gilaherald.com Open in urlscan Pro
192.124.249.165 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Submission: On May 25 via api (May 25th 2024, 11:04:03 pm UTC) from DE — Scanned from DE

Summary HTTP 59 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 59 HTTP transactions. The main IP is 192.124.249.165, located in Homewood, United States and belongs to SUCURI-SEC, US. The main domain is gilaherald.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 9th 2023. Valid for: a year.

This is the only time gilaherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	192.124.249.165 192.124.249.165	30148 (SUCURI-SEC) (SUCURI-SEC)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
59	9

42 192.124.249.165 (Homewood, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10165.sucuri.net

gilaherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	gilaherald.com gilaherald.com	2 MB
5	gstatic.com fonts.gstatic.com	260 KB
4	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646	123 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103	241 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	146 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	6 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	253 B
59	7

	Domain	Requested by
42	gilaherald.com	gilaherald.com
5	fonts.gstatic.com	gilaherald.com fonts.googleapis.com
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	pagead2.googlesyndication.com	gilaherald.com pagead2.googlesyndication.com
2	www.googletagmanager.com	gilaherald.com
1	fonts.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
59	7

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
pinterest.com
www.linkedin.com
eac.edu
www.optimalhealthsystems.com
www.caldwellfuneralchapel.com
www.gilahealth.com
paloverdehealthservices.com
jd3fitness.com
wordpress.org
themezhut.com

Subject Issuer	Validity	Valid
gilaherald.com Go Daddy Secure Certificate Authority - G2	`2023-12-09` - `2024-12-09`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Frame ID: B1C3C544749F8D79731A5B42ECF00128
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VanScoyk brothers sentenced in Aston Homes PPP fraud - The Gila Herald

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

59
Requests

98 %
HTTPS

63 %
IPv6

7
Domains

7
Subdomains

9
IPs

2
Countries

2541 kB
Transfer

4468 kB
Size

3
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/LawOfficeOfRebeccaRJohnson/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fgilaherald.com%2Fvanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud%2F
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=VanScoyk%20brothers%20sentenced%20in%20Aston%20Homes%20PPP%20fraud&url=https%3A%2F%2Fgilaherald.com%2Fvanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud%2F
Title: Share

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fgilaherald.com%2Fvanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud%2F&media=https://gilaherald.com/wp-content/uploads/2019/04/Evo-A.-Deconcini-courthouse.jpg&description=VanScoyk%20brothers%20sentenced%20in%20Aston%20Homes%20PPP%20fraud
Title: Pin It

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fgilaherald.com%2Fvanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud%2F&title=VanScoyk%20brothers%20sentenced%20in%20Aston%20Homes%20PPP%20fraud
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=VanScoyk+brothers+sentenced+in+Aston+Homes+PPP+fraud&url=https%3A%2F%2Fgilaherald.com%2Fvanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud%2F&via=gilaheraldjon
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.facebook.com/share.php?u=https%3A%2F%2Fgilaherald.com%2Fvanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud%2F
Title: Share

Search URL Search Domain Scan URL

URL: https://eac.edu/

Search URL Search Domain Scan URL

URL: https://www.optimalhealthsystems.com/optimal-fruit-and-veggie-plus#code=OHSDOUG

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SaffordStone

Search URL Search Domain Scan URL

URL: https://www.caldwellfuneralchapel.com/

Search URL Search Domain Scan URL

URL: https://www.gilahealth.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Town.Pima

Search URL Search Domain Scan URL

URL: https://paloverdehealthservices.com/

Search URL Search Domain Scan URL

URL: https://jd3fitness.com/

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: https://themezhut.com/themes/hitmag-pro/
Title: ThemezHut

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/ 163 KB
44 KB 1391ms
1298ms Document
text/html 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

