms
164ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/292bf5c0-3378-4fc3-a3e1-0be2b872bedd.medium.png
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 69436320fb0c5066602b4dca53fdabdbb0b3a858eddc808b1f899d0f39639f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:36 GMT
Last-Modified: Sun, 11 May 2014 00:38:23 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: gPCW3vRF23c8gpMgEbALTg==
ETag: 0x8D13AC873660F82
Content-Type: image/png
x-ms-request-id: 52cf33f6-d01e-0065-6158-da93f5000000
x-ms-version: 2009-09-19
Content-Length: 94389

GET
H/1.1 200
OK ceb719e0-945b-447f-9587-138e1092f8ae.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 62 KB
63 KB 681ms
164ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ceb719e0-945b-447f-9587-138e1092f8ae.medium.png
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 256cc0e51b7c20b9daa6af159131dc19984170cfc26af37807f52c90eccf1c7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:36 GMT
Last-Modified: Wed, 24 Sep 2014 09:35:12 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: JTk3d2AfN8w/P3rCBhaRLg==
ETag: 0x8D1A5F1F98F3287
Content-Type: image/png
x-ms-request-id: a3360f9b-401e-0077-4f58-dae825000000
x-ms-version: 2009-09-19
Content-Length: 63843

GET
H/1.1 200
OK LGXcpOd59UyJ-JxjMpl7lw.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 201 KB
201 KB 683ms
165ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/LGXcpOd59UyJ-JxjMpl7lw.medium.png
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 09ea4eb875bcb4f100c4a6eeff44ef3ab4ef7f6970560f42a4a3e69459e9e3f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:36 GMT
Last-Modified: Fri, 26 Aug 2022 09:59:17 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Q1CeX+VSY3NnHz/DHvIzjw==
ETag: 0x8DA8749A3D7DBB1
Content-Type: application/octet-stream
x-ms-request-id: 49a42efe-701e-0053-7858-da1e85000000
x-ms-version: 2009-09-19
Content-Length: 205746

GET
H/1.1 200
OK -T1d4dlankCAYpaUxFZVrQ.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 27 KB
27 KB 163ms
163ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/-T1d4dlankCAYpaUxFZVrQ.medium.jpg
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d11c568b3c68fa7093b315043674672e0400cb76973eab9162517b27c877713d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:37 GMT
Last-Modified: Wed, 27 Apr 2022 09:20:07 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: +w/TD4YlDtRYmj6h55tlfQ==
ETag: 0x8DA282F1EF3F223
Content-Type: application/octet-stream
x-ms-request-id: 56ddce8e-c01e-0079-3058-dac195000000
x-ms-version: 2009-09-19
Content-Length: 27372

GET
H/1.1 200
OK 100dc5f9-05ab-4c73-abee-dd432e67ca6c.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 114 KB
115 KB 164ms
164ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/100dc5f9-05ab-4c73-abee-dd432e67ca6c.medium.png
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d0ed30851cf1f84b900e4f1fb2d9616c940ca29ea9779616a09b1270b65f0544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:37 GMT
Last-Modified: Fri, 18 Oct 2013 01:18:50 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: g8DhRN0fWhxkrxKPigNP7g==
ETag: 0x8D099B7233B038A
Content-Type: image/png
x-ms-request-id: 56ddcee3-c01e-0079-7b58-dac195000000
x-ms-version: 2009-09-19
Content-Length: 116888

GET
H/1.1 200
OK eefd816b-84ec-4764-ad70-5b0dd5375c2b.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 10 KB
10 KB 163ms
163ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/eefd816b-84ec-4764-ad70-5b0dd5375c2b.medium.PNG
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 440a6dd31311ef10c10763ebf4580c89c23529eb17d37dc88cf5f58ed10f535f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:37 GMT
Last-Modified: Sat, 01 Dec 2018 06:29:53 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Ec40IrAnL0CUWYu9GimKvA==
ETag: 0x8D6575667C338BC
Content-Type: image/png
x-ms-request-id: 52cf34af-d01e-0065-0d58-da93f5000000
x-ms-version: 2009-09-19
Content-Length: 10186

GET
H/1.1 200
OK c70c4a0d-6aa3-4a4a-8ffa-b3c92a47f091.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 119 KB
120 KB 165ms
164ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/c70c4a0d-6aa3-4a4a-8ffa-b3c92a47f091.medium.png
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 11394b973a03416f8406ef9e56a68f33c9c2ddf5a48c84102ff82f0192fb02ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:36 GMT
Last-Modified: Fri, 18 Oct 2013 10:46:36 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: /+e8MKZ28ZsGqVTMmNTRLQ==
ETag: 0x8D09A0673E2F59A
Content-Type: image/png
x-ms-request-id: 52b7a435-401e-0005-7a58-daef6a000000
x-ms-version: 2009-09-19
Content-Length: 122181

GET
H/1.1 200
OK acf899f9-3d8d-4a04-8c41-152b3bb6d213.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 114 KB
115 KB 165ms
165ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/acf899f9-3d8d-4a04-8c41-152b3bb6d213.medium.png
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6d5bfc9b31ba66a07163fedf9192da0282a1c13e550910a5c8b2957b657911df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:37 GMT
Last-Modified: Sun, 21 Sep 2014 08:07:05 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: eqxntHq/oc+w9tVd1lrOxw==
ETag: 0x8D1A38A2AF92AF7
Content-Type: image/png
x-ms-request-id: a33610d8-401e-0077-6258-dae825000000
x-ms-version: 2009-09-19
Content-Length: 117124

GET
H/1.1 200
OK 3c30bcb0-9261-4a5c-b136-39cc059e87e5.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 15 KB
16 KB 163ms
163ms Image
image/jpeg 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/3c30bcb0-9261-4a5c-b136-39cc059e87e5.medium.JPG
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7dff6b7dac08052ce77c747c6aa25b16d5466915f3d0c144b7b6ad9c517a8162

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:37 GMT
Last-Modified: Tue, 30 Aug 2022 20:52:34 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: dZ2mMxWLk31uYwC5aKUh6Q==
ETag: 0x8DA8AC9904E5AD4
Content-Type: image/jpeg
x-ms-request-id: 07ee8a16-b01e-0011-5458-daa705000000
x-ms-version: 2009-09-19
Content-Length: 15846

GET
H/1.1 200
OK a0a536eb-06f4-423e-843f-9629f896af22.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 119 KB
119 KB 164ms
164ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/a0a536eb-06f4-423e-843f-9629f896af22.medium.png
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a339a0ba473de39e1703b823b8f38481e9cb5ae87ce52d851f5ca28a8c1f3ceb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:37 GMT
Last-Modified: Fri, 18 Oct 2013 00:08:06 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: SMbDyBqWTVmHOhvEbKJ0Sw==
ETag: 0x8D099AD41783E08
Content-Type: image/png
x-ms-request-id: 52cf34eb-d01e-0065-4558-da93f5000000
x-ms-version: 2009-09-19
Content-Length: 121755

GET
H/1.1 200
OK 5330dd02-b1ab-4ead-9f6c-9fc70868d3d0.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 122 KB
122 KB 164ms
164ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/5330dd02-b1ab-4ead-9f6c-9fc70868d3d0.medium.png
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 66f44ab59e0e9697da0257cacfe11d681ee522d918e6d7b385f965b65c89b4f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:37 GMT
Last-Modified: Fri, 18 Oct 2013 01:13:10 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: MmL1yRMAOjOqyPprW3kxlQ==
ETag: 0x8D099B6581BA4AD
Content-Type: image/png
x-ms-request-id: 56ddcf73-c01e-0079-7b58-dac195000000
x-ms-version: 2009-09-19
Content-Length: 125020

GET
H/1.1 200
OK iH_KlULCmU-Cwtpn-pMkjA.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 16 KB
16 KB 164ms
164ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/iH_KlULCmU-Cwtpn-pMkjA.medium.jpg
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1e260e89667ff4949eaaf84b8beff91ff1a1bb5cb56588adad7efabe9d59230d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:37 GMT
Last-Modified: Thu, 05 May 2022 16:28:12 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: fzdZGQWQeSQg3mT7kAXpjA==
ETag: 0x8DA2EB43F97DEFF
Content-Type: application/octet-stream
x-ms-request-id: 49a4301a-701e-0053-0358-da1e85000000
x-ms-version: 2009-09-19
Content-Length: 15874

GET
H/1.1 200
OK lVHq3C6duE6pl9SiSt1AlA.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 43 KB
44 KB 165ms
165ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/lVHq3C6duE6pl9SiSt1AlA.medium.jpg
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ff5b4c5c3af5d16072ae13c7340df4b287600a90174c77e147041c0fac31ba44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:37 GMT
Last-Modified: Tue, 21 Jun 2022 05:50:33 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: llMhA3+Zty8JwpeHnf+HzA==
ETag: 0x8DA5349F53E350B
Content-Type: application/octet-stream
x-ms-request-id: 07ee8a5e-b01e-0011-1a58-daa705000000
x-ms-version: 2009-09-19
Content-Length: 44213

GET
H/1.1 200
OK 9f80659b-ca24-4b21-bc3b-0bfece3dbf88.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 122 KB
122 KB 164ms
164ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/9f80659b-ca24-4b21-bc3b-0bfece3dbf88.medium.png
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4f05f8266ff9aca5933fb3f21379435e99b76e704c772c828e5e129b09ad119c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:37 GMT
Last-Modified: Fri, 18 Oct 2013 01:46:12 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: a1RxFRc7MgS0YGWBZpgTpA==
ETag: 0x8D099BAF5EA19FD
Content-Type: image/png
x-ms-request-id: 52b7a484-401e-0005-4258-daef6a000000
x-ms-version: 2009-09-19
Content-Length: 124488

GET
H/1.1 200
OK MPMue-9KVUSoC_Ed3tuu_A.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 199 KB
199 KB 165ms
165ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/MPMue-9KVUSoC_Ed3tuu_A.medium.png
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 71667cd92eaf983e6b583c3295b21b538429e47c1afc524b585c6d3a2662b7bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:37 GMT
Last-Modified: Fri, 30 Sep 2022 02:29:04 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: IIqGUiQ7OhLS5jklxSRhXQ==
ETag: 0x8DAA28B8AF093DD
Content-Type: application/octet-stream
x-ms-request-id: a3361164-401e-0077-6558-dae825000000
x-ms-version: 2009-09-19
Content-Length: 203339

GET
H/1.1 200
OK 8c730a9c-061c-4b5f-8bdf-82f877bf6eee.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 54 KB
55 KB 163ms
163ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/8c730a9c-061c-4b5f-8bdf-82f877bf6eee.medium.png
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0be45014aef8607a3529120ae6e8e58dc010ff02edfed411afe8d73395f9baf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:37 GMT
Last-Modified: Fri, 18 Oct 2013 10:49:57 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: emoZVljH69wH7rGGqI3OwQ==
ETag: 0x8D09A06EBBCBCFA
Content-Type: image/png
x-ms-request-id: 56ddcfd9-c01e-0079-5458-dac195000000
x-ms-version: 2009-09-19
Content-Length: 55748

GET
H/1.1 200
OK KApQZwMPV0iRV0mhFPYADw.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 23 KB
23 KB 165ms
165ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/KApQZwMPV0iRV0mhFPYADw.medium.jpg
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1f7e0e0b3e4d94a9cc4e5e3c0859fa43e6c0cf585db9f2ac7bcd5c67a8435b6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Oct 2022 14:24:37 GMT
Last-Modified: Wed, 25 May 2022 02:22:07 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: HvwEzhD3XSmjyDx1mEqMKw==
ETag: 0x8DA3DF55D73EFAE
Content-Type: application/octet-stream
x-ms-request-id: 49a43059-701e-0053-3e58-da1e85000000
x-ms-version: 2009-09-19
Content-Length: 23237

GET
H2 200 masonry.pkgd.min.js Show response
heralddispatch.friends2follow.com/sites/all/modules/friends2follow/js/ Frame 5636 23 KB
7 KB 106ms
106ms XHR
application/javascript 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/js/masonry.pkgd.min.js

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20221006

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

13aebf2418a90a3a408fd528fcf45f90027657e5db7cd180312135b639da37c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2016 21:28:54 GMT
server: Apache
age: 394
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 349111181 349082502
via: 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 7034
expires: Fri, 21 Oct 2022 14:18:02 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1A76 0
0 75ms
74ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttpdGhAV7TV8cxE8x8btmNr-8MQ3I9fd6Ruvws3cXRN9a7kimox0KOEMhYkRCV7Wa2q3NoYu_JazBg2xvdWH_kSzx7D1Yyw4E-_XRC4Q6_pt8NieiP1UF8Ue_O7Jv1jb5juD-Uv3LyxFMxxaK8e27bNMSk4mjrK9je64Tp8RxUctQg4oDs-CzBk6tbARzZQd9H3Eos-Qft1ZR-m4dRweNaaTWhSorH5hjwrhDRou_QtZ0ASPyqA3q2eKxIFXzt1yS9wAx1ZGRITlXZXVf1os31PwKfmplw7pFQtr5elsuAsEHYzM8MTyiJtJJfYKjJ6Czu8zIpLgQyS7Liph3jQEstumtSUF4bHSUM6vCzPg&sai=AMfl-YTmXTVPYh-UeRzFo096wuLHK28DHkqBBAps172rdnUw4MOG0N-NLPl1wgpHntkQXdYSH83YAcSNZMHb5XZQqOsqMHFcsmTkMdBujF12huEzwpRF_rsz6t981LOdOJBUcpFC&sig=Cg0ArKJSzBSrnEUksriyEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Oct 2022 14:24:36 GMT

GET
H2 200 reveal.e5d561a6b71aa2730a07fa90f5f4f6d6.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/templates/ Frame 1A76 8 KB
2 KB 125ms
124ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/templates/reveal.e5d561a6b71aa2730a07fa90f5f4f6d6.js

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

648020d63cb5cdaf56ba54fcbc03fcab9edeaeba50c2fd630ef777fe715a6441

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Feb 2022 14:24:15 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6216438f-1e51"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d25e9a5bb71-FRA
expires: Wed, 01 Mar 2023 20:05:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A76 142 KB
45 KB 228ms
112ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 14:24:36 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 091E 0
0 80ms
79ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7l7dKmlomZIBERwvPGDcjp_-qL95myv8AG5eu0Dlio6vaC2PuVqidI4ZkeI7fBc7nIN5nm3BZPTUjS_6se90a1joVz_OQefaCGtDT_xMxiqR7gV38dPZK6dGwK2WmDV1RclmFgxWaFUwhbDmsC4IVbdun36k_a7jJRRP14d-EnouTE1tAyR5DZT8S-N7YhXzG2oC1w5JmWPct4dq-NdejcsXfWgyLmXEIPYE9sy60J96OlHCiweyBoLW1BOJipO7Dzb3yt2KusI6ADYBXmjjPZd55ucGPkPNU-Z_QIjnWinJ09TNoWl00U0MrN5Vi4rsNj6EIYLvTxdBO31okN5pNMEwlW7p3xb0dJg&sai=AMfl-YT2UGCBHr7DsD7PdC5K8h4X5hV6yCCBYOJakxzAEPJ97NF1f9momLoHdN-OIqQpX5MsyPN1-N4dabhJXFOQm-Wm3wj-3a4stjtxMpTDvsKsGUp4MCRljVJ1i2MoibnzT-gw&sig=Cg0ArKJSzEw5-MdQrrATEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Oct 2022 14:24:36 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame 091E 23 KB
10 KB 141ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 14:24:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 091E 3 KB
1 KB 255ms
152ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 14:24:28 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 091E 0
0 148ms
46ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAFYO3z-_7dva9fbOs6nWIwNPhCl2-frhv02readV_nVKEyO89eJMOMbtyc-FH1KgFzs6BYtrJBA2fpu5bshNjDEB_Tg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 091E 142 KB
44 KB 327ms
225ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 14:24:36 GMT

GET
H2 200 15737215171233048115
tpc.googlesyndication.com/simgad/ Frame 091E 12 KB
12 KB 164ms
115ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15737215171233048115