9d0368a3e000707e5773894dfdbadc2c83bc1ee27069859a8537d9809a64ccd4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-length: 44865
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Sat, 25 May 2024 23:03:56 GMT
link: <https://gilaherald.com/wp-json/>; rel="https://api.w.org/", <https://gilaherald.com/wp-json/wp/v2/posts/32226>; rel="alternate"; type="application/json", <https://gilaherald.com/?p=32226>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sucuri-cache: MISS
x-sucuri-id: 15015
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
gilaherald.com/wp-includes/css/dist/block-library/ 111 KB
14 KB 51ms
48ms Stylesheet
text/css 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:56 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 13902
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Apr 2024 19:33:14 GMT
server: nginx
etag: "9a0078-1bae5-615222d5a3337-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dashicons.min.css
gilaherald.com/wp-includes/css/ 58 KB
35 KB 52ms
49ms Stylesheet
text/css 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-includes/css/dashicons.min.css?ver=6.5.3

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:56 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 35109
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: nginx
etag: "9826d9-e688-5bca85cdbf580-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
gilaherald.com/wp-content/plugins/social-warfare/assets/css/ 96 KB
11 KB 80ms
77ms Stylesheet
text/css 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-content/plugins/social-warfare/assets/css/style.min.css?ver=4.4.6.3

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

6aa736f40eaad43214fcf3866fa8b56f002668d2da78b570a758241ee44c0046

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:56 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 10500
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Apr 2024 12:13:23 GMT
server: nginx
etag: "9c00cb-1806f-61594bb68937d-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.min.css
gilaherald.com/wp-content/themes/hitmag-pro/css/ 100 KB
22 KB 80ms
77ms Stylesheet
text/css 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-content/themes/hitmag-pro/css/all.min.css?ver=6.5.1

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

2c051374591f7c373d512e10ab5538d9fdd17efeb861d7756933ad5b73ccab9f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:56 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 21967
x-xss-protection: 1; mode=block
last-modified: Wed, 22 May 2024 17:55:40 GMT
server: nginx
etag: "9810af-190b5-6190ea4871638-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
gilaherald.com/wp-content/themes/hitmag-pro/ 82 KB
15 KB 80ms
77ms Stylesheet
text/css 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-content/themes/hitmag-pro/style.css?ver=1.4.4

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

1ec9452871829836b523832aa7bb082984eda0b8e64fc7ba7dcd66602daf2e58

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:56 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 14850
x-xss-protection: 1; mode=block
last-modified: Wed, 22 May 2024 17:55:40 GMT
server: nginx
etag: "9810aa-146b0-6190ea4871250-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 magnific-popup.css
gilaherald.com/wp-content/themes/hitmag-pro/css/ 7 KB
2 KB 80ms
77ms Stylesheet
text/css 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-content/themes/hitmag-pro/css/magnific-popup.css?ver=6.5.3

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:56 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 1660
x-xss-protection: 1; mode=block
last-modified: Wed, 22 May 2024 17:55:40 GMT
server: nginx
etag: "9810b9-1b27-6190ea4871e08-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 timeme.min.js Show response
gilaherald.com/wp-content/plugins/burst-statistics/helpers/timeme/ 6 KB
2 KB 60ms
54ms Script
text/javascript 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-content/plugins/burst-statistics/helpers/timeme/timeme.min.js?ver=1.6.1

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

683c9b0530c613523f1b02a246d7bccaa9f68af46df061f4d9f72c178c01b874

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 1835
x-xss-protection: 1; mode=block
last-modified: Fri, 03 May 2024 12:35:52 GMT
server: nginx
etag: "9a0f37-1930-6178bf5d06a66-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-polyfill-inert.min.js Show response
gilaherald.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 81ms
78ms Script
text/javascript 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:56 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 2323
x-xss-protection: 1; mode=block
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
server: nginx
etag: "a60eb5-1feb-5f287f2e2a640-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 regenerator-runtime.min.js Show response
gilaherald.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 81ms
78ms Script
text/javascript 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:56 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 2409
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 16:10:07 GMT
server: nginx
etag: "a60ea1-19e1-609a6522a56a5-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-polyfill.min.js Show response
gilaherald.com/wp-includes/js/dist/vendor/ 38 KB
14 KB 81ms
78ms Script
text/javascript 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:56 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 13522
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Apr 2024 19:33:14 GMT
server: nginx
etag: "a60eab-96be-615222d5afe57-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hooks.min.js Show response
gilaherald.com/wp-includes/js/dist/ 4 KB
2 KB 81ms
79ms Script
text/javascript 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:56 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 1461
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Apr 2024 19:33:14 GMT
server: nginx
etag: "a60eea-10d3-615222d5bc1a8-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 i18n.min.js Show response
gilaherald.com/wp-includes/js/dist/ 9 KB
4 KB 91ms
89ms Script
text/javascript 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:56 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 3540
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Apr 2024 19:33:14 GMT
server: nginx
etag: "a60ef3-23b5-615222d5b15c8-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 url.min.js Show response
gilaherald.com/wp-includes/js/dist/ 8 KB
4 KB 92ms
90ms Script
text/javascript 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-includes/js/dist/url.min.js?ver=421139b01f33e5b327d8