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de982c092a4718616dc90f1c33836676cf98479a5208980eabbb5c0449f80c3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:56:46 GMT
x-content-type-options: nosniff
age: 343670
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12228
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 16:50:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Oct 2023 14:56:46 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C443 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9goOb68fSgQsn8OAXj0RBNizzH1S3TolH6-YcDRC9Sj_PBySIqxIhGA0QTT_-eKUOa2RmpMik3C75QjeggrXqDfR7E7cOvw0CJQQ1xh67pJbmeXFk6WW6oOSt6jmZiH6P-nflpuZOLbWjnwWYSgAPjJLR43smOD-X7dy4-sJ3k0Hct9A7Tvl1PFwy6EKPeVlIDWB1WtBpoP0yVGFw6NBjMKDkI7nhHJi4PRjPFvcC23WW9xkQ2DkU7uHW92CtUu9msMVNdItmI0CCEP2L0pN4DWnOjdEZBgFkjJKhTlAh3WePY2yzFc16ANq_XZH3SxD-EjAcQ2-yOIdK6wBY9MmILhOx24tMC8qg0g&sai=AMfl-YRHadE75lq4zsywV_poOEXweTSvteT9OBYV5eRCuWJqQcuzupFkQOuIAHsJTGQBbe-DkumzoGfwGhOjJP6nHgHwUIU_cpwH91U7BEhuXbPZUsQUibprMiKoYn_2KDfo2lN7&sig=Cg0ArKJSzJHYYZZGiCNBEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Oct 2022 14:24:36 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame C443 23 KB
9 KB 134ms
44ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 14:24:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame C443 3 KB
1 KB 119ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 14:20:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C443 0
0 135ms
47ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHpYPVLKc-tewjxTVOaO2kv0qM7ycAGCbB3k1xzfATaf3NUsSC35xHHy2aaQW7PK0EJA89rgupi80xebbOgGVdQQTyHA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C443 142 KB
44 KB 199ms
199ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 14:24:36 GMT

GET
H2 200 10702233540133056615
tpc.googlesyndication.com/simgad/ Frame C443 8 KB
8 KB 160ms
112ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10702233540133056615

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85c8b9e92856fa6ac6a44d2c4d49e00a2048b1155822be7d0343a2d793225cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 07:28:16 GMT
x-content-type-options: nosniff
age: 24980
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8396
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 17:12:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 07:28:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 78BA 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQyib6YDIAT5g4r5tau6TtUjwapElFjwivgrDLMEXseIuluTKl-1ZMNnSMfZnpcDfhdbtcF-fjw2M29qDNHtDiyrDdhRq-Cbecy2Pjbcf7gvTQNAmRvj944udBYKpiCCKoWFdSxFpw2_stPiIa07TEWY0-UGZ6ngu3zXcD68KCl0Qmi6UM0SPAFldlw4dQF7_aPKfpRogL4u58U2p_Z5-NMKDY_zbW0Pwg8lSprlWeceRIyqyT4rYZ_OeaTtxp3d3iNT4f3HcPC5Am_lGUBu8kXBO4BKHjrm2EDFpswIAFCqKgriR2eqcQ90EmMSlyLPsXS0mnYmDIkDCgLofoKGNvDgg9tMU_Gyeh3k3nOw&sai=AMfl-YQjVpTUrlb0crpJOWKB_7n0ESSdJ5o09005rfKemGdMzc3XHNv-I4-sqzDVkdGz37M3A75ZP30AE9A5LLDP07nkXAPxftV6168o42A_CbNbrd7UYZ6H7QiAaXC-C7iiwb2T&sig=Cg0ArKJSzIj1v9h8THBeEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Oct 2022 14:24:36 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame 78BA 23 KB
9 KB 131ms
52ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 14:24:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 78BA 3 KB
1 KB 121ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 14:20:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 78BA 0
0 135ms
47ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTibbbVBtsONMd_DCpEzr-rJ1WA-_zTfp5BUuG0aIUn38kN99yDbfdp36DWIWasE3hG3MZ2SC56mC-HkRq6iMD_poEVjQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78BA 142 KB
44 KB 161ms
161ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 14:24:36 GMT

GET
H2 200 7276915537275025438
tpc.googlesyndication.com/simgad/ Frame 78BA 46 KB
46 KB 171ms
123ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7276915537275025438

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e5996c9d7e412cc74537086b0208baa1513eea21c576a8442832f621ec1e14f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:16:25 GMT
x-content-type-options: nosniff
age: 7691
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46752
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 18:30:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 12:16:25 GMT

GET
H3 200 container.html Show response
d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D5B8 6 KB
3 KB 120ms
40ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 14:24:36 GMT
expires: Sat, 07 Oct 2023 14:24:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8C79 0
0 76ms
75ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_K9Ix-LT4UqnwFbeO-YqQfYTjXclciaf5gE3atPXvNNihjCVNHvp43XppYfrKoMa4BuCNs3jdpm-8ss8-NRIIG08PxGINhWV5y7NYKYaMM4JAGQH9V68oZYRNt5sfyIDg4GFWOSoJGvWDQt0ClkRU2UHSlyYGjvxe1679doPd8fFTAhDCWft5Vuazv1CQlbCRQkZjQyyCZPcNiH1fh2b5O6nEZMQw8qjNnYu6927iGd6O0rYq1hR0g6ENb5dUHN0B17t9SI0vVfvBwbJyZFGEJcY6HPM94nHYoyMnHPj8-jU0I5236VuQUA7m7gcgmC6fclJ5Y-gi23WnIaVsD-2jTMCP1nHU3t4HYQ&sai=AMfl-YSIEpdgSntu35QyRTMupFl0I8jFMDPic0Cz5wDIHdQIdidxLyXko-PS9xKU11jiRGlDfwYf9ujvh2DRZsbdM88rv0-v-cL3Xs0WxFCycyByzb6-F2H1iOGNpdp9ojjmMzV5&sig=Cg0ArKJSzKyj1yCSSOsxEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Oct 2022 14:24:36 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame 8C79 23 KB
9 KB 137ms
77ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 14:24:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 8C79 3 KB
1 KB 121ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 14:20:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8C79 0
0 134ms
46ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRkX-t6gZ5wj0jTesnBsI6zTAHnfBl9_nJ6Pgje8HoevHhrgAY4heCrJEOhyQfrfUS0_WSuZDP9szFOzyTX89dW30TMbg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C79 142 KB
44 KB 183ms
183ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 14:24:36 GMT

GET
H2 200 12535034211520578296
tpc.googlesyndication.com/simgad/ Frame 8C79 55 KB
56 KB 133ms
85ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12535034211520578296

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd714a1cd28004a00a07853ff46c04b21e1912c766992670b3bee9bc55cf7f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:38:36 GMT
x-content-type-options: nosniff
age: 6360
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56661
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 20:38:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 12:38:36 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 55ms
19ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2621936-1&cid=718849610.1665152676&jid=462580601&gjid=296302053&_gid=1992365645.1665152676&_u=QCHAAUABAAQCAGAAIAB~&z=1040051567

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herald-dispatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 07 Oct 2022 14:24:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.herald-dispatch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 friends2follow_infinitescroll_and_share_follow.min.js Show response
heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 356E 24 KB
13 KB 107ms
106ms XHR
application/javascript 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_infinitescroll_and_share_follow.min.js

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20221006

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

479789ebc7c7b79e6b0a3cd5769880403fedb19890b2c1a959cdd9a400f90db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/5/0/12/140/1/1/1/0/0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2017 17:48:57 GMT
server: Apache
age: 356
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 1666278828 1666252882
via: 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 13249
expires: Fri, 21 Oct 2022 14:18:41 GMT

GET
H2 200 607.css
wvcarfinder.com/fledit/get/barkerweb/ Frame B88C 141 KB
12 KB 115ms
112ms Stylesheet
text/css 44.194.179.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wvcarfinder.com/fledit/get/barkerweb/607.css?minify=0
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.179.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-179-148.compute-1.amazonaws.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 055db483073be6887312fe46ebb4f63749e59bbb14096b98396cc8544240de62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wvcarfinder.com/event/i/?id=607&e=1&size=300x600C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
content-length: 12009
vary: Accept-Encoding
content-type: text/css;charset=UTF-8

GET
H3 200 css
fonts.googleapis.com/ Frame B88C 27 KB
1 KB 56ms
53ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:800|Open+Sans:800,800i,300,500,600,700|Roboto:300,400,500,600,700,900

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10711b755c9a6641092bc38136dd7304c15eed5d68fe549fff987de7f677efed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wvcarfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 14:24:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 14:24:36 GMT

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame B88C 30 KB
6 KB 49ms
25ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wvcarfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2206559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9nxtiY8IKGvqgmO%2Fk2vHYcO3726Pl961vJaQ0rRcHL2RBRuO0aDvbWh%2BB5wsJ0KvZBciXr3ZtoYmjcshd2SEeFrVAKRMSXA7EWISOOFYJmjCxihFBDyoMNxuUsZld6DI1CQIdhDh5SR0VBfylmt89db"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75674d269b7c9a1d-FRA
expires: Wed, 27 Sep 2023 14:24:36 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 110ms
36ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.herald-dispatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 329642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 18:50:34 GMT

OPTIONS
H2 204 trackings
analytics-prd.aws.wehaa.net/api/v1/ Frame 0
0 340ms
105ms Preflight 54.92.238.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.238.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-238-99.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cat,x-tenant
Access-Control-Request-Method: POST
Origin: https://wvcarfinder.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-cat,x-tenant
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 07 Oct 2022 14:24:37 GMT
vary: Origin, Access-Control-Request-Headers

OPTIONS
H2 204 trackings
analytics-prd.aws.wehaa.net/api/v1/ Frame 0
0 340ms
105ms Preflight 54.92.238.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.238.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-238-99.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cat,x-tenant
Access-Control-Request-Method: POST
Origin: https://wvcarfinder.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-cat,x-tenant
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 07 Oct 2022 14:24:37 GMT
vary: Origin, Access-Control-Request-Headers

OPTIONS
H2 204 trackings
analytics-prd.aws.wehaa.net/api/v1/ Frame 0
0 340ms
106ms Preflight 54.92.238.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.238.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-238-99.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cat,x-tenant
Access-Control-Request-Method: POST
Origin: https://wvcarfinder.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-cat,x-tenant
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 07 Oct 2022 14:24:37 GMT
vary: Origin, Access-Control-Request-Headers

OPTIONS
H2 204 trackings
analytics-prd.aws.wehaa.net/api/v1/ Frame 0
0 339ms
106ms Preflight 54.92.238.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.238.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-238-99.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cat,x-tenant
Access-Control-Request-Method: POST
Origin: https://wvcarfinder.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-cat,x-tenant
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 07 Oct 2022 14:24:37 GMT
vary: Origin, Access-Control-Request-Headers

POST
H2 200 trackings Show response
analytics-prd.aws.wehaa.net/api/v1/ Frame B88C 481 B
597 B 244ms
242ms XHR
application/json 54.92.238.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Requested by: Host: wvcarfinder.com
URL: https://wvcarfinder.com/event/barkerweb-607.js?cu=&group=iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.238.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-238-99.compute-1.amazonaws.com
Software: /
Resource Hash: f59129e6871b99bd502df0cc620a0c96e79c84c082b33beb4db5e3119ddd721d

Request headers

Referer: https://wvcarfinder.com/
accept-language: de-DE,de;q=0.9
x-cat: dealers
x-tenant: ua-125407218-27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 07 Oct 2022 14:24:37 GMT
content-length: 481
vary: Origin
content-type: application/json; charset=utf-8

POST
H2 200 trackings Show response
analytics-prd.aws.wehaa.net/api/v1/ Frame B88C 459 B
575 B 243ms
242ms XHR
application/json 54.92.238.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Requested by: Host: wvcarfinder.com
URL: https://wvcarfinder.com/event/barkerweb-607.js?cu=&group=iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.238.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-238-99.compute-1.amazonaws.com
Software: /
Resource Hash: 0be265d6b4f56c3d40ec47e234043900942a76bc20dc72648c797bedfe7d4e61

Request headers

Referer: https://wvcarfinder.com/
accept-language: de-DE,de;q=0.9
x-cat: dealers
x-tenant: ua-125407218-27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 07 Oct 2022 14:24:37 GMT
content-length: 459
vary: Origin
content-type: application/json; charset=utf-8

POST
H2 200 trackings Show response
analytics-prd.aws.wehaa.net/api/v1/ Frame B88C 481 B
597 B 242ms
241ms XHR
application/json 54.92.238.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Requested by: Host: wvcarfinder.com
URL: https://wvcarfinder.com/event/barkerweb-607.js?cu=&group=iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.238.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-238-99.compute-1.amazonaws.com
Software: /
Resource Hash: b46b33c3e5937f84a5aa5fe2abdf71b117ad979b98e8e98d1cf56ecc09e4a8bf

Request headers

Referer: https://wvcarfinder.com/
accept-language: de-DE,de;q=0.9
x-cat: dealers
x-tenant: ua-125407218-27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 07 Oct 2022 14:24:37 GMT
content-length: 481
vary: Origin
content-type: application/json; charset=utf-8

POST
H2 200 trackings Show response
analytics-prd.aws.wehaa.net/api/v1/ Frame B88C 436 B
552 B 242ms
242ms XHR
application/json 54.92.238.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Requested by: Host: wvcarfinder.com
URL: https://wvcarfinder.com/event/barkerweb-607.js?cu=&group=iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.238.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-238-99.compute-1.amazonaws.com
Software: /
Resource Hash: c98f28b7089f709fc35e5f39e0f729a29c8b342b8addf5e9fbfdc5726fed14eb

Request headers

Referer: https://wvcarfinder.com/
accept-language: de-DE,de;q=0.9
x-cat: dealers
x-tenant: ua-125407218-27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 07 Oct 2022 14:24:37 GMT
content-length: 436
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 img.8223863.jpg
cars-static.wehaacdn.com/autoevents-aws-wehaa-net/web/images/ Frame B88C 19 KB
19 KB 178ms
149ms Image
image/jpeg 108.138.17.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cars-static.wehaacdn.com/autoevents-aws-wehaa-net/web/images/img.8223863.jpg
Requested by: Host: wvcarfinder.com
URL: https://wvcarfinder.com/event/i/?id=607&e=1&size=300x600C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 599ca10e6383cbb88ef78198c3f06554e4311fab2c6c64ffd7aa574f28333faa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wvcarfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Wed, 19 Oct 2022 00:00:00 GMT", rule-id="keep-30-days"
last-modified: Sun, 18 Sep 2022 22:38:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
etag: "ec9c565a0a5bb4f438a9710a8d2b4948"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
content-length: 19434
x-amz-cf-id: sMTMJ1kOH2nNIwAge8IdS-IScZ9Ckd-oA5RNUPS72IbEWyJ0_KLq_A==

GET
H2 200 img.18404220.588x0.0.jpg
cars-static.wehaacdn.com/autoevents-aws-wehaa-net/web/images/ Frame B88C 40 KB
41 KB 173ms
150ms Image
image/jpeg 108.138.17.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cars-static.wehaacdn.com/autoevents-aws-wehaa-net/web/images/img.18404220.588x0.0.jpg
Requested by: Host: wvcarfinder.com
URL: https://wvcarfinder.com/event/i/?id=607&e=1&size=300x600C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2226bb923563d3d7508085496671e90443211a38c8b82ff865bf74e35c245b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wvcarfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Mon, 07 Nov 2022 00:00:00 GMT", rule-id="keep-30-days"
last-modified: Fri, 07 Oct 2022 06:27:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
etag: "d7da4b90b0ca9b2e89ebe2f81b7f3973"
x-cache: Miss from cloudfront
content-type: image/jpeg
content-length: 41299
x-amz-cf-id: StpDttX5JroOyNHgmTWv_raZR_a5UTE83EjU4qcQfumv8lxIz8c9pg==

GET
H2 200 img.18404178.588x0.0.jpg
cars-static.wehaacdn.com/autoevents-aws-wehaa-net/web/images/ Frame B88C 41 KB
41 KB 175ms
152ms Image
image/jpeg 108.138.17.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cars-static.wehaacdn.com/autoevents-aws-wehaa-net/web/images/img.18404178.588x0.0.jpg
Requested by: Host: wvcarfinder.com
URL: https://wvcarfinder.com/event/i/?id=607&e=1&size=300x600C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b09d740d2214a9ac8f6ae016291ce7ee88feb0adf10d788615032edae2a4929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wvcarfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:37 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Mon, 07 Nov 2022 00:00:00 GMT", rule-id="keep-30-days"
last-modified: Fri, 07 Oct 2022 06:29:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
etag: "b0072c2b1f21ccf3d40cc57d69bec7f5"
x-cache: Miss from cloudfront
content-type: image/jpeg
content-length: 41891
x-amz-cf-id: 04HYytzIChe-oZ3RJhTSIOVS1DCvUc3yleaS_PlnmdYeKI47469sbg==

GET
H2 200 friends2follow_infinitescroll_and_share_follow.min.js Show response
heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 5636 24 KB
13 KB 106ms
105ms XHR
application/javascript 35.175.7.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_infinitescroll_and_share_follow.min.js

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20221006

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.7.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-7-63.compute-1.amazonaws.com

Software

Apache /

Resource Hash

479789ebc7c7b79e6b0a3cd5769880403fedb19890b2c1a959cdd9a400f90db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://heralddispatch.friends2follow.com/f2f/widget/html/socialstack/all/0/12/140/1/1/1/9/9/1
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 07 Oct 2022 14:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2017 17:48:57 GMT
server: Apache
age: 356
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 349111199 349085219
via: 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 13249
expires: Fri, 21 Oct 2022 14:18:40 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 356E 97 KB
29 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:36 GMT
Content-Encoding: gzip
Age: 1193
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29223
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
Server: ECS (frb/67D3)
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame 356E 52 KB
21 KB 145ms
55ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20221006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 14:24:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "95a07626e083cec6"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Oct 2022 14:24:37 GMT

GET
H2 200 schemaFilter.bundle.debb169c1abb431faaa6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 7ms
7ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:13:51 GMT
x-amz-version-id: Av4L57knpBWVXQ2LY3wI0QazLgotJtGS
content-encoding: br
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1487446
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 04:11:19 GMT
server: AmazonS3
etag: W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: jiFJytJGFN8qs4BtYzkHZF8MGSEmoG4EAj3LCbLdKmJri44CRq-xRw==

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 52 KB
4 KB 43ms
42ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/templates/reveal.e5d561a6b71aa2730a07fa90f5f4f6d6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1262839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3279
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-ce35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmWqNKzZW8qHIOYBzhYMYJgFGXQj4HvzWak6TkuVMs0wYhhw6Ls%2BLFY95RuBLE5pOMcXP6RfEMHJu%2BvKXYsYI%2BrGJig%2F85hZ3FRe7MrtsZbwABsFpGkpPFmGvtTDAcEiWUUaEyaQo7MslIjdXfbeeOVF"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75674d272c839a1d-FRA
expires: Wed, 27 Sep 2023 14:24:37 GMT

GET
H3

200

13495212211061845771
tpc.googlesyndication.com/simgad/
Redirect Chain

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgOCEr-bQVhABGAEyCM-R4PJsyDmc
https://tpc.googlesyndication.com/simgad/13495212211061845771

414 KB
414 KB

177ms
177ms

Image
image/jpeg

2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13495212211061845771

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6eea73ad51169099b27212976dc7467f9a3ecd99124b1bfa27312219547f519e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:37 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 423931
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 15:33:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 14:24:37 GMT

Redirect headers

date: Fri, 07 Oct 2022 14:24:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/13495212211061845771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 06 Nov 2022 14:24:37 GMT

GET
H3

200

9965562390043455076
tpc.googlesyndication.com/simgad/
Redirect Chain

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgOCEr4bAXxABGAEyCCmx6kL34IPv
https://tpc.googlesyndication.com/simgad/9965562390043455076

152 KB
152 KB

109ms
107ms

Image
image/jpeg

2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9965562390043455076

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/

Protocol

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fdd6273931c0d28ac4f408232d6e48505fda7190258adde037916a1ea43190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:37 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 155729
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 15:31:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 14:24:37 GMT

Redirect headers

date: Fri, 07 Oct 2022 14:24:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/9965562390043455076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 06 Nov 2022 14:24:37 GMT

GET
DATA 200
OK truncated
/ Frame 091E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8d8f430447d8917f09bca2506e7f26ea5fe84eba119f3891fd63d7a1fbfc93f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C443 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f4f9da9bb4594f1885e129c64daf45143c90a381c759ceacd3dc9d522788c98

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 78BA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 092bf264427d9dab1217b59d6d83919776d732bd6ab2f5c58da0b2fecc4aaec0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8C79 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb9b7a493299b8df900abcf0b279c9a3bd9eb19a36382306d0ed3ca96533d06f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK widget_iframe.7dae38096d06923d683a2a807172322a.html Show response
platform.twitter.com/widgets/ Frame DB47 320 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fheralddispatch.friends2follow.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://heralddispatch.friends2follow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 663599
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Fri, 07 Oct 2022 14:24:37 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D5B8 22 KB
7 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com
URL: https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 04 Oct 2023 09:55:30 GMT

GET
H2 200 ad.php Show response
g.adspeed.net/ Frame D5B8 265 B
481 B 75ms
23ms Script
application/x-javascript 5.79.106.138
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.adspeed.net/ad.php?do=js&zid=117083&oid=27064&wd=-1&ht=-1&target=_blank
Requested by: Host: d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com
URL: https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.79.106.138 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: d2.adspeed.us
Software: nginx /
Resource Hash: 01b72c5a1f5ef80a22c8b1802b3496cda49796e77ae72125b9e5e9ecbd0eee44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 14:24:37 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5B8 142 KB
44 KB 140ms
58ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com
URL: https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 14:24:37 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame DB47 851 B
434 B 119ms
119ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=18e954c0cca6f31dad842ed66de2f669d0f4f894

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fheralddispatch.friends2follow.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 112
date: Fri, 07 Oct 2022 14:24:36 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 07 Oct 2022 14:24:37 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: ff1ccb2f068007cf
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: fd77f4f118b7d5a743f27d3bc114020b56b38a16a8d0064a0a2ff220b22e0681
content-length: 355

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1A76 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVTmYpA2lU0qCspBncD2mBe12EvZUP1Er0P0b0_QUgpj7P3SrTXvUJiCCKh8GvwvAkuAArwcviEiF7p7C8zHN0K1107R6_Z_B6hSONZDazQOMq4pev1odxiDr2ata6Em9OwHjTfd_OmpAf3GcGMAOmNg2VnFIuLi9sV6mjYuKsEc8y-Acq447TWxi1d9KNoX5syNJeIBeS63g2EHvSQ5shFCs4yaYl4igkx_u2O5Vxy1_ng-9_S9sGSQvmRbcmrK0jkH_pgOfTcL-p_9njVCzb3mA8zdwYsg2Y9mMwgHxhWeBudwKUtAoGzUg-amIc4H_YrevB_LaNodxqtxT9xFrTWcSfzlC8QSJDWK5skExb&sai=AMfl-YSl9kfxJnIDrcxeCXi_3mc9BCqhSLQGIox0ndLJ3luyW5hqZRrufc3Z_N1wxsPM4hJStdYm7zsY7XNSUzGyRv8HVCzPwTRh7sfzh-HxFBT_rvdhZt9R2lHglBXx-lWT1zW_&sig=Cg0ArKJSzH8kVNkeYlBiEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Oct 2022 14:24:37 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 5636 97 KB
29 KB 9ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:37 GMT
Content-Encoding: gzip
Age: 873
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29223
x-amzn-internal-status: 304
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
Server: ECS (frb/674B)
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame 5636 52 KB
20 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20221006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 14:24:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "95a07626e083cec6"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Oct 2022 14:24:37 GMT

GET
H/1.1 200
OK runtime-eb61dff4a84b8f906e6b.js Show response
platform.twitter.com/_next/static/chunks/ Frame 49E5 4 KB
3 KB 8ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-list/screen-name/heralddispatch/slug/hd-news-4?dnt=true&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.herald-dispatch.com%2F&sessionId=1122c611835ed6df3fcd1ff6c818d7d9ac962cbc&showHeader=true&siteScreenName=heralddispatch&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) /
Resource Hash: 3a150c237161cd43b61b31a2b1c10071a92d635e420f890ced97a3dedfc5cebc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:37 GMT
Content-Encoding: gzip
Age: 663599
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 2101
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
Server: ECS (frb/6738)
Etag: "9e24908c04f34a86015898eca0fccd4a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK modules.c7def0268c66f6a548ed.js Show response
platform.twitter.com/_next/static/chunks/ Frame 49E5 286 KB
94 KB 17ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-list/screen-name/heralddispatch/slug/hd-news-4?dnt=true&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.herald-dispatch.com%2F&sessionId=1122c611835ed6df3fcd1ff6c818d7d9ac962cbc&showHeader=true&siteScreenName=heralddispatch&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: cdc46119f82b8cc0c4fa0ad51203da3154d0aee0e887aaf26a46988e5f359070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:37 GMT
Content-Encoding: gzip
Age: 663599
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 95749
Last-Modified: Wed, 28 Sep 2022 17:24:15 GMT
Server: ECS (frb/67BC)
Etag: "51acddf0dbfab928b183f36c1ee67619+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK main-e9db78f5e7b3d83edd5e.js Show response
platform.twitter.com/_next/static/chunks/ Frame 49E5 90 B
654 B 27ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-list/screen-name/heralddispatch/slug/hd-news-4?dnt=true&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.herald-dispatch.com%2F&sessionId=1122c611835ed6df3fcd1ff6c818d7d9ac962cbc&showHeader=true&siteScreenName=heralddispatch&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 80534a6e1ec41d37acec8be383f8d1112dbbeea31dd51ead47463095c13bff3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:37 GMT
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
Server: ECS (frb/673A)
Age: 663599
Etag: "8e33207e7b788da9abde5b6d33da0b00"
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
x-tw-cdn: VZ
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Accept-Ranges: bytes
Content-Length: 90

GET
H/1.1 200
OK _app-446fb4a338b215deec8c.js Show response
platform.twitter.com/_next/static/chunks/pages/ Frame 49E5 1 KB
1 KB 28ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/pages/_app-446fb4a338b215deec8c.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-list/screen-name/heralddispatch/slug/hd-news-4?dnt=true&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.herald-dispatch.com%2F&sessionId=1122c611835ed6df3fcd1ff6c818d7d9ac962cbc&showHeader=true&siteScreenName=heralddispatch&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: 0b646f6a0117000d7a12cb08668222c21cd3ae0194b31cb4a12a60547171e380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:37 GMT
Content-Encoding: gzip
Age: 663599
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 668
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
Server: ECS (frb/6762)
Etag: "be3e428d416daa9027cecf70b5f26bf9+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK %5Bslug%5D-0cd847ce6302e08e0c0b.js Show response
platform.twitter.com/_next/static/chunks/pages/timeline-list/screen-name/%5BscreenName%5D/slug/ Frame 49E5 13 KB
2 KB 29ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/pages/timeline-list/screen-name/%5BscreenName%5D/slug/%5Bslug%5D-0cd847ce6302e08e0c0b.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-list/screen-name/heralddispatch/slug/hd-news-4?dnt=true&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.herald-dispatch.com%2F&sessionId=1122c611835ed6df3fcd1ff6c818d7d9ac962cbc&showHeader=true&siteScreenName=heralddispatch&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: a7f1cbd06cc15a985912b51fc00385e901908c6dc85cc2622bab2430f366d847

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:37 GMT
Content-Encoding: gzip
Age: 663599
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 1296
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
Server: ECS (frb/67D3)
Etag: "6e07e7a1fb134f7ef2a61330cf9deba3+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK _buildManifest.js Show response
platform.twitter.com/_next/static/d2V1PoRy5_I_iOYSDbAAL/ Frame 49E5 1 KB
1009 B 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/d2V1PoRy5_I_iOYSDbAAL/_buildManifest.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-list/screen-name/heralddispatch/slug/hd-news-4?dnt=true&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.herald-dispatch.com%2F&sessionId=1122c611835ed6df3fcd1ff6c818d7d9ac962cbc&showHeader=true&siteScreenName=heralddispatch&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 8056d05694350c1a3f041746d1551107d67d41af439157b1779ecdabbc8e7d35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:37 GMT
Content-Encoding: gzip
Age: 663599
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 414
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
Server: ECS (frb/673A)
Etag: "12a5a08767706f15b6b316996cd057c1+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK _ssgManifest.js Show response
platform.twitter.com/_next/static/d2V1PoRy5_I_iOYSDbAAL/ Frame 49E5 76 B
640 B 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/d2V1PoRy5_I_iOYSDbAAL/_ssgManifest.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-list/screen-name/heralddispatch/slug/hd-news-4?dnt=true&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.herald-dispatch.com%2F&sessionId=1122c611835ed6df3fcd1ff6c818d7d9ac962cbc&showHeader=true&siteScreenName=heralddispatch&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:37 GMT
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
Server: ECS (frb/673A)
Age: 663599
Etag: "abee47769bf307639ace4945f9cfd4ff"
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
x-tw-cdn: VZ
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Accept-Ranges: bytes
Content-Length: 76