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

9f377fff78979a9512f6620a50a44f96b2c2f3841d7a6d17adcceb11f1aae4ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:56 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 3525
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Apr 2024 19:33:14 GMT
server: nginx
etag: "a60e9b-2018-615222d5b5c18-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api-fetch.min.js Show response
gilaherald.com/wp-includes/js/dist/ 5 KB
3 KB 92ms
90ms Script
text/javascript 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-includes/js/dist/api-fetch.min.js?ver=4c185334c5ec26e149cc

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

93781ad228a73792c7336b0e02a03e1a5dafa104d2e90c07bdc9cc2c8085ba76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:56 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 2203
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Apr 2024 19:33:14 GMT
server: nginx
etag: "a60ef5-1578-615222d5bd148-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 burst.min.js Show response
gilaherald.com/wp-content/plugins/burst-statistics/assets/js/build/ 7 KB
3 KB 61ms
55ms Script
text/javascript 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-content/plugins/burst-statistics/assets/js/build/burst.min.js?ver=1.6.1

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

e1f1864fbaf114547917639d073f4b3e1daadb8b2975cc240f303dfeedde8f76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 2760
x-xss-protection: 1; mode=block
last-modified: Fri, 03 May 2024 12:35:52 GMT
server: nginx
etag: "9812dd-1ab1-6178bf5d04b26-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
gilaherald.com/wp-includes/js/jquery/ 86 KB
29 KB 92ms
90ms Script
text/javascript 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:56 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 29769
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 16:10:08 GMT
server: nginx
etag: "a60fd8-15601-609a6522b4cbe-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
gilaherald.com/wp-includes/js/jquery/ 13 KB
5 KB 92ms
91ms Script
text/javascript 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:56 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 4685
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
etag: "a60fd0-3509-5fdabee5f2100-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
83 KB 248ms
59ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-PZX8D2F

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2d1345e1ab5e82f5113b8fc5360aec0227964373d0ca9cb292560c5add86870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84869
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 25 May 2024 23:03:57 GMT

GET
BLOB 200
OK 93f8cc5a-2e06-44f5-98e6-aec08a3a1127
https://gilaherald.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gilaherald.com/93f8cc5a-2e06-44f5-98e6-aec08a3a1127
Requested by: Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 221ms
53ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6649245897598120&host=ca-host-pub-2644536267352236

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c7f9ed77e452d3c71ed038403a52b72db3801fa1c205c227910c2a10ea16925b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/
Origin: https://gilaherald.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51593
x-xss-protection: 0
server: cafe
etag: 6489751791503801149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 25 May 2024 23:03:57 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 227ms
60ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6649245897598120

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

41ff64fe4fa67802407a38711ad48c475f79d10ceaae44287c30f955f252d2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/
Origin: https://gilaherald.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51561
x-xss-protection: 0
server: cafe
etag: 17335012616289387085
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 25 May 2024 23:03:57 GMT

GET
H2 200 cropped-Gila-Herald-Header.jpg
gilaherald.com/wp-content/uploads/2023/04/ 104 KB
105 KB 79ms
78ms Image
image/jpeg 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gilaherald.com/wp-content/uploads/2023/04/cropped-Gila-Herald-Header.jpg