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 78BA 0
0 75ms
74ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveA-qr1PKshDu_mghPDr10vDNWPbtGgi1hcR6FeEUC2LD_61cbm9zCvxex5Ooq4QvXYoIyoq8--05WNp8GDNLrtjOfYcGW2epXfI17YzCObEmvAl993WnPkPPc_QqJgE7x__9T3oh0mbgYXoVxJ7zllfaxZU_6sEgIAL6WMjhAiKFk33Exy5aynAN0Car5TyQSmQpVk3fBVFRV7SJwseXnf942sM_fUTn520aioAKJj7SxrknCTLQ3WwBkcl8Lj7PyMTbrqNZHu0eI1CJVYhOo2Q6vI8iDmZphB7BFtDme1Dr-7KrBuAgvHHGTdxmVHZTOj4b0yIwJqbIcUHyv049yOz3lVyp5Mlw9tilGInQ_&sai=AMfl-YQ9-FrGuB92wCw5ZNMvigGNqyXxlh1SK5G38r7mE1CYXUFH8XsPIgCCmY1fWnH8LyvMT6PCZhnmN025_o7aS6N73Vhup795-GofCIuM7_8LF2z5MfwCkuN93rbLZmDrbWgI&sig=Cg0ArKJSzJur7QjGt967EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Oct 2022 14:24:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8C79 0
0 74ms
74ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0kbQEw9MhJd4U1mimddF-F9bD7WSA8TPhPFY3lHfyNA74q0r7LSqMqYNhokCdmZG7DC2s529UJmtAyipu1Mu5ZokGGQs1zEii9LCdz66q7lhMxDmlkSGZj973snamii0Hc_x93LTEhsZUm9idJa43zogG_1W43La6W5ZV6RML6oi33y-PCet5ziz9wMCj6JEfQsr3ZJMrbs8BuyR6pIULdIV7sEhz7Lcs7yVtJjJW_CGA82sx61Yf-F50J02xIedbvngqlLWatILt_ceP5Qjg4AECWFJ6P1LQjzx_W9eg2YTMcrDVYwgPg9BiOlcJTnxjMhM4nKqm-vs23hMLfGk0ix1Id0Sq4d5JFL9K&sai=AMfl-YRIK12Ex53_0UkItRr24fIwIBlfTdvhhIbQiNU1REeV_EVVmEjwUgV_2sCuuWZQmATTgVh_iJddhRBbPwVvk8kHuOIUwoBGRqGPmnQ720qXMexd8AvLNgcMC3rPpPFzp9ux&sig=Cg0ArKJSzBTus-G5Br4uEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Oct 2022 14:24:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C443 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthyh96ExFHMitygvaQ7jCNz4RvVWob0KZG1nDlDpFtIysXR9mvbbT5Eyzb9NOxdZ_Gts8tTjIzAGT_-94MP_HYrsMMyrLfPfrFZ9G-GmqrGOdEJe0YOJebWZb_ldmaZ4EvqNs3APhnY8rGUhRbin8H-IDoDPf6zXgPa2LaHhQgU2FyQwyH0BJOtr9m6R8jukKh5iyEPDn_kVD06zmDyZzI6OFdtl2F5gQ4TTWHMDVZ3AllLjmC93mN2YjpVjnI_yTwF7SMJzGHLLofme1dqP1y92erbBr2K1KP3Q19dXnHGlKP0xoPoz9YNlgTGrxx1eMY90pcZL3Aote99TnhEu4oo0Fv9rdpG32gF_ZO&sai=AMfl-YR_28KPfC1lUs6KxikYVSM-YJYCSpQHzAeCJipOUPaurgIGWSE7TtbcFdqAo0Bk-Z--hd91vleOjQgWUmEpmKZ9fcmWmi3MfzErtunVFw_9nbRfAvVTIB_YYkGw4dzxNuty&sig=Cg0ArKJSzIk3Zm3H4YuMEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Oct 2022 14:24:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D5B8 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwf7b5tAWNKlAWTe9khSMgMulRCky_lG4ucwZKJkAdXKPtPjSvWlxt2bdtnHw9njE8rCrxdG04nKo5AYHGZdIegkdr8Hu1J8t6XP7uc9HWXuS5KTR_1X_mTZCYKkX2dX5-nVP6liT_FBaA5gENV5T8HWeqmtJcKNhYRDWAGPKb6l4hTYK9crV2155GMcuhwMyn4yfjZ-6k_DNA3E8wEC95Ox6hngMNrqZmg8T5gvLrotaRIJzmDJdVe_0FBe0SPom7p1VcJBjTSYROn-uP36D4iDoa3hu2XgHEA3tUajZ9fT739SSx8Qdjy9uxlfnQ6OuJkUEtnlcZIAfCtMzTp9PvQxYlgJ9ovIUkQRbstA&sai=AMfl-YThVkYctlAEwSOs03hL2GeXg5EAxyj2cet8mTfAM9YYbltKKEnby0vBSTsOnUR6poGKTqfIiYufqs-Q8Pyh2CNkZ9YDBXgfp-ImalB4O4_R-u96GHwjxEpROfXe--sbDwOy&sig=Cg0ArKJSzNQert-2Lw4pEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com
URL: https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 ad.php Show response
g.adspeed.net/ Frame D5B8 1 KB
926 B 27ms
26ms Script
application/x-javascript 5.79.106.138
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.adspeed.net/ad.php?do=js&zid=117083&oid=27064&wd=-1&ht=-1&target=_blank&cb=0.4294978435230892&ref=https%3A//www.herald-dispatch.com/&uri=https%3A//d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: g.adspeed.net
URL: https://g.adspeed.net/ad.php?do=js&zid=117083&oid=27064&wd=-1&ht=-1&target=_blank
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.79.106.138 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: d2.adspeed.us
Software: nginx /
Resource Hash: b071a8b86088c7b4356afc6adf4c479b9043b17814cb7e21fc9fc3fac7b61dc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 14:24:37 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 091E 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVYbMH6cqwHkrASmRRwsYElOD8Iy8Es-w-vjtePkFjkW_vA0PKCZiheUpqgPjfpiByE-5se0dSIvP7Cx27QuSPQsOrOqrJq_Udy0b48ky8D5LpGpoikkV1kl2ZmZT9vIP9C_ZToZte_blwbypf8oHJfvWRa8gXH66FnDcJ988OVCdJLt4eub0S8rx6HDgrE2S4jTN674LQM3fIi-NV98JBnBoy1_H08CxpCWu233OVfl4Srk-BPfx01FP-mDSLDuNtLyRYbX0QbsKWXMwOurJ981bS-njgH48oUyIW3gi8rG125NGIb-A2jOj_9LFGRcQI0RKP04kLGgPwOzl19vZFmzIaO81-hJ2URVgC&sai=AMfl-YTKQiJUNTKhPTpSnIqSzHwXXJUf4NSNR-ZI4pjXfE9g2LR4oDkJ7_aQeZYDkn8281umTk50V-mwDFbBlyHLOr8Gxowb3YqS2EKx2J8aaAJVzoDyoAG4iNmpoomy1uKhhA3N&sig=Cg0ArKJSzCFZCE1fiKr-EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Oct 2022 14:24:37 GMT

GET
H/1.1 200
OK widget_iframe.7dae38096d06923d683a2a807172322a.html Show response
platform.twitter.com/widgets/ Frame 63F4 320 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fheralddispatch.friends2follow.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E0) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://heralddispatch.friends2follow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 663599
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Fri, 07 Oct 2022 14:24:37 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67E0)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 2022-1007-410M-JPA_MM_300x250_FINAL.jpeg
adserver.paywallproject.com/wp-content/uploads/2022/10/ Frame D5B8 123 KB
124 KB 200ms
129ms Image
image/jpeg 2606:4700:3031::ac43:bced
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adserver.paywallproject.com/wp-content/uploads/2022/10/2022-1007-410M-JPA_MM_300x250_FINAL.jpeg
Requested by: Host: d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com
URL: https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:bced , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8d95dde9afb60ca105959320eca5e5fbba99d8b1324bdd44b0602a39757064e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:37 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Oct 2022 15:26:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1edd3-5ea5f4fd00fc3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHCGvmkAKBPe%2FivelneUV9WV8h2nc%2B0aDd5DeulegyG8826z2xs7OFp0HGl9F2yeWMLD2BSNL3r7ujpc%2FTbN3FOwlnPHFLj9ThQq0VFarPlnexIesoiqRgWCFw1XcuRAVRExGqkCREK3eEpFGp3%2BegAIHLa6SUYeFjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75674d297f8e9188-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 126419

GET
H2 200 ad.php
g.adspeed.net/ Frame D5B8 43 B
253 B 23ms
22ms Image
image/gif 5.79.106.138
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.adspeed.net/ad.php?do=imp&aid=889807&zid=117083&t=1665152677&auth=31671f26a372ca86038faf1c0c71bdb4&oid=27064&wd=-1&ht=-1&ref=https%3A%2F%2Fwww.herald-dispatch.com%2F&uri=https%3A%2F%2Fd987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html
Requested by: Host: d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com
URL: https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.79.106.138 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: d2.adspeed.us
Software: nginx /
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 07 Oct 2022 14:24:37 GMT
cache-control: max-age=315360000
server: nginx
content-length: 43
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 356E 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 barkerweb-607-300x600C_BG_image.jpg
cars-static.wehaacdn.com/autoevents-aws-wehaa-net/fledit/res/ Frame B88C 30 KB
30 KB 229ms
228ms Image
image/jpeg 108.138.17.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cars-static.wehaacdn.com/autoevents-aws-wehaa-net/fledit/res/barkerweb-607-300x600C_BG_image.jpg?a
Requested by: Host: wvcarfinder.com
URL: https://wvcarfinder.com/fledit/get/barkerweb/607.css?minify=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ddc33e5425c89844fb73f03bb54dc984337a9cbd686d582b85745dd9afe973f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wvcarfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Thu, 20 Oct 2022 00:00:00 GMT", rule-id="keep-30-days"
last-modified: Mon, 19 Sep 2022 19:40:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
etag: "6d476c0210da216d3c8cd994f9ac0418"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
content-length: 30460
x-amz-cf-id: IEGg5suxdIPhPJqp6KRddH09wzuWL60LZrYnkuJItOGrHjCGNeDXTw==

GET
DATA 200
OK truncated
/ Frame 5636 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 63F4 851 B
434 B 111ms
111ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=fe10156a0ce8fd84532a1f4194a0565fee618982

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fheralddispatch.friends2follow.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 104
date: Fri, 07 Oct 2022 14:24:37 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 07 Oct 2022 14:24:37 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: c0003de665e94a60
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: fd77f4f118b7d5a743f27d3bc114020b56b38a16a8d0064a0a2ff220b22e0681
content-length: 355

GET
H/1.1 200
OK 2.691622e4391d1973cb65.js Show response
platform.twitter.com/_next/static/chunks/ Frame 49E5 23 KB
8 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:37 GMT
Content-Encoding: gzip
Age: 663599
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 7674
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
Server: ECS (frb/669E)
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 13.c59196c8bf52e5067fc1.js Show response
platform.twitter.com/_next/static/chunks/ Frame 49E5 37 KB
12 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/13.c59196c8bf52e5067fc1.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 6c7f5405e44d0dea73703263cedfb13d81aa8dc977ce7e37c48e7317a4aebe40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:37 GMT
Content-Encoding: gzip
Age: 663599
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 11906
Last-Modified: Wed, 28 Sep 2022 17:24:14 GMT
Server: ECS (frb/6712)
Etag: "de98c79c5c494d83f73eec4364ac6fd3+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
DATA 200
OK truncated
/ Frame D5B8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1b80b86e839505fd0918d24a8a29f699b59214a2f87a35ea281380fa3c14788

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 0.8f205dbb7b06b224e307.js Show response
platform.twitter.com/_next/static/chunks/ Frame 49E5 595 KB
183 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6763) /
Resource Hash: dfde5485c4fc9e9acca625d86fbeb240c9bd3ab78a395721aae49aa97b091c93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:37 GMT
Content-Encoding: gzip
Age: 663599
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 186671
Last-Modified: Wed, 28 Sep 2022 17:24:16 GMT
Server: ECS (frb/6763)
Etag: "11f6449263029b9f59f18afa52cc99ed+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 1.d976cf0cb2521083131e.js Show response
platform.twitter.com/_next/static/chunks/ Frame 49E5 1 MB
295 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/1.d976cf0cb2521083131e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6793) /
Resource Hash: b7cc0f4e39d9f408a49d78af9ef8423e920134f0c2aafff5751360b47bd3239d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:37 GMT
Content-Encoding: gzip
Age: 663599
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 301526
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
Server: ECS (frb/6793)
Etag: "68700f8862593047761c23e5253a8686+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 3.a8d5f576a453e51b8955.js Show response
platform.twitter.com/_next/static/chunks/ Frame 49E5 4 KB
2 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/3.a8d5f576a453e51b8955.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F2) /
Resource Hash: 118d1190b4f56760689165db9847f3435e14a8b6b5c69a24f2f3430a3538b41f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:37 GMT
Content-Encoding: gzip
Age: 663599
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 1565
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
Server: ECS (frb/67F2)
Etag: "b39841dd04e2e6fdbd9264ff66fb5aa1+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK ondemand.Dropdown.aa8f31b4b2f4e3e0986f.js Show response
platform.twitter.com/_next/static/chunks/ Frame 49E5 6 KB
3 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/ondemand.Dropdown.aa8f31b4b2f4e3e0986f.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: df0d77bff49f6ce8fcedd36c2bac801d98c148546ba6faaaaa25302a7f862faf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:37 GMT
Content-Encoding: gzip
Age: 663599
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 2597
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
Server: ECS (frb/6752)
Etag: "deb1205c6e01f2720f75bbd978f5925b+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js Show response
platform.twitter.com/_next/static/chunks/ Frame 49E5 148 KB
42 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: 222fa391f26a0b6f4b5d8459ada308e078e6d2e69707766e247692a6f45676c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:37 GMT
Content-Encoding: gzip
Age: 663599
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 41941
Last-Modified: Wed, 28 Sep 2022 17:24:15 GMT
Server: ECS (frb/67BC)
Etag: "72929dff5e574c1b877555fd36c7683a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 like.3.json Show response
abs.twimg.com/sticky/animations/ Frame 49E5 19 KB
2 KB 97ms
7ms Fetch
application/json 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://abs.twimg.com/sticky/animations/like.3.json

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/1.d976cf0cb2521083131e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBD) /

Resource Hash

7d2cdcfb9a06ae6226f06b3cb14c4a53fa0f94ec5048dfb469d6834f6fb4e124

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
age: 2254444
x-ton-expected-size: 19835
x-cache: HIT
content-length: 1627
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Tue, 15 Feb 2022 21:43:54 GMT
server: ECAcc (frc/4CBD)
etag: "b9munHAdxNyPtNl2GaO2bw=="
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-connection-hash: b2416fb8c94532ef46b2069f2a8d4ab6aa32507f9132cb6f6efe61940801c5b3
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 07 Oct 2023 14:24:37 GMT

GET
H2 200 1f60a.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 49E5 1 KB
739 B 69ms
21ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f60a.svg

Requested by

Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-list/screen-name/heralddispatch/slug/hd-news-4?dnt=true&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.herald-dispatch.com%2F&sessionId=1122c611835ed6df3fcd1ff6c818d7d9ac962cbc&showHeader=true&siteScreenName=heralddispatch&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bda4e6d76f6b82b87f43755d551b36dd7cfb0d0117fb798435270e7c1127a87e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 14:24:38 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 576
x-served-by: cache-fty21381-FTY, cache-hhn4057-HHN
last-modified: Wed, 21 Feb 2018 22:31:08 GMT
etag: "b3W1jrdG0IwsGEUVc4dikg=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 15 Jul 2022 07:51:19 GMT

GET
H2 200 1f5f3.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 49E5 1 KB
856 B 56ms
9ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f5f3.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3a2775487813a34df116db062e7c42e41c98d0cd1f275738cb5a5f805ba00e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 14:24:37 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 500
x-served-by: cache-fty21329-FTY, cache-hhn4057-HHN
last-modified: Fri, 13 Sep 2019 20:59:41 GMT
etag: "/4WhquUK1IUG4ydWVnaOiQ=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 05 Apr 2023 06:50:01 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame 49E5 43 B
118 B 116ms
115ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1665152677905%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-list%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.herald-dispatch.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22heralddispatch%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%225fc5ca9%3A1664378768171%22%2C%22widget_data_source%22%3A%22screen-name%2Fslug%3Aheralddispatch%2Fhd-news-4%22%7D&dnt=1&session_id=1122c611835ed6df3fcd1ff6c818d7d9ac962cbc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/srv/timeline-list/screen-name/heralddispatch/slug/hd-news-4?dnt=true&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.herald-dispatch.com%2F&sessionId=1122c611835ed6df3fcd1ff6c818d7d9ac962cbc&showHeader=true&siteScreenName=heralddispatch&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 108
date: Fri, 07 Oct 2022 14:24:37 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 07 Oct 2022 14:24:38 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 62817c282cda1792
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: fd77f4f118b7d5a743f27d3bc114020b56b38a16a8d0064a0a2ff220b22e0681
content-length: 43

GET
H/1.1 200
OK 92c4cfc662d3b16f542fa775681ad9579f9515442ff261158d75e39e6a69568d
friends2follow-us.s3.amazonaws.com/external-images/ Frame 356E 27 KB
27 KB 436ms
146ms Image
image/jpeg 52.217.90.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friends2follow-us.s3.amazonaws.com/external-images/92c4cfc662d3b16f542fa775681ad9579f9515442ff261158d75e39e6a69568d
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.90.204 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 87098c7c585192c6162ddf685b1948217cb601795b90c6cc4f6d208b9c654f3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:39 GMT
x-amz-expiration: expiry-date="Fri, 03 Feb 2023 00:00:00 GMT", rule-id="Rule for : external-images/"
Last-Modified: Wed, 05 Oct 2022 00:20:10 GMT
Server: AmazonS3
x-amz-request-id: JPY705Y8NX9CWHWP
ETag: "e3b0094f13d049e3ac2a2788792615f0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 27278
x-amz-id-2: D9duW+lhIWOsTSKEN7c2VE1wkwqHr/SUMhfgp206hz1PQeEXRZkMfepqsmCmV8ARw6XnjXIghE0=

GET
H/1.1 200
OK 23417ee2847f863a9eb4ad5908734861b8e8a0c81a901828f04c1a0283dba479
friends2follow-us.s3.amazonaws.com/external-images/ Frame 356E 7 KB
8 KB 424ms
134ms Image
image/jpeg 52.217.90.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friends2follow-us.s3.amazonaws.com/external-images/23417ee2847f863a9eb4ad5908734861b8e8a0c81a901828f04c1a0283dba479
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.90.204 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ecc563475d38c049fd6df5530379c5a04027e71cb23c48918733584f1cd3a78b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:24:39 GMT
x-amz-expiration: expiry-date="Thu, 02 Feb 2023 00:00:00 GMT", rule-id="Rule for : external-images/"
Last-Modified: Tue, 04 Oct 2022 11:58:09 GMT
Server: AmazonS3
x-amz-request-id: JPYDNKBQYT802076
ETag: "79eb3876c0786afdcee57bd70ef7c650"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 7312
x-amz-id-2: rkH58/MuG5gYws2me1uvqFifwvpSz8kIuOPH8/jNrtyujOqWg369vNhxm4roPgfXpDl87aTAvnM=

GET
H2 200 X1DWXVof_normal.jpg
pbs.twimg.com/profile_images/636307644291133440/ Frame 49E5 2 KB
2 KB 29ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/636307644291133440/X1DWXVof_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668A) /

Resource Hash

f8cef293d0a98fe45e2c252f26f1225799ed75c37e7746e99bdeaf6739ca4b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 243523
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 1731
x-response-time: 109
surrogate-key: profile_images profile_images/bucket/0 profile_images/636307644291133440
last-modified: Tue, 25 Aug 2015 22:40:19 GMT
server: ECS (frb/668A)
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: d8c6645658f5a74f
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 319b74540df23ed02c8400dd1c0821de336ce984a420249c1abda43dc10d6762
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 4540 0
117 B 135ms
118ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F418184251531752&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20221006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heralddispatch.friends2follow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 07 Oct 2022 14:24:38 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: 3bgFMOWH0gRUz9dWax+nbnP/e1f3Zv4PGLdyeOI87WJrePtBZAGgAtVt6lVXxuYfqSxPfxR5lDt/nnV/HddIpQ==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 9DE6 0
3 KB 56ms
40ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F1648105645259454&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20221006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heralddispatch.friends2follow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 07 Oct 2022 14:24:38 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: Rz6DpbZ3IP8mdWan5ikUpyLXUGsROTfoAij9tfFdGDwV7eHBJFyvtD0COLCVXfg0OrYdjPTBNyMY1bvObIA9Sg==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame B8D6 0
117 B 73ms
60ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F112485035462394&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252

Requested by

Host: heralddispatch.friends2follow.com
URL: https://heralddispatch.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20221006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heralddispatch.friends2follow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 07 Oct 2022 14:24:38 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: 3GvFFkUgIN5hHp0yvp6AJSQnjl5NoOvTKCZiaJ0Psmmp6xS8vOp/dKiq0a/R+e4rDpkVeGb4UD7kjGheebymxg==
x-xss-protection: 0

GET
H2 200 49896535_2547376945279128_8828310512493133824_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t1.6435-1/ Frame 5636 2 KB
2 KB 352ms
93ms Image
image/jpeg 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-1.xx.fbcdn.net/v/t1.6435-1/49896535_2547376945279128_8828310512493133824_n.jpg?stp=c426.589.667.667a_cp0_dst-jpg_s50x50&_nc_cat=104&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=X6NBFF3Px14AX-U2kwp&_nc_ht=scontent-iad3-1.xx&edm=AOf6bZoEAAAA&oh=00_AT_FvQqCJ3FZ0RYd6TXR8bRiXWE-M46GH0wLUyd24zOYyQ&oe=63646EF6
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 281e4ecb4799d51d9d4516a16c38659e1f654375cd2c1feed64263986a9cbd09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-haystack-needlechecksum: 4009949575
date: Fri, 07 Oct 2022 14:24:38 GMT
x-fb-trip-id: 1814657579
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 15 Jan 2019 22:26:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1817384640
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 816596291
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 2129

GET
H2 200 310425488_544682717657706_520892774297837882_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/ Frame 5636 73 KB
73 KB 361ms
103ms Image
image/jpeg 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/310425488_544682717657706_520892774297837882_n.jpg?stp=dst-jpg_p480x480&_nc_cat=104&ccb=1-7&_nc_sid=8024bb&_nc_ohc=dVBQvaLvHo4AX8RtlfN&_nc_ht=scontent-iad3-1.xx&edm=AKK4YLsEAAAA&oh=00_AT828IDolb5yzlQjN7ZoygMLiWbCi9NQ48ajFdAstz_2Rg&oe=6345A4F9
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 393d7b8e91be729c7f4ff5c33dd5722758fb1d302f537ef6b7887a168f9dbdba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-haystack-needlechecksum: 2234528516
date: Fri, 07 Oct 2022 14:24:38 GMT
x-fb-trip-id: 1814657579
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 06 Oct 2022 18:19:32 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=265677960
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2413380491
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 74647

GET
H2 200 307022847_525560579569920_8925206609841819415_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/ Frame 5636 2 KB
2 KB 355ms
97ms Image
image/jpeg 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/307022847_525560579569920_8925206609841819415_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=108&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=AwviztNOUzEAX8Wuxz1&_nc_ht=scontent-iad3-1.xx&edm=AOf6bZoEAAAA&oh=00_AT_V7900aK8zY7ruS_rbZhSxy8ftg04on_6GgXKVujAzlA&oe=6344E795
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 69c8057039c53f1813b1505b4b7621a1927dfd99eb31e0ead011dd64214346bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heralddispatch.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-haystack-needlechecksum: 588142751
date: Fri, 07 Oct 2022 14:24:38 GMT
x-fb-trip-id: 1814657579
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 14 Sep 2022 22:12:51 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1473927357
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3717779538
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1738

GET
H2 200 beD4wzCB
pbs.twimg.com/card_img/1578369652849262593/ Frame 49E5 3 KB
3 KB 15ms
15ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1578369652849262593/beD4wzCB?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

1d7387f3db398ba8c17df10332d3115130fe392079968a0ff728a0bd292d5ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 2919
x-cache: MISS
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=10
content-length: 2881
x-response-time: 124
surrogate-key: card_img card_img/bucket/0 card_img/1578369652849262593
last-modified: Fri, 07 Oct 2022 12:58:24 GMT
server: ECS (frb/67C0)
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 51d908fa5e64e5dc
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 6c4442f2363a2d84388a3a05ad229393fd79eab59858c9f316f82ae4b6d5bcfd
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DCToFlkx_normal.jpg
pbs.twimg.com/profile_images/1567682333687291906/ Frame 49E5 2 KB
2 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1567682333687291906/DCToFlkx_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) /

Resource Hash

222155fa4a159adbe01edc14ea86baf893689aaa8255afe788ec00d2052b0595

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 407529
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 2035
x-response-time: 115
surrogate-key: profile_images profile_images/bucket/2 profile_images/1567682333687291906
last-modified: Thu, 08 Sep 2022 01:10:49 GMT
server: ECS (frb/67F2)
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 83d175d393bea3dd
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 44966f653b7909a24963043956df177f119f4e0f95b50c58c182c44baa916886
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 dB-qUEp1
pbs.twimg.com/card_img/1578339399661768705/ Frame 49E5 3 KB
3 KB 23ms
23ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1578339399661768705/dB-qUEp1?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668A) /

Resource Hash

3daf9de05d48dbbbb85059e72f970a2f11b49fe0622e2bf360b7a81106cc650c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 2919
x-cache: MISS
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=9
content-length: 2894
x-response-time: 134
surrogate-key: card_img card_img/bucket/3 card_img/1578339399661768705
last-modified: Fri, 07 Oct 2022 10:58:11 GMT
server: ECS (frb/668A)
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 628f27b4467cd790
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: fae9eb7024b23d989bd3aece711bbfd6ca83d2b74fe8d2065866a998cb39eff7
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 xsNxEF-9_normal.png
pbs.twimg.com/profile_images/1123205422821904385/ Frame 49E5 5 KB
6 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1123205422821904385/xsNxEF-9_normal.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) /

Resource Hash

671e486efa39a64402ec2938afa69a71193a1d14c5e6e7a9ef01ad8aa77da405

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 173600
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 5607
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/6 profile_images/1123205422821904385
last-modified: Tue, 30 Apr 2019 12:38:15 GMT
server: ECS (frb/6772)
x-tw-cdn: VZ, VZ, VZ
content-type: image/png
access-control-allow-origin: *
x-transaction-id: af1a5bf0bfd022cf
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: b193b0e26a2a5f757bb229b72f80fb9f76d5cd335a4adfe8886450aa2a53b06d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 KiaOrDcd
pbs.twimg.com/card_img/1576975988965130247/ Frame 49E5 3 KB
4 KB 16ms
15ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1576975988965130247/KiaOrDcd?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) /

Resource Hash

e58fbe11ca244820ff2fd110f6f6b9dc63d1f7f74e1ba2c8be62a51b9116f602

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 2919
x-cache: MISS
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=10
content-length: 3508
x-response-time: 123
surrogate-key: card_img card_img/bucket/2 card_img/1576975988965130247
last-modified: Mon, 03 Oct 2022 16:40:29 GMT
server: ECS (frb/67BD)
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: c436d908b446184e
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: c54e6f8105add028f42ab1a5ccb99b80de6ea06d5ee5a6dcc702cc15713943a8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 zm5Q9Shr
pbs.twimg.com/card_img/1578158542586105858/ Frame 49E5 3 KB
4 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1578158542586105858/zm5Q9Shr?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669F) /

Resource Hash

21f3a3443185b805a442e216eaba111cb6fe28409bafbe3354c61a1593f4d2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 40849
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 3441
x-response-time: 125
surrogate-key: card_img card_img/bucket/8 card_img/1578158542586105858
last-modified: Thu, 06 Oct 2022 22:59:31 GMT
server: ECS (frb/669F)
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 5e0766c5fbd54bce
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 49db99e0849c4685e2d2949f05be03511bda54c012522a18969a06d018ee0eac
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 8z9FImcv_normal.png
pbs.twimg.com/profile_images/461964160838803457/ Frame 49E5 3 KB
3 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/461964160838803457/8z9FImcv_normal.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6776) /

Resource Hash

a10a03b40f3c6d028b8f80b1a92ad36d048828b7738cdd1a904379861f4ef4df

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 162861
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 2643
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/9 profile_images/461964160838803457
last-modified: Thu, 01 May 2014 20:21:33 GMT
server: ECS (frb/6776)
x-tw-cdn: VZ, VZ, VZ
content-type: image/png
access-control-allow-origin: *
x-transaction-id: 30c0d03c08ce410a
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: eae1137c99fa2d675f01fe60098609be1c6c324033d37b041403c8a99565f5fe
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 oZwJ8_Ju
pbs.twimg.com/card_img/1578188290368438273/ Frame 49E5 3 KB
3 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1578188290368438273/oZwJ8_Ju?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6776) /

Resource Hash

5577de24d7fb693dfeca6e42aa111949c3827e82005a1d9ed89d7a88907f3128

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 48140
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 3007
x-response-time: 190
surrogate-key: card_img card_img/bucket/1 card_img/1578188290368438273
last-modified: Fri, 07 Oct 2022 00:57:44 GMT
server: ECS (frb/6776)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 83d41cb7777ce2f6
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 03f17083b756da6d02369bc64d0d9e8916c61ed721f6e08a1af234b337205b50
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 5Of2ZEes_normal.jpg
pbs.twimg.com/profile_images/1100898670549991424/ Frame 49E5 2 KB
2 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1100898670549991424/5Of2ZEes_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BE) /

Resource Hash

8c97b48c4c7e3a3a9c4bc73ebb6da8b2700e01aa0849fb8597b5929ef09363db

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 183791
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 2111
x-response-time: 108
surrogate-key: profile_images profile_images/bucket/3 profile_images/1100898670549991424
last-modified: Wed, 27 Feb 2019 23:19:11 GMT
server: ECS (frb/67BE)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: c66f9998b9647288
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 19b35ca47cc908ec375151a00ba484273bd7f1e08d74e46afff9fa2eede8e999
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DzgCW5as
pbs.twimg.com/card_img/1578165737197391873/ Frame 49E5 4 KB
4 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1578165737197391873/DzgCW5as?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6713) /

Resource Hash

550321e54f6fac36081e812b61f701ce49b349d66c37b5ec61875ee44bef6eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 44500
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 3690
x-response-time: 129
surrogate-key: card_img card_img/bucket/0 card_img/1578165737197391873
last-modified: Thu, 06 Oct 2022 23:28:07 GMT
server: ECS (frb/6713)
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 2729f7e7713ef60b
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 860763e9c0d900ee5d98bbcc6e4506865bec6791f3f5ceab847f611ba8c1b9b6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 OA1zZyy2
pbs.twimg.com/card_img/1578071390296629255/ Frame 49E5 4 KB
4 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1578071390296629255/OA1zZyy2?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

407a6c2e969ff85be6bef89b28282198fd0b41b0e153f6fc0b9da611dd240541

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 63210
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 3746
x-response-time: 126
surrogate-key: card_img card_img/bucket/9 card_img/1578071390296629255
last-modified: Thu, 06 Oct 2022 17:13:13 GMT
server: ECS (frb/67C0)
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 306eb5da1b668dd3
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: a3b8a55c8ddb69ebc9284e3ca071863d433d6410388916b3843bcc1ac5f8415f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 0ChPyj3E_normal.jpg
pbs.twimg.com/profile_images/1468699494371975170/ Frame 49E5 2 KB
2 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1468699494371975170/0ChPyj3E_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

6531ce03f6b92e2a1134ef980fab0b93b3b910cd141625a77f8096759e600ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 431654
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 2187
x-response-time: 113
surrogate-key: profile_images profile_images/bucket/8 profile_images/1468699494371975170
last-modified: Wed, 08 Dec 2021 21:48:21 GMT
server: ECS (frb/6723)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 3f6cce1225de92fa
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 6dfcedd0c263e02526544785427da0e4909aafd5dce476d8337ab10e8c8d92c5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 di8FZbP-
pbs.twimg.com/card_img/1578104332582637568/ Frame 49E5 4 KB
4 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1578104332582637568/di8FZbP-?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

c49756a1eeed446d241669b83be916701ba9e95e38a8619f81ba0c943f283816

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 66594
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 3790
x-response-time: 122
surrogate-key: card_img card_img/bucket/0 card_img/1578104332582637568
last-modified: Thu, 06 Oct 2022 19:24:07 GMT
server: ECS (frb/67E2)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 84d045fae23a4713
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: e5e6f99336fc20f261b8c77eec6a448853e11ae4ee80d30deac69b2c99a94ad2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 xtaLabwy
pbs.twimg.com/card_img/1577977013700366337/ Frame 49E5 4 KB
4 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1577977013700366337/xtaLabwy?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6711) /

Resource Hash

dee64be60698d1a09706489941cb027965afec4a69c89884bb06cb8ef2493d10

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 69984
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 4082
x-response-time: 130
surrogate-key: card_img card_img/bucket/4 card_img/1577977013700366337
last-modified: Thu, 06 Oct 2022 10:58:12 GMT
server: ECS (frb/6711)
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: c292905c63068a5b
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: f3a3f77a600445af617cf9e565a2ce27f14a92f5223f6e2082552600c77c8a3b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 hSnX5c15_normal.jpg
pbs.twimg.com/profile_images/642160042129489920/ Frame 49E5 2 KB
2 KB 11ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/642160042129489920/hSnX5c15_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) /

Resource Hash

5dd3bdfd1d23b20289a3068471824962dbed3b7f2a41cf671a616a47a20cfbe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 90312
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 1731
x-response-time: 127
surrogate-key: profile_images profile_images/bucket/9 profile_images/642160042129489920
last-modified: Fri, 11 Sep 2015 02:15:39 GMT
server: ECS (frb/6772)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 79b2aab94d637492
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 3d8c86808b8d13f3f398f789c5fa90036ae7cdcf79e33643e18ce76517268f76
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FeY009nWYAETC5H
pbs.twimg.com/media/ Frame 49E5 4 KB
4 KB 10ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FeY009nWYAETC5H?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6763) /