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

8f94c5866920b623223052caaa72ef50002cd4884ea4eb2301421434d82f80bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:56 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 04 Apr 2023 16:58:50 GMT
server: nginx
etag: "13a1456-1a11b-5f88596ededa9"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
content-length: 106779
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Rebecca-Johnson-Law-Office-Ad.jpg
gilaherald.com/wp-content/uploads/2022/10/ 64 KB
64 KB 79ms
78ms Image
image/jpeg 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gilaherald.com/wp-content/uploads/2022/10/Rebecca-Johnson-Law-Office-Ad.jpg

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

094d4eabe8ea8aaa5b222806d2da0cf7771fba7aa66478b6dcb7b7e2092703a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:56 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 17:11:21 GMT
server: nginx
etag: "1b61f3c-ff93-5ec073aee6ce7"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
content-length: 65427
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Evo-A.-Deconcini-courthouse-735x400.jpg
gilaherald.com/wp-content/uploads/2019/04/ 68 KB
69 KB 756ms
755ms Image
image/jpeg 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gilaherald.com/wp-content/uploads/2019/04/Evo-A.-Deconcini-courthouse-735x400.jpg

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

c5489043bc78655f411a442c4ae372cef086732096f91d06d12eb2041c00b681

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 20 Apr 2019 18:56:14 GMT
server: nginx
etag: "94911d-11199-586faca16ef80"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
content-length: 70041
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ELT-0712_Summer-Class-2024_Digital-Ad_trad-age-336x560px-proof-1.jpg
gilaherald.com/wp-content/uploads/2024/04/ 59 KB
60 KB 53ms
45ms Image
image/jpeg 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gilaherald.com/wp-content/uploads/2024/04/ELT-0712_Summer-Class-2024_Digital-Ad_trad-age-336x560px-proof-1.jpg

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

edeb83286e0cb775b598badf7d91e8d555550b4393b785f7133aa0abed4ae03c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 17 Apr 2024 19:00:54 GMT
server: nginx
etag: "a62860-ed16-6164f795c4f8a"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
content-length: 60694
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 GilaHerald-OHS-Banner-Fruit-and-Veggie.jpg
gilaherald.com/wp-content/uploads/2021/04/ 80 KB
81 KB 276ms
269ms Image
image/jpeg 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gilaherald.com/wp-content/uploads/2021/04/GilaHerald-OHS-Banner-Fruit-and-Veggie.jpg

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

b44d87ce35eae891e22e958608cabab6dc27c6398cdd9707d3a45c6fcb5d57cc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 16:08:15 GMT
server: nginx
etag: "9e11f9-140a3-5bf3be7b619c0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
content-length: 82083
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Safford-stone_revised.gif
gilaherald.com/wp-content/uploads/2021/09/ 149 KB
149 KB 60ms
55ms Image
image/gif 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gilaherald.com/wp-content/uploads/2021/09/Safford-stone_revised.gif

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

774f3bcb8269d3b3c7e9588fb87b10dac655e27dc4ee39bfee433c3010879afb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 16 Sep 2021 17:03:15 GMT
server: nginx
etag: "a428fa-25201-5cc1fca619ac0"
x-frame-options: SAMEORIGIN
content-type: image/gif
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
content-length: 152065
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 McDougal-Caldwell.jpg
gilaherald.com/wp-content/uploads/2023/06/ 36 KB
36 KB 96ms
92ms Image
image/jpeg 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gilaherald.com/wp-content/uploads/2023/06/McDougal-Caldwell.jpg

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

86bfa971e877947b775d2f918a477a0a6bfbd6eaf58f676fb365c9aa7cabf52a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 16:25:55 GMT
server: nginx
etag: "c81bed-8f33-5fd13e4083ccc"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
content-length: 36659
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Pima-Fire-Training11-348x215.jpg
gilaherald.com/wp-content/uploads/2024/05/ 35 KB
35 KB 611ms
607ms Image
image/jpeg 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gilaherald.com/wp-content/uploads/2024/05/Pima-Fire-Training11-348x215.jpg