Resource Hash

ef0b88b1d0143ce53bd317eb83b23a6b2f454af0d5c0cf2e355e629d252e394f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 77816
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 3904
x-response-time: 147
surrogate-key: media media/bucket/4 media/1578006803937386497
last-modified: Thu, 06 Oct 2022 12:56:34 GMT
server: ECS (frb/6763)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 1ef966f52b34d4dc
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: f4cd9c2fd7c484dd72cc0e7f11a1edf61df066d611445bccea30c58f900bcd7d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 jEme_O2d
pbs.twimg.com/card_img/1578055004476284932/ Frame 49E5 3 KB
4 KB 11ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1578055004476284932/jEme_O2d?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/675D) /

Resource Hash

8b28131114b387a9dcad032c16a679f43a5edb682912372ae818876039666809

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 77816
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 3552
x-response-time: 138
surrogate-key: card_img card_img/bucket/2 card_img/1578055004476284932
last-modified: Thu, 06 Oct 2022 16:08:06 GMT
server: ECS (frb/675D)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 667cb96bd3f9873c
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: e98d34052b26c450a8d8ef800d2bea01810b84eef5736a215f18a6c3bc2c6fe0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 f3oAEhOe
pbs.twimg.com/card_img/1577999972007645188/ Frame 49E5 4 KB
4 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1577999972007645188/f3oAEhOe?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6760) /

Resource Hash

7ec68e1dd57de2a962facc4ec3cf59d12f8f90a57d4e326e2ddb0e3fc93bc7d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 91592
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 3620
x-response-time: 124
surrogate-key: card_img card_img/bucket/6 card_img/1577999972007645188
last-modified: Thu, 06 Oct 2022 12:29:25 GMT
server: ECS (frb/6760)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: c0f3fd1e25b80176
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 5bbeb84ae9f183e8df256e9161c41091e77b4677bcb2d383ef7f0e4565ef4ffa
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 hHn0fvSU
pbs.twimg.com/card_img/1576793779192864768/ Frame 49E5 2 KB
2 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1576793779192864768/hHn0fvSU?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D5) /

Resource Hash

3d8e54c7594e4f347e8456c46381271a318851df071db399c713d3caca37ee1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 130369
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 2142
x-response-time: 128
surrogate-key: card_img card_img/bucket/0 card_img/1576793779192864768
last-modified: Mon, 03 Oct 2022 04:36:27 GMT
server: ECS (frb/67D5)
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 1ee9b034e74d7ef3
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 0abefe7dd3b3055d9e3482b3fc608d4511ff4a4d907256a9a3f4f34f6c65ece8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 h0jjAeXJ
pbs.twimg.com/card_img/1577799565251690496/ Frame 49E5 3 KB
4 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1577799565251690496/h0jjAeXJ?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6713) /

Resource Hash

2a05a76b115be98ffd7cedc63647978ae0973a22e67ac802b0b5cb1fc1d63ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 139609
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 3362
x-response-time: 122
surrogate-key: card_img card_img/bucket/5 card_img/1577799565251690496
last-modified: Wed, 05 Oct 2022 23:13:05 GMT
server: ECS (frb/6713)
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 621c1a9d8c9bd615
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 8ff0227e1e4c14001347ebe07ec5e0494600912394e426e220e10fec2397257d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 61rzhtoc
pbs.twimg.com/card_img/1577792021439340546/ Frame 49E5 3 KB
3 KB 11ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1577792021439340546/61rzhtoc?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6711) /

Resource Hash

07da67d15d2b7557ebf6803f3cc6478fbd71de02bd67e433c1eac50c369d657a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 139609
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 3289
x-response-time: 126
surrogate-key: card_img card_img/bucket/3 card_img/1577792021439340546
last-modified: Wed, 05 Oct 2022 22:43:06 GMT
server: ECS (frb/6711)
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: c10b35b36a66d874
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 073aec3b3d761e833f8adb8c49587b202c2b6c6a31a686dfe96eff2e9602852a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 b0T1_7XH_normal.jpg
pbs.twimg.com/profile_images/1247581477493256196/ Frame 49E5 2 KB
2 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1247581477493256196/b0T1_7XH_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

b82ecc5f1dc12f4c85872a04ae5530c376c11956fd0c150eb706de3a43e2d3c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 340160
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 1731
x-response-time: 110
surrogate-key: profile_images profile_images/bucket/9 profile_images/1247581477493256196
last-modified: Tue, 07 Apr 2020 17:44:17 GMT
server: ECS (frb/6723)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 5a7dacca43c6f534
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: bcd811833ae8ed7c59e7318c6e146e9498839215d6bdf3d5baac0947193d93c5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 5jDf2qug
pbs.twimg.com/card_img/1577134933121933315/ Frame 49E5 4 KB
4 KB 17ms
16ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1577134933121933315/5jDf2qug?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

127581adfaa72cfeebb31ba6b25479f8e6e6e6d26532c72a4c6f1689e2a8f5f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 144854
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 3656
x-response-time: 134
surrogate-key: card_img card_img/bucket/3 card_img/1577134933121933315
last-modified: Tue, 04 Oct 2022 03:12:04 GMT
server: ECS (frb/67E2)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: a660e5688c2a07bf
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 7d8491f62892c387a598c8891e82db4bfe8b103412ce46f7e2b856cf436181c4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GBypd47j
pbs.twimg.com/card_img/1577767611152191488/ Frame 49E5 3 KB
3 KB 16ms
15ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1577767611152191488/GBypd47j?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6793) /

Resource Hash

912a3be3161c6d40caa18eb8bf9bbcab40f1fce6c96e3123627f934a64ee8102

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 147251
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 2697
x-response-time: 136
surrogate-key: card_img card_img/bucket/1 card_img/1577767611152191488
last-modified: Wed, 05 Oct 2022 21:06:06 GMT
server: ECS (frb/6793)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 37d0db0e982faa1a
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: eb92fbfd288057f5425ae2a804d54142e56ba5ae73a12079e5731d126a5329b1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 X1DWXVof_mini.jpg
pbs.twimg.com/profile_images/636307644291133440/ Frame 49E5 1 KB
1 KB 18ms
17ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/636307644291133440/X1DWXVof_mini.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6727) /

Resource Hash

3fc515eef347b99412527b380764dcf7ec7b8071d9b68d3dcf27934145b7fa82

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 334176
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 1241
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/0 profile_images/636307644291133440
last-modified: Tue, 25 Aug 2015 22:40:19 GMT
server: ECS (frb/6727)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: dc41cbc07eb46525
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 460ba014f5142b66fd3692d944c6291f7ff7cb5169813d555aefc292b7c6c95f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D5B8 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbJANFlLR2CmkI7Lwyw1UNecydp056y6ELav2N-47TZGLm8cPwmegAq6qPQohZroptTWy-ooK2XDaPSV-a--3qzZ7aodWWfOWl6A2kFuAe0ZjGngMsM4CNOFRDli4J112V03_-UP2r5GoTrGI4droMycwygPRzZoptujan119W5391gO-dzj8wrdL2fbjs0EaEQPhOS8JMrliaVa52Y1HKK4Dwn30iIJ8pe4iZs9KPCfb7cbyUtfwYB_JKfOz1GfW9G6apIlOWVylPXNXJ6XFhP6lXKWqnmTGl_n9oJO4oTsodGoo4wOBWzqXxqL2UY8JJTIyAfPCC4dM4a4Cc8AM4LZ46VHY6hyGF5KyV7VgS&sai=AMfl-YRMjHyVIhLRZj45_-ZWge6gReuRNmsQAXC3VTrHejxmSDdzLzl9qk9-P-OxPlVcUM5XgnuJs59958eP0HgfSgSXWHivbtqwM5ybFW7XKf_5FBhW2yj9vB1hiRIRUELVzfO0&sig=Cg0ArKJSzAEUeOPzNDX7EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Oct 2022 14:24:38 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 78BA 42 B
64 B 154ms
74ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss39PDUbHhM_RQd_dHpDgmfzHFVCMH-AAjGZjfpJ7BOnSSvlGAuC-0ifbgGYo-FWYTFimesTjRR4tfjJc91gwW7nQSTiQhhTkubJ3gSnO2dLGOQppKY&sig=Cg0ArKJSzMt_2gauExPSEAE&id=lidar2&mcvt=1099&p=342,436,432,1164&mtos=1099,1099,1099,1099,1099&tos=1099,0,0,0,0&v=20221005&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2217893518&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665152676812&rpt=353&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 14:24:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 091E 42 B
64 B 138ms
75ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaTvXB2nCWhJIFtn5yMLSDkh6GtU7i2vo_lv8_KliwF3WJ00S974h4GYZl1LYJPdEjdaf7ttobUYQO-CG9-4rwElmFiDrfgGs1cKnEuj5Y0YgA_Xd5&sig=Cg0ArKJSzK64yLWhDUbqEAE&id=lidar2&mcvt=1053&p=97,832,217,972&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&v=20221005&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3075153396&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665152676785&rpt=444&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 14:24:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8C79 42 B
64 B 132ms
72ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlot0RfezDpUXDt_IILCY_OBTm7lRg23PaknHGJZmAfPjOS7AyEwM76J7yWetJBUTy1929GwHdWj11H7jxUZopgaNESU7xVKu_935TBvfhM2kN9n9k&sig=Cg0ArKJSzIYeo4LbGY_DEAE&id=lidar2&mcvt=1056&p=1110,436,1200,1164&mtos=1056,1056,1056,1056,1056&tos=1056,0,0,0,0&v=20221005&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=42920074&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665152676829&rpt=356&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 14:24:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C443 42 B
64 B 130ms
71ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXnT6nxAb8ArPvn45xqirEvNKpY3opkRiCsrecxtZf3iWF7xomwWSJLVczYkf9-VHYsfBZ1Hj8rV6RMfQwLCNiIIrPBk_KECefPu52azEUM925T4vX&sig=Cg0ArKJSzPDqTZ5mMTxhEAE&id=lidar2&mcvt=1058&p=161,1202,212,1347&mtos=1058,1058,1058,1058,1058&tos=1058,0,0,0,0&v=20221005&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=190974657&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665152676799&rpt=406&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 14:24:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=16029/rand=965464567/pv=y/rb=%7B%22meta_tag%22%3A%22the%20herald-dispatch%22%7D/ Frame 3146
Redirect Chain

https://bcp.crwdcntrl.net/5/c=16029/rand=965464567/pv=y/rb=%7B%22meta_tag%22%3A%22the%20herald-dispatch%22%7D/rt=ifr
https://bcp.crwdcntrl.net/5/ct=y/c=16029/rand=965464567/pv=y/rb=%7B%22meta_tag%22%3A%22the%20herald-dispatch%22%7D/rt=ifr

163 B
403 B

44ms
44ms

Document
text/html

34.247.1.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=16029/rand=965464567/pv=y/rb=%7B%22meta_tag%22%3A%22the%20herald-dispatch%22%7D/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/16029/cc.js?ns=_cc16029
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.1.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-1-169.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

Referer: https://www.herald-dispatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 163
content-type: text/html;charset=utf-8
date: Fri, 07 Oct 2022 14:24:39 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-consent: absent
x-server: 10.45.20.81

Redirect headers

cache-control: no-cache
content-length: 0
date: Fri, 07 Oct 2022 14:24:39 GMT
expires: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=16029/rand=965464567/pv=y/rb=%7B%22meta_tag%22%3A%22the%20herald-dispatch%22%7D/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.45.1.225

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 54ms
54ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221003&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07ccde820c48efdd94875423fc7759017f8e8ab0c0a00e99436daaa7157fa68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11230
x-xss-protection: 0

GET
H2 200 1f60a.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 49E5 1 KB
640 B 7ms
7ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f60a.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bda4e6d76f6b82b87f43755d551b36dd7cfb0d0117fb798435270e7c1127a87e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 14:24:39 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 576
x-served-by: cache-fty21381-FTY, cache-hhn4057-HHN
last-modified: Wed, 21 Feb 2018 22:31:08 GMT
etag: "b3W1jrdG0IwsGEUVc4dikg=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 15 Jul 2022 07:51:19 GMT

GET
H2 200 1f5f3.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 49E5 1 KB
541 B 9ms
9ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f5f3.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3a2775487813a34df116db062e7c42e41c98d0cd1f275738cb5a5f805ba00e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 14:24:39 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 500
x-served-by: cache-fty21329-FTY, cache-hhn4057-HHN
last-modified: Fri, 13 Sep 2019 20:59:41 GMT
etag: "/4WhquUK1IUG4ydWVnaOiQ=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 05 Apr 2023 06:50:01 GMT

GET
H2 200 FeY009nWYAETC5H
pbs.twimg.com/media/ Frame 49E5 4 KB
4 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FeY009nWYAETC5H?format=jpg&name=120x120

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6763) /

Resource Hash

ef0b88b1d0143ce53bd317eb83b23a6b2f454af0d5c0cf2e355e629d252e394f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:39 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 77817
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 3904
x-response-time: 147
surrogate-key: media media/bucket/4 media/1578006803937386497
last-modified: Thu, 06 Oct 2022 12:56:34 GMT
server: ECS (frb/6763)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 1ef966f52b34d4dc
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: f4cd9c2fd7c484dd72cc0e7f11a1edf61df066d611445bccea30c58f900bcd7d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 X1DWXVof_mini.jpg
pbs.twimg.com/profile_images/636307644291133440/ Frame 49E5 1 KB
1 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/636307644291133440/X1DWXVof_mini.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6727) /

Resource Hash

3fc515eef347b99412527b380764dcf7ec7b8071d9b68d3dcf27934145b7fa82

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:39 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 334177
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 1241
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/0 profile_images/636307644291133440
last-modified: Tue, 25 Aug 2015 22:40:19 GMT
server: ECS (frb/6727)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: dc41cbc07eb46525
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 460ba014f5142b66fd3692d944c6291f7ff7cb5169813d555aefc292b7c6c95f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 14:24:39 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D5B8 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9ZkqiIcJMLWYk3QjvgN__onLlCXN6wqAD4UdcuZYvppVcPcccMASVaIytZjKF_sEOZyhaVfGRSvaLZnBFT2N78Vs4c782mlsCcWKOKyRvQ98AZ8CV&sig=Cg0ArKJSzM-3RYfILp_VEAE&id=lidar2&mcvt=1259&p=535,1050,785,1350&mtos=1259,1259,1259,1259,1259&tos=1259,0,0,0,0&v=20221005&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2885611068&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665152676826&rpt=1398&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 14:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ED51 13 KB
5 KB 38ms
38ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 14:03:20 GMT
expires: Sat, 07 Oct 2023 14:03:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 86F6 783 B
535 B 52ms
51ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0c87f48bb3415ce4310c3921ae4e04e2d0b639e010c854fb355052d4f41b64eb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-U5GWP2halTJ9IESvi3rG9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herald-dispatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-U5GWP2halTJ9IESvi3rG9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 14:24:39 GMT
expires: Fri, 07 Oct 2022 14:24:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame ED51 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 14:02:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 86F6 0
0 73ms
72ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221003&jk=843843567629664&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ED51 0
10 B 38ms
37ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2pKgRg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
74ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221003&jk=843843567629664&bg=!xMelx4PNAAYQgTJdMIE7ACkAdvg8Wja4IYSMqfd5BiUgLu8F0YDFY_lvuejBFMJl1KjOhVLsOq-x1gIAAABMUgAAAAJoAQeZAvaYJd_jd0MQhv-jwzXSM5kblv2p2qKjrJeWq5iYkLSiEgK7tSYC7yaqpoPmRArs3lYPtKUoJea66ixva-P_xrpBL6qK3GdRU4T0B1dd-7478soH_UEepA8YmqxJoBJCUTyEdlyX0xSdOvnzxlX_3Ou13v9LTSeevn35DpP4Ats3IiCkshNd7GNKbLQEhIlY5EO7L9H3DPtX-y3vL5FoOPQ5vX30oU_nVPLsZvQyGofccxTWCKRlm0PLlraFzWETwDxSPtvsZPfpMxsVhWSsnZGbtqqycPnBR3MqSR3WX4tlNp84glfhH6gnYWY3RAKR46vcREZeI59pd0jJtuiyxQ3ZckoOIh_ioe6Zzfd0UmKZFXmuV84Da5J4cHOh8JFg9zJ1LL5aPfdblphRipeJUPDhFom0keDUum4BFPoH-UNqVc2588b5CzkkFMWo1Yscs6dVBNpFZUs-A_MeQ97WPaS5dz1iqXNHVPJuKRe_a8KZB-CChMUwGXeL9k9l-C2-uCRn6d5zGtOk2xqbdUz7MUjtuwXbZJDOx7HSS1Q9l_hG1cGALPnM8K-yKSkZIejLqgryQz9WA17oTY_jZhv6U8a7t9g6kMq5Bge4dOY_HvK7hMyY7frPNsAxXHYwdlal8Pgm5uVsxry1MddxDoIIzhqGRmEhSXocZMVwALQYKwmHsHjmmE_4SnF1x9K-ubwm_ah-PFEoUwxuj7gFYrPY98bEwEfDFRbeGDctm9tutBbsQ2lZ68R-F88sepvvzBL0PrNIOkK6f4k2G9jqR275MK6mgjv_OX9_UniRh4F4TXh2NDhYy4_YJnFTQ2ZOpP6lyLv5jBU6e1xWAANL1bClmDG_kmyijm69h3z048gQ8PfWQpQszr1EE8BKBpSZYvPo97jXXg41vIzAd47J3reHzsG5nSPI5HtOI2t-vLIwn_UI-sYU_oSxejWXb0C8zeRtFVkSVJgO4NI-N8Cm7CGtLMWKJzGW7ZJDZIBqSVzMb7jxuy2LuVwp9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