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

2f16920eca66247532665ef28d270dcd912c868b11ce32f0fece6ddce5511b3e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 25 May 2024 18:00:53 GMT
server: nginx
etag: "aa4c4e-8b2d-6194b10b77f56"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
content-length: 35629
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 EA-College-348x215.jpg
gilaherald.com/wp-content/uploads/2024/04/ 21 KB
21 KB 95ms
92ms Image
image/jpeg 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gilaherald.com/wp-content/uploads/2024/04/EA-College-348x215.jpg

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

db6b57ae73f27ef2a3d9e454b0a7e9d0c3f74f034f30478cab1026072d5d76ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 05 Apr 2024 01:31:21 GMT
server: nginx
etag: "a6226c-542e-6154f69cdf880"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
content-length: 21550
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script.min.js Show response
gilaherald.com/wp-content/plugins/social-warfare/assets/js/ 21 KB
6 KB 59ms
51ms Script
text/javascript 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-content/plugins/social-warfare/assets/js/script.min.js?ver=4.4.6.3

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

0d16fd6a34517f29f62a8248d8fd9fc57748cdeee291a9f26e221ad9224bfad7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 5607
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Apr 2024 12:13:23 GMT
server: nginx
etag: "9c00f2-550d-61594bb68a31d-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theme.min.js Show response
gilaherald.com/wp-content/themes/hitmag-pro/js/ 27 KB
9 KB 59ms
52ms Script
text/javascript 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-content/themes/hitmag-pro/js/theme.min.js?ver=1.4.4

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

abc9edca9a4e15bd1a1e3d2dc82b927d853539e9819c6ea39a90e425ea7634b9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 8821
x-xss-protection: 1; mode=block
last-modified: Wed, 22 May 2024 17:55:40 GMT
server: nginx
etag: "9a114b-6b84-6190ea487fcb1-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hitmag-front.js Show response
gilaherald.com/wp-content/themes/hitmag-pro/js/ 2 KB
958 B 60ms
53ms Script
text/javascript 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-content/themes/hitmag-pro/js/hitmag-front.js

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

512526d138fb64333963d1fed82328f8cb0193fb9cabdea3d1900c52e4a9fa23

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 583
x-xss-protection: 1; mode=block
last-modified: Wed, 22 May 2024 17:55:40 GMT
server: nginx
etag: "9a113d-6b7-6190ea487f0f9-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 174 KB
63 KB 331ms
145ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TWSZ7NZ

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6e743a0bcb5dd90ac7a548ea7fce16efffe29bea09db4e4998023eb86c6838c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64482
x-xss-protection: 0
last-modified: Sat, 25 May 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 25 May 2024 23:03:57 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
gilaherald.com/wp-content/fonts/lato/ 23 KB
23 KB 70ms
68ms Font
font/woff2 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-content/fonts/lato/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Origin: https://gilaherald.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 23039
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Aug 2023 15:55:34 GMT
server: nginx
etag: "8e028a-5a00-6030c536b1803-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4UaHrEJDsxBrF37olUeD96rp5w.woff2
gilaherald.com/wp-content/fonts/comic-neue/ 19 KB
19 KB 72ms
70ms Font
font/woff2 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-content/fonts/comic-neue/4UaHrEJDsxBrF37olUeD96rp5w.woff2

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

30032375de9172d3d74f03e435544f19b40f09dce208204ee9b9e92b29ef36b3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Origin: https://gilaherald.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 19137
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Apr 2023 17:14:20 GMT
server: nginx
etag: "8e09d5-4ac0-5f885ce66fb93-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-solid-900.woff2
gilaherald.com/wp-content/themes/hitmag-pro/fonts/ 153 KB
153 KB 73ms
71ms Font
font/woff2 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-content/themes/hitmag-pro/fonts/fa-solid-900.woff2

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/wp-content/themes/hitmag-pro/css/all.min.css?ver=6.5.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/wp-content/themes/hitmag-pro/css/all.min.css?ver=6.5.1
Origin: https://gilaherald.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 22 May 2024 17:55:40 GMT
server: nginx
content-encoding: br
etag: "9810cb-26350-6190ea4873190-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-brands-400.woff2
gilaherald.com/wp-content/themes/hitmag-pro/fonts/ 115 KB
115 KB 123ms
121ms Font
font/woff2 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-content/themes/hitmag-pro/fonts/fa-brands-400.woff2

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/wp-content/themes/hitmag-pro/css/all.min.css?ver=6.5.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/wp-content/themes/hitmag-pro/css/all.min.css?ver=6.5.1
Origin: https://gilaherald.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 117377
x-xss-protection: 1; mode=block
last-modified: Wed, 22 May 2024 17:55:40 GMT
server: nginx
etag: "9810c7-1ca7c-6190ea48729c0-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sw-icon-font.woff
gilaherald.com/wp-content/plugins/social-warfare/assets/fonts/ 8 KB
8 KB 170ms
169ms Font
font/woff 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-content/plugins/social-warfare/assets/fonts/sw-icon-font.woff?ver=4.4.6.3

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

dc510b264cc5b68ed3dd91056d54b022dac511df6f4f3c8051b5562aad7912ca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Origin: https://gilaherald.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 7696
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Apr 2024 12:13:23 GMT
server: nginx
etag: "9c00d1-1e58-61594bb689765-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 / Show response
gilaherald.com/wp-json/burst/v1/track/ 25 B
642 B 1312ms
1312ms Fetch
application/json 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-json/burst/v1/track/?token=kwoocla&_locale=user

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/wp-includes/js/dist/api-fetch.min.js?ver=4c185334c5ec26e149cc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

ff15e552ea42fdb9f26888e168f3a9c4a5738187eeec3d047d5dfbb9fec2a1aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, */*;q=0.1
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
X-WP-Nonce: e762a31e31
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:58 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
content-encoding: br
content-length: 29
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: SAMEORIGIN
allow: POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gilaherald.com
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
vary: Origin,Accept-Encoding
access-control-allow-credentials: true
x-sucuri-id: 15015
x-robots-tag: noindex
x-wp-nonce: e762a31e31
link: <https://gilaherald.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type

GET
H2 200 wp-emoji-release.min.js Show response
gilaherald.com/wp-includes/js/ 18 KB
5 KB 110ms
110ms Script
text/javascript 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 4667
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Apr 2024 19:33:14 GMT
server: nginx
etag: "a61070-4926-615222d5bd918-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 JD3NewAdproof1.gif
gilaherald.com/wp-content/uploads/2024/01/ 390 KB
390 KB 107ms
106ms Image
image/gif 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gilaherald.com/wp-content/uploads/2024/01/JD3NewAdproof1.gif

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

031b22d3bceb14ef78981a1d0de7ba7a18708c835d657c4fc07470cbb7082f84

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 15:57:22 GMT
server: nginx
etag: "a60029-6166b-60f3a6b3e3306"
x-frame-options: SAMEORIGIN
content-type: image/gif
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
content-length: 398955
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Gila-Health-Resources-AmbulanceAd.jpg
gilaherald.com/wp-content/uploads/2024/03/ 49 KB
50 KB 107ms
106ms Image
image/jpeg 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gilaherald.com/wp-content/uploads/2024/03/Gila-Health-Resources-AmbulanceAd.jpg

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

94df46dd07f333daac438bcc55a083d70d872cfd398c654eb5185f882734e761

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 05 Mar 2024 17:05:19 GMT
server: nginx
etag: "a60c9d-c530-612ecd8d670fc"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
content-length: 50480
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 PZ-SEAT_24.jpg
gilaherald.com/wp-content/uploads/2024/03/ 27 KB
27 KB 107ms
106ms Image
image/jpeg 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gilaherald.com/wp-content/uploads/2024/03/PZ-SEAT_24.jpg

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

63a58145771aee89c6885dd322dbc9c3724495f6b6c43553e90fa12644253b1b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 06 Mar 2024 06:12:49 GMT
server: nginx
etag: "a60cac-6c4c-612f7d92229bd"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
content-length: 27724
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 PaloVerde-Health-Services-Ad-1-1.png
gilaherald.com/wp-content/uploads/2023/11/ 117 KB
118 KB 107ms
106ms Image
image/png 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gilaherald.com/wp-content/uploads/2023/11/PaloVerde-Health-Services-Ad-1-1.png