OPTIONS
H2 204 trackings
analytics-prd.aws.wehaa.net/api/v1/ Frame 0
0 103ms
102ms Preflight 54.92.238.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.238.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-238-99.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cat,x-tenant
Access-Control-Request-Method: POST
Origin: https://wvcarfinder.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-cat,x-tenant
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 07 Oct 2022 14:24:43 GMT
vary: Origin, Access-Control-Request-Headers

OPTIONS
H2 204 trackings
analytics-prd.aws.wehaa.net/api/v1/ Frame 0
0 102ms
102ms Preflight 54.92.238.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.238.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-238-99.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cat,x-tenant
Access-Control-Request-Method: POST
Origin: https://wvcarfinder.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-cat,x-tenant
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 07 Oct 2022 14:24:43 GMT
vary: Origin, Access-Control-Request-Headers

POST
H2 200 trackings Show response
analytics-prd.aws.wehaa.net/api/v1/ Frame B88C 481 B
597 B 184ms
183ms XHR
application/json 54.92.238.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Requested by: Host: wvcarfinder.com
URL: https://wvcarfinder.com/event/barkerweb-607.js?cu=&group=iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.238.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-238-99.compute-1.amazonaws.com
Software: /
Resource Hash: 2661bd9f81f1cbfad6bfa78d9988404503df75b14ade81b0d552f5f1f4617cd0

Request headers

Referer: https://wvcarfinder.com/
accept-language: de-DE,de;q=0.9
x-cat: dealers
x-tenant: ua-125407218-27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 07 Oct 2022 14:24:43 GMT
content-length: 481
vary: Origin
content-type: application/json; charset=utf-8

POST
H2 200 trackings Show response
analytics-prd.aws.wehaa.net/api/v1/ Frame B88C 459 B
575 B 172ms
171ms XHR
application/json 54.92.238.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Requested by: Host: wvcarfinder.com
URL: https://wvcarfinder.com/event/barkerweb-607.js?cu=&group=iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.238.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-238-99.compute-1.amazonaws.com
Software: /
Resource Hash: 6260d214f69a2d7e84a23ddfb9c9f510a1dcd34dc440bc876fec4b2d3fb5b3e7

Request headers

Referer: https://wvcarfinder.com/
accept-language: de-DE,de;q=0.9
x-cat: dealers
x-tenant: ua-125407218-27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 07 Oct 2022 14:24:43 GMT
content-length: 459
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 img.8223863.jpg
cars-static.wehaacdn.com/autoevents-aws-wehaa-net/web/images/ Frame B88C 19 KB
19 KB 8ms
8ms Image
image/jpeg 108.138.17.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cars-static.wehaacdn.com/autoevents-aws-wehaa-net/web/images/img.8223863.jpg
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 599ca10e6383cbb88ef78198c3f06554e4311fab2c6c64ffd7aa574f28333faa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wvcarfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:38 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Wed, 19 Oct 2022 00:00:00 GMT", rule-id="keep-30-days"
last-modified: Sun, 18 Sep 2022 22:38:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 6
etag: "ec9c565a0a5bb4f438a9710a8d2b4948"
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 19434
x-amz-cf-id: FRd6MtauXlZUsa3nOQF6-VsRK-WhNTXCybp2-lpTkYP3udoBXLMKRQ==

GET
H2 200 img.5153544.jpg
cars-static.wehaacdn.com/autoevents-aws-wehaa-net/web/images/ Frame B88C 36 KB
36 KB 111ms
111ms Image
image/jpeg 108.138.17.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cars-static.wehaacdn.com/autoevents-aws-wehaa-net/web/images/img.5153544.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ec419b43bbf37da4a5260b7385b1fbbf1b34f8b8b9f9383bb00c8c0cd79030e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wvcarfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:44 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sun, 16 Oct 2022 00:00:00 GMT", rule-id="keep-30-days"
last-modified: Thu, 15 Sep 2022 02:47:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
etag: "941f416120ae7e2130689e7a1b4b9984"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
content-length: 36370
x-amz-cf-id: L76hO6aswgN3aQRh31cJynvCKED9HaYYWLm-QJdBp5mwq3i0jZjyEw==

GET
H2 200 6321349cae7ee.image.jpg
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/b/d5/bd5852ad-3cdd-5109-836c-4bf0fb207cfb/ 24 KB
24 KB 27ms
27ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/b/d5/bd5852ad-3cdd-5109-836c-4bf0fb207cfb/6321349cae7ee.image.jpg?resize=540%2C360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b00bd5655fae5811587a02c33312e8dae0b380ded00ee91bd399fa6eab87146

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:24:43 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 45961
cf-polished: qual=85, origFmt=jpeg, origSize=28650
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="6321349cae7ee.webp"
cf-bgj: imgq:85,h2pri
last-modified: Wed, 14 Sep 2022 01:55:41 GMT
server: cloudflare
x-vcache: MISS
etag: "c95090442473b5731716c691cb3671cc"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 75674d52a8ddbb71-FRA
expires: Sat, 07 Oct 2023 00:01:11 GMT

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
herald-dispatch.com/	1970-01-20 16:08:32	Name: TNNoMobile Value: 1
.herald-dispatch.com/	1970-01-20 16:01:20	Name: _cb Value: DVHjFfBURNXaEDIyU
.herald-dispatch.com/	1970-01-20 16:01:20	Name: _chartbeat2 Value: .1665152676044.1665152676044.1.BVmqJXBR4-MeCtjULCB0e9q_DRfl1V.1
.herald-dispatch.com/	1970-01-20 06:32:34	Name: _cb_svref Value: null
.linkedin.com/	1970-01-20 07:15:44	Name: UserMatchHistory Value: AQLXkiTDCxZYnQAAAYOy1XDsqGpm5hVe3jUqmAnHzpmDEgtQXWbcNwVkQsL0W9lTSqmLJbqj8lIclQ
.linkedin.com/	1970-01-20 07:15:44	Name: AnalyticsSyncHistory Value: AQKRuAoo1Sqf_gAAAYOy1XDtcA5nA9wZr24FEhf2swpcJOVKSE7_mm28flGvKVz7-iQ2o-oeeaYeP1ZaGYu7Qw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:18:08	Name: bcookie Value: "v=2&268aa48c-3665-4cdb-86d9-9704a3f953fc"
.linkedin.com/	1970-01-20 06:33:59	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2771:u=1:x=1:i=1665152676:t=1665239076:v=2:sig=AQGFR2-_md8BSuyHYGSsQMjx1sZeFpfs"
www.herald-dispatch.com/	1970-01-20 16:08:32	Name: _ga Value: GA1.1.718849610.1665152676
www.herald-dispatch.com/	1970-01-20 06:33:59	Name: _gid Value: GA1.1.1992365645.1665152676
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:18:08	Name: bscookie Value: "v=1&20221007142436d6629485-82f6-4e2a-840b-26d388cc7825AQHYJHF4iG6QBPjbEXRSaoekFIJ_Avrp"
.linkedin.com/	1970-01-20 10:51:44	Name: li_gc Value: MTswOzE2NjUxNTI2NzY7MjswMjG3frua0Y9PuwoTjI3cE235FwFJ2fOX10a9ugb68Snagg==
.herald-dispatch.com/	1970-01-20 06:32:36	Name: AMP_TOKEN Value: %24NOT_FOUND
.herald-dispatch.com/	1970-01-20 16:08:32	Name: _ga Value: GA1.2.718849610.1665152676
.herald-dispatch.com/	1970-01-20 06:33:59	Name: _gid Value: GA1.2.1992365645.1665152676
.herald-dispatch.com/	1970-01-20 06:32:32	Name: _dc_gtm_UA-54716522-7 Value: 1
.herald-dispatch.com/	1970-01-20 06:32:32	Name: _gat_UA-2621936-1 Value: 1
.herald-dispatch.com/	1970-01-20 15:54:08	Name: __gads Value: ID=439d7ec7f4595e81-220b32973dce004a:T=1665152676:S=ALNI_MZpbudNdbiRXGqH_XLd3eK1sOCaVA
.doubleclick.net/	1970-01-20 15:54:08	Name: IDE Value: AHWqTUl76Ym_4-pdjpPrK7AUke8Bb_i8oXPJvpqbQoOmdezLnRXHiazkmOhNHMRLavE
g.adspeed.net/	1970-01-20 07:15:44	Name: impuniraw Value: 889807-1665239077
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://www.herald-dispatch.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=166515267547316001200941036194751&tnms_dt=herald-dispatch.com&tnms_upage=1&tnms_do=www.herald-dispatch.com&tnms_uri=/&tnms_ref=&rt=1665152675481 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-dtb-cf.amazon-adsystem.com
abs-0.twimg.com
abs.twimg.com
adserver.paywallproject.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
analytics-prd.aws.wehaa.net
antifraudjs.friends2follow.com
apis.google.com
bcp.crwdcntrl.net
bloximages.newyork1.vip.townnews.com
c.amazon-adsystem.com
cars-static.wehaacdn.com
cdn.cityspark.com
cdn.connatix.com
cdn.id5-sync.com
cdn.segment.com
cdnjs.cloudflare.com
citysparkstorage.blob.core.windows.net
code.jquery.com
csp.azureedge.net
d987675077d43a6e15f515b94c56dc6f.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
friends2follow-us.s3.amazonaws.com
g.adspeed.net
googleads.g.doubleclick.net
herald-dispatch.com
heralddispatch.friends2follow.com
id5-sync.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
p.cityspark.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
ping.chartbeat.net
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
scontent-iad3-1.xx.fbcdn.net
securepubads.g.doubleclick.net
snap.licdn.com
static.chartbeat.com
stats.g.doubleclick.net
syndication.twitter.com
tags.crwdcntrl.net
tpc.googlesyndication.com
tracking.friends2follow.com
twemoji.maxcdn.com
wvcarfinder.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.herald-dispatch.com
www.heralddispatch.com
www.linkedin.com
104.16.133.24
104.244.42.200
104.244.43.131
108.138.17.105
108.138.4.150
13.107.42.14
13.32.105.95
141.95.98.64
141.95.98.68
151.101.66.137
18.66.115.169
18.66.97.9
192.104.183.109
20.60.81.107
2001:41d0:701:1000::2fb3
2001:4860:4802:36::178
2001:4de0:ac18::1:a:1b
23.111.9.57
2600:9000:223c:f400:18:1fcd:351:7bc1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:266a
2606:4700:3031::ac43:bced
2606:4700::6811:190e
2620:1ec:22::14
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:828::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c08::9b
2a02:26f0:1700:d::1737:6e8f
2a02:26f0:3500:16::215:149b
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.247.1.169
35.175.7.63
44.193.125.215
44.194.179.148
5.79.106.138
52.160.40.218
52.217.90.204
54.92.238.99
01b72c5a1f5ef80a22c8b1802b3496cda49796e77ae72125b9e5e9ecbd0eee44
055db483073be6887312fe46ebb4f63749e59bbb14096b98396cc8544240de62
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07ccde820c48efdd94875423fc7759017f8e8ab0c0a00e99436daaa7157fa68a
07da67d15d2b7557ebf6803f3cc6478fbd71de02bd67e433c1eac50c369d657a
08ed2a989efb360915032b1cc11f0e66209db59f4eb7d7907bc281a031ed2441
092bf264427d9dab1217b59d6d83919776d732bd6ab2f5c58da0b2fecc4aaec0
09ea4eb875bcb4f100c4a6eeff44ef3ab4ef7f6970560f42a4a3e69459e9e3f1
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0b646f6a0117000d7a12cb08668222c21cd3ae0194b31cb4a12a60547171e380
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0be265d6b4f56c3d40ec47e234043900942a76bc20dc72648c797bedfe7d4e61
0be45014aef8607a3529120ae6e8e58dc010ff02edfed411afe8d73395f9baf2
0c87f48bb3415ce4310c3921ae4e04e2d0b639e010c854fb355052d4f41b64eb
0ef39fb905169948ed56fd3413b5e74814755613c430281fd9197d747ddd86e8
10711b755c9a6641092bc38136dd7304c15eed5d68fe549fff987de7f677efed
10a7a0628a349694c1156941903e2b965e98f1056a4dfea35ec010d09259569b
11394b973a03416f8406ef9e56a68f33c9c2ddf5a48c84102ff82f0192fb02ab
118d1190b4f56760689165db9847f3435e14a8b6b5c69a24f2f3430a3538b41f
11cb8af2db77970e148ee8bc427e67d276e365343f1434dbc2efad1552e99811
127581adfaa72cfeebb31ba6b25479f8e6e6e6d26532c72a4c6f1689e2a8f5f6
13aebf2418a90a3a408fd528fcf45f90027657e5db7cd180312135b639da37c4
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
1ab0b6c27b1556041b306d4ecffd8675c1a08b38b5acec0a85ff75c2baeb8eeb
1d7387f3db398ba8c17df10332d3115130fe392079968a0ff728a0bd292d5ff3
1e260e89667ff4949eaaf84b8beff91ff1a1bb5cb56588adad7efabe9d59230d
1f7e0e0b3e4d94a9cc4e5e3c0859fa43e6c0cf585db9f2ac7bcd5c67a8435b6c
2194a07fbaeae561b641b07488f895154d98daf15b82dae39b5e2f95ba51da49
21f3a3443185b805a442e216eaba111cb6fe28409bafbe3354c61a1593f4d2a1
222155fa4a159adbe01edc14ea86baf893689aaa8255afe788ec00d2052b0595
222fa391f26a0b6f4b5d8459ada308e078e6d2e69707766e247692a6f45676c8
2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db
256cc0e51b7c20b9daa6af159131dc19984170cfc26af37807f52c90eccf1c7e
2661bd9f81f1cbfad6bfa78d9988404503df75b14ade81b0d552f5f1f4617cd0
281e4ecb4799d51d9d4516a16c38659e1f654375cd2c1feed64263986a9cbd09
28ed0e436b66326d203d34c131b22c2808c9b7eec6f97f0e9fda441d7b33b129
2a05a76b115be98ffd7cedc63647978ae0973a22e67ac802b0b5cb1fc1d63ca2
2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67
2c941fd5cd0422d20628c9f3f0c2a840a7104fe4be62c6f4a3803e97ca9c784d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e152c2b1dd70b469bc5260c71a464459cf70419f07bb470ecab3eba1132e2b1
2e5996c9d7e412cc74537086b0208baa1513eea21c576a8442832f621ec1e14f
2ec419b43bbf37da4a5260b7385b1fbbf1b34f8b8b9f9383bb00c8c0cd79030e
2ef6098b152764c985338092267e7207676c7040d8f12187c4a9b419f1d41e83
2f198451d4e8eedad66c3ca7ebe39b697b88afd26861cef5b2d2f6abdbcb78ca
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b
321fb426ca5f214a70f2faf9f9ded0e9332a1d134c0279983cb821d50c94b7f2
35344c8fadf8cc7e65b9adc5e6f8a6ebaa48548dc006d8066052775b3e209310
36e29eb6ae0d8dab54e3231426b3b0ce3cfe8264caea1c864576ff912bb94535
38cbad3f0760fd779e554bb11c9ba0811125c5409237405f99d94d087afcf16c
393d7b8e91be729c7f4ff5c33dd5722758fb1d302f537ef6b7887a168f9dbdba
39d6835ee4b7c5b33295b8e6ca78c56ce6fbcf44d80e79d218d528a2453fb185
3a150c237161cd43b61b31a2b1c10071a92d635e420f890ced97a3dedfc5cebc
3a2775487813a34df116db062e7c42e41c98d0cd1f275738cb5a5f805ba00e14
3c27f83815ee5e82d069d97beb8e40ce3add52e98311b54736ec1ecbf839a8fe
3c803f4059ef5f5cd2455693ccea17601a7e129024f40b9c5f99e7292d462667
3d8e54c7594e4f347e8456c46381271a318851df071db399c713d3caca37ee1b
3daf9de05d48dbbbb85059e72f970a2f11b49fe0622e2bf360b7a81106cc650c
3ebd026647714647aaa1e9ce958a12670dee2ff940ac4b334d2d718f780400bf
3fc515eef347b99412527b380764dcf7ec7b8071d9b68d3dcf27934145b7fa82
407a6c2e969ff85be6bef89b28282198fd0b41b0e153f6fc0b9da611dd240541
43cd78e70bd0e0bf65c44a14b98484d01f877b5f83304de76ecbeaac136a7173
440a6dd31311ef10c10763ebf4580c89c23529eb17d37dc88cf5f58ed10f535f
44f8e596972e9454fd88d1e0c1692c4638b90c8af2926496c26a2b0d9680a858
45696787669ed47169bd459dcbf90d68021538543addb14563c32239249ed6b9
45b166507f459f64a69f2cad241f10c23bab59d1d189f4cf2b317b90c3323e6d
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
46db277207e35c59c276d4484cc079b8fc80d3d0db00a32b7a2875cf7ef177ab
479789ebc7c7b79e6b0a3cd5769880403fedb19890b2c1a959cdd9a400f90db3
4b00bd5655fae5811587a02c33312e8dae0b380ded00ee91bd399fa6eab87146
4ba3590e83d4ea197a7aa2e905f25ab081f363477ab25aaf969907a424109224
4dd72e76d7bc762bb706f915decabd68b3b2933ef34d99a73a219b0665f83fd6
4e76decd6cc56457739ebe733a209e3178161cdddae4acc3a10d502485434139
4f05f8266ff9aca5933fb3f21379435e99b76e704c772c828e5e129b09ad119c
4f13862249864ba7c4f981ee7224a2e749aa4de0c65a3718135dde081c575d14
514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9
53640ec13a448733648c21fe9ef813b76785a87ae811309cf09da8ffeb37f284
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
550321e54f6fac36081e812b61f701ce49b349d66c37b5ec61875ee44bef6eb9
5577de24d7fb693dfeca6e42aa111949c3827e82005a1d9ed89d7a88907f3128
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5665f8390a5ed541cbfd66da58c3212dd18a200dc62a0bd6096e9d9cfd3da9c7
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
599ca10e6383cbb88ef78198c3f06554e4311fab2c6c64ffd7aa574f28333faa
5d3a6046c5bd7ed05c2d929511a0a1b74774f083062876f2bce9333f76c86500
5dd3bdfd1d23b20289a3068471824962dbed3b7f2a41cf671a616a47a20cfbe2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6260d214f69a2d7e84a23ddfb9c9f510a1dcd34dc440bc876fec4b2d3fb5b3e7
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6435a8a3ac4212dc8a787603bfd21b717cf0ff74ac929113819ba8392b1b04e8
644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6
648020d63cb5cdaf56ba54fcbc03fcab9edeaeba50c2fd630ef777fe715a6441
64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7
6531ce03f6b92e2a1134ef980fab0b93b3b910cd141625a77f8096759e600ddf
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
66f44ab59e0e9697da0257cacfe11d681ee522d918e6d7b385f965b65c89b4f8
671e486efa39a64402ec2938afa69a71193a1d14c5e6e7a9ef01ad8aa77da405
678d4ac4a14d788e91c631db4c545df5acc5197735f47a9a66d4008a445caede
69436320fb0c5066602b4dca53fdabdbb0b3a858eddc808b1f899d0f39639f90
69c8057039c53f1813b1505b4b7621a1927dfd99eb31e0ead011dd64214346bb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7f5405e44d0dea73703263cedfb13d81aa8dc977ce7e37c48e7317a4aebe40
6d5aeb863142a8ddac2ae6d950ad4995d72ecb88e8657e7d9c505459dc930ba7
6d5bfc9b31ba66a07163fedf9192da0282a1c13e550910a5c8b2957b657911df
6eea73ad51169099b27212976dc7467f9a3ecd99124b1bfa27312219547f519e
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
71667cd92eaf983e6b583c3295b21b538429e47c1afc524b585c6d3a2662b7bf
729bfb4c379646cb175d7c0f454ebe6c5876809cf8d380353c379a69cc55b505
742bf5df4748257a53fb9b64c862e0599ae2b4c3ea9bc2e227665de77f36a825
743c538563abf169a1e298a80e06cf976bb508c76d1a38969c5dceaef3348d7b
756da3fa643aa43adcf59a64ba55d5690dc9fdf4a49ce98ace8bc923e4a5e958
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
76347fa5a9acd1fcfce47b162ea30fc9e5f91d3a7092181a01c0695c71ebf66d
7650b0eb1e01c60b1467445a1964ae97d099c2dc6778f31472427f9e623c73f3
7810d7a6af36cef7a1b60ccf9f65305b300bd9e621375db8e963848929426e42
7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5
795a688d2b9a53441038a2c7a01ca9231230867506b942e5f725d669fc334889
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a0e0f51c7b9064dc77938cf562114bbf41fb9c189a5702d826bd83a2b4e13f3
7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c
7b09d740d2214a9ac8f6ae016291ce7ee88feb0adf10d788615032edae2a4929
7d2cdcfb9a06ae6226f06b3cb14c4a53fa0f94ec5048dfb469d6834f6fb4e124
7d998fb54196874a655aefd9dff360558af81c3f854b3f2af47660d990a5e3d5
7dff6b7dac08052ce77c747c6aa25b16d5466915f3d0c144b7b6ad9c517a8162
7e06297f17476bc38618e5256930aaef375660fa9f039ec74e1e48b64742ca1b
7e4b20212d98a2f01baec4f580070ed9fb9ce9504caf76767bf071e744ed5914
7ec68e1dd57de2a962facc4ec3cf59d12f8f90a57d4e326e2ddb0e3fc93bc7d9
7f93e8c9625c68c4ff7abbfc01514bd47fa3194608f0843f359a67a710980288
80534a6e1ec41d37acec8be383f8d1112dbbeea31dd51ead47463095c13bff3a
8056d05694350c1a3f041746d1551107d67d41af439157b1779ecdabbc8e7d35
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8591b8ad3524d04da7007f9a721870cb596c4ebda1e7727815a7b43fee3cf954
85c8b9e92856fa6ac6a44d2c4d49e00a2048b1155822be7d0343a2d793225cdb
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87098c7c585192c6162ddf685b1948217cb601795b90c6cc4f6d208b9c654f3f
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b28131114b387a9dcad032c16a679f43a5edb682912372ae818876039666809
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8c97b48c4c7e3a3a9c4bc73ebb6da8b2700e01aa0849fb8597b5929ef09363db
8ddc33e5425c89844fb73f03bb54dc984337a9cbd686d582b85745dd9afe973f
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
912a3be3161c6d40caa18eb8bf9bbcab40f1fce6c96e3123627f934a64ee8102
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
950fcf7d4ecc0eefbae4ec9125d65f771d5e795377603239b4a7d93ec94987be
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9f4f9da9bb4594f1885e129c64daf45143c90a381c759ceacd3dc9d522788c98
9f948964d21a572179f5c66287338ad0cbea0d9c96f19ef74703affd5add3a6d
a10a03b40f3c6d028b8f80b1a92ad36d048828b7738cdd1a904379861f4ef4df
a339a0ba473de39e1703b823b8f38481e9cb5ae87ce52d851f5ca28a8c1f3ceb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52d5098faa624a10ad792202311ce9b83e93ee1ed1bcb17c7edd61ea05b7294
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7da6af348249ecfba8404327ca37bae257aea1401e5563f4ea5bf7779824882
a7f1cbd06cc15a985912b51fc00385e901908c6dc85cc2622bab2430f366d847
a95eebd3e069c109f82214724fac3cbd9e0a09071fb20ccf270c2bbb2e57a93c
aa025e4f1f2dcce20eb01854d59b38f6bc0c388d07633623d089ef47ec91be52
ab3b99d91926220f54ff0e9b80a3c052b646fd969f5ee679cf49bf45ddcffbed
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adddf67e951bdd862698d47b291241fe2c63ab0831647afb27d20eb7cc0eaa29
b071a8b86088c7b4356afc6adf4c479b9043b17814cb7e21fc9fc3fac7b61dc1
b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b46b33c3e5937f84a5aa5fe2abdf71b117ad979b98e8e98d1cf56ecc09e4a8bf
b4eb58b8b86ff36cf7a218336e60171b2bba0c2a3285a47bdbf7a248f58dc9d5
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b7cc0f4e39d9f408a49d78af9ef8423e920134f0c2aafff5751360b47bd3239d
b82ecc5f1dc12f4c85872a04ae5530c376c11956fd0c150eb706de3a43e2d3c8
b8c03f0d6246966385c7e6c0bfc7e08677e200d80b6a0fd0d2e11d432dd74a40
b8d8f430447d8917f09bca2506e7f26ea5fe84eba119f3891fd63d7a1fbfc93f
b8d95dde9afb60ca105959320eca5e5fbba99d8b1324bdd44b0602a39757064e
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bb9a67c0bd8a184cc47b0a4acc667278e2f666c9b89d319dfd8d5f1931bf4375
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bda4e6d76f6b82b87f43755d551b36dd7cfb0d0117fb798435270e7c1127a87e
bfd126ac0ab625bcf5593a41432b04177248382666e755aeeaf5458a822bee72
c0c8cb9221366d28fcb6c25a0774f835e9aecfd31fb501f7a4fbb55db246fc22
c166dd0402b60f1b6287f3ddd0c3e124a57eaa47418d2c63c68f13aeadd697ca
c1b80b86e839505fd0918d24a8a29f699b59214a2f87a35ea281380fa3c14788
c49756a1eeed446d241669b83be916701ba9e95e38a8619f81ba0c943f283816
c514d348374995cb497c3c74dfe564beb6af0a288ab0a55a83019fc85d14dc29
c66013cda2311853afac3fb10ca1e7bec5f583d26cfd6eaf8a2a87a610072d05
c7fdd6273931c0d28ac4f408232d6e48505fda7190258adde037916a1ea43190
c8f46e981d4f0febbe91cb719df936cf7c37bf51dcbb6a0c56477e6fb1a7ac48
c96243483fe1107223c07f837885d057ec2b7515e349bd51523ab2ef6666bf43
c98f28b7089f709fc35e5f39e0f729a29c8b342b8addf5e9fbfdc5726fed14eb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc1c1e850ca179e3a8af3b32597ef430c778ecc25ee1ad81998e7d6cd0b13a62
cdb837c261b2b8d8df4b4ec5555bf11d94db7208b96d249037326c5bd87e4c1f
cdc46119f82b8cc0c4fa0ad51203da3154d0aee0e887aaf26a46988e5f359070
cdee5d1f278c710038004e10db6cab1179b7fa2a89cdebedea39c969ffe39e02
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0ed30851cf1f84b900e4f1fb2d9616c940ca29ea9779616a09b1270b65f0544
d11c568b3c68fa7093b315043674672e0400cb76973eab9162517b27c877713d
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2c2161d216b3f6f05411fb2ae1c43a501c51f1763c450326757baad4af344ca
d3b0dcb9037334071e7e418d2b3a130bb23b1564ccdca566436fdc40fb2aeb38
d447a9c01e75fa1dfe27c29dfae520fb0be73775ed6eda7a2d13bf1e175ed627
d457e683ab53d5ac997126f5211b5b1a28097fcd855bc6c45d20b51c867f69ca
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d86f6f1dcb959cf9f8bff351c3a90a50d97fb037664b48e7228cabdd70bf32cc
dd714a1cd28004a00a07853ff46c04b21e1912c766992670b3bee9bc55cf7f64
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de71fa7acfd31b2b19a4ee556a3772b9c6fe285606ba65830037a3e0670c3bd5
de982c092a4718616dc90f1c33836676cf98479a5208980eabbb5c0449f80c3d
dee64be60698d1a09706489941cb027965afec4a69c89884bb06cb8ef2493d10
df0d77bff49f6ce8fcedd36c2bac801d98c148546ba6faaaaa25302a7f862faf
dfde5485c4fc9e9acca625d86fbeb240c9bd3ab78a395721aae49aa97b091c93
e2015cd1d8c00dc3b6a1925c7e516916f87bc5220451ef6c84d2f777403f485b
e2226bb923563d3d7508085496671e90443211a38c8b82ff865bf74e35c245b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c21fcdec7e1b94d85c94aac21d969329a41494bc54594e139fdaafdba399ee
e3c2cae4b455b162046b69983dd9ef385a8b6ba93d88356153c74e16b271e890
e58fbe11ca244820ff2fd110f6f6b9dc63d1f7f74e1ba2c8be62a51b9116f602
e7079bd00295a43f5fcf94fc87d3a28e3656207c61672aa6154c2897f09f275b
e7376ac5d189aa6709ce824da6ab6a3c2c85bacb7cf8dafbf5c423de19c891e8
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ecc563475d38c049fd6df5530379c5a04027e71cb23c48918733584f1cd3a78b
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897
ef0b88b1d0143ce53bd317eb83b23a6b2f454af0d5c0cf2e355e629d252e394f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6077bddf0feb21daa84ecf83fa6dfa41c40f2a4ec5472d396c6f3bcfd97730
f2ead6518019c8006851cafa7890a6b17a2b3fad47cb7010deecdae69eaeebd2
f43581454cc4d007baf49f3103c8b754302a7ce5a097f1ef6648a7d1fab3d73e
f59129e6871b99bd502df0cc620a0c96e79c84c082b33beb4db5e3119ddd721d
f6cd4ac8d4ffaa5a4fd82befb072cca2943bb6e27a832cf68713cfce32c38f4b
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f870a62996e703f7e9ca99bcbdf5f18b9383f85be71dcb5cd7b4a979a9fceb8b
f8cef293d0a98fe45e2c252f26f1225799ed75c37e7746e99bdeaf6739ca4b9f
fb9b7a493299b8df900abcf0b279c9a3bd9eb19a36382306d0ed3ca96533d06f
fe8390d7cfd8396d63a8c81eb7b91e6d67b84b1ad3cc185ce6d4b5effe1feebd
ff5b4c5c3af5d16072ae13c7340df4b287600a90174c77e147041c0fac31ba44

www.herald-dispatch.com Open in urlscan Pro 192.104.183.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

301 Requests

99 %HTTPS

58 %IPv6

40 Domains

61 Subdomains

55 IPs

7 Countries

6441 kBTransfer

13939 kBSize

23 Cookies

66 Outgoing links

Page URL History

Redirected requests

301 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 24 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.herald-dispatch.com Open in urlscan Pro
192.104.183.109 Public Scan

Screenshot
Live screenshot

Full Image

301
Requests

99 %
HTTPS

58 %
IPv6

40
Domains

61
Subdomains

55
IPs

7
Countries

6441 kB
Transfer

13939 kB
Size

23
Cookies

301 HTTP transactions
24 data transactions