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

b07ecdf2dc81ce1253b55a0a543a6cc86642500c7b95c06d5d67d3f9d29e43cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Nov 2023 05:13:27 GMT
server: nginx
etag: "c40def-1d4b2-60a29f69a8d45"
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
content-length: 119986
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/ 416 KB
141 KB 151ms
72ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6649245897598120&plah=gilaherald.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6649245897598120

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c842b608d7b45f08b70a4969dde265092927c8226048fb9e4ddeb8eea7c4faaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143912
x-xss-protection: 0
server: cafe
etag: 3899014122752410893
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 25 May 2024 23:03:57 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 137ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V0MM6NKQNM&gtm=45Pe45m0v895915750za200&_p=1716678237226&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=452412788.1716678238&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716678237&sct=1&seg=0&dl=https%3A%2F%2Fgilaherald.com%2Fvanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud%2F&dt=VanScoyk%20brothers%20sentenced%20in%20Aston%20Homes%20PPP%20fraud%20-%20The%20Gila%20Herald&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1956
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-PZX8D2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 25 May 2024 23:03:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gilaherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-6649245897598120 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 176ms
69ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6649245897598120?href=https%3A%2F%2Fgilaherald.com%2Fvanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6649245897598120&plah=gilaherald.com&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1afd4cd8d503e95ecca04c05a585e66e593d6c622c7b9b8d8d5a9eafd370061d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-nhShi7iLXmSmnkNM5i2koA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:58 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-nhShi7iLXmSmnkNM5i2koA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmLw15BiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEQt3--wDodiIW4Oe7dObmJTeBG30VFJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxMDUyNjPQOz-AIDAK_bNqE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVArs5l52DOWrbG__1AgNUvZFf-uK8o_jwAJTIeyciGzBQKHU05VBz4s-OrEgePcApLPaJdaYIDf5Jo1jWcWOFNi-WvOXw8oIrwgHBNNTd1i6_lDK9Eq-gwjd03CbEvlilQjJXGjQ== Show response
fundingchoicesmessages.google.com/f/ 402 KB
62 KB 99ms
97ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVArs5l52DOWrbG__1AgNUvZFf-uK8o_jwAJTIeyciGzBQKHU05VBz4s-OrEgePcApLPaJdaYIDf5Jo1jWcWOFNi-WvOXw8oIrwgHBNNTd1i6_lDK9Eq-gwjd03CbEvlilQjJXGjQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE2Njc4MjM4LDI3MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9naWxhaGVyYWxkLmNvbS92YW5zY295ay1icm90aGVycy1zZW50ZW5jZWQtaW4tYXN0b24taG9tZXMtcHBwLWZyYXVkLyIsbnVsbCxbWzgsIlljVVc3RnFoUThrIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFs5NTMyOTg0M10sbnVsbCw3XSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YcUW7FqhQ8k.es5.O/am=AgM/d=1/rs=AJlcJMyBMiD7kwPWWUT1cnOJEyBUMTFZww/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1342f437e1b14148574e30cb38e35764f5a4a6e13c30cdf8118f2470260d67ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MC8JZf-0Sik2d9yfWI3Tzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-MC8JZf-0Sik2d9yfWI3Tzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw05BiOHnrNtNFID7vdIfpOhAbaDxnsgBiia8vmTSAOOb5dNYUIHZKn8EaBMQ-9TNYY4C49eY51qlAnPTvPGsRELd_vsA6HYiFeDju3Tm5iU3gwqd7yxiVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAxMjYz1DMziCwwArRs8oA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 149ms
57ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YcUW7FqhQ8k.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMw3xjiMWmUVodLEbtvNHeRlRdU9gg/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b7dfb79b63e4202eaad4d930a87c85325776c5b800a672363283ad3dc73af1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 25 May 2024 23:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 25 May 2024 23:03:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 May 2024 23:03:58 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 213ms
41ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/
Origin: https://gilaherald.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 425585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 May 2025 00:50:53 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 251ms
97ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: gilaherald.com
URL: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/
Origin: https://gilaherald.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 10:44:53 GMT
x-content-type-options: nosniff
age: 44345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 May 2025 10:44:53 GMT

POST
H3 204 AGSKWxUgr4uBUEUfEI6SzG9iN5tBXfAyxlneRsE1zzldNWdJyJcFWpuCwWfjdpkU3gu-ilm6XvSyAdaNeHJ1ffKMUhyqTL6l0GT8EnPUzH-HcZD1INx0CdqjN9YJl_HEVZMCoaAwiYlUWA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 128ms
50ms XHR
text/html 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUgr4uBUEUfEI6SzG9iN5tBXfAyxlneRsE1zzldNWdJyJcFWpuCwWfjdpkU3gu-ilm6XvSyAdaNeHJ1ffKMUhyqTL6l0GT8EnPUzH-HcZD1INx0CdqjN9YJl_HEVZMCoaAwiYlUWA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3mzyuCsMY4XEvmy22xv2xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://gilaherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 25 May 2024 23:03:58 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3mzyuCsMY4XEvmy22xv2xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw05BicEqfwRoCxEI8HPfunNzEJnDh5N-dTEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDUyFjPwDy-wAAA_iIjeA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gilaherald.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUgr4uBUEUfEI6SzG9iN5tBXfAyxlneRsE1zzldNWdJyJcFWpuCwWfjdpkU3gu-ilm6XvSyAdaNeHJ1ffKMUhyqTL6l0GT8EnPUzH-HcZD1INx0CdqjN9YJl_HEVZMCoaAwiYlUWA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ktsYVN2kiT4mwAlw-10DeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://gilaherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 25 May 2024 23:03:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-ktsYVN2kiT4mwAlw-10DeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII0pBicEqfwRoCxEI8HPfunNzEJvDi4e8jTEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDUyFjPwDy-wAAAEC8jtQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gilaherald.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 30 KB
30 KB 166ms
133ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://gilaherald.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:44:08 GMT
x-content-type-options: nosniff
age: 245990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30480
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:44:08 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 181ms
149ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://gilaherald.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:52:13 GMT
x-content-type-options: nosniff
age: 245505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:52:13 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 152ms
121ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://gilaherald.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 22:30:33 GMT
x-content-type-options: nosniff
age: 88405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 May 2025 22:30:33 GMT

GET
H2 200 Gila-Valley-Arizona-Temple-and-sunsetweb-150x150.jpg
gilaherald.com/wp-content/uploads/2018/01/ 6 KB
6 KB 39ms
39ms Other
image/jpeg 192.124.249.165
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gilaherald.com/wp-content/uploads/2018/01/Gila-Valley-Arizona-Temple-and-sunsetweb-150x150.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.165 Homewood, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10165.sucuri.net

Software

nginx /

Resource Hash

8df485a16a8add9dcb485a639adcccf85c70f06211327a5f138cf20bc33065ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gilaherald.com/vanscoyk-brothers-sentenced-in-aston-homes-ppp-fraud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 23:03:58 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2018 17:44:56 GMT
server: nginx
etag: "940941-16b4-563751ad45600"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
accept-ranges: bytes
content-length: 5812
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gilaherald.com/	1970-01-20 21:34:30	Name: burst_uid Value: d20e04a1b9918a07092b59a0f6768b9a
.gilaherald.com/	1970-01-21 06:27:18	Name: _ga_V0MM6NKQNM Value: GS1.1.1716678237.1.0.1716678237.0.0.0
.gilaherald.com/	1970-01-21 06:27:18	Name: _ga Value: GA1.1.452412788.1716678238

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gilaherald.com
pagead2.googlesyndication.com
region1.google-analytics.com
www.googletagmanager.com
142.250.181.226
142.250.185.142
192.124.249.165
2001:4860:4802:34::36
2a00:1450:4001:800::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2003
031b22d3bceb14ef78981a1d0de7ba7a18708c835d657c4fc07470cbb7082f84
094d4eabe8ea8aaa5b222806d2da0cf7771fba7aa66478b6dcb7b7e2092703a2
0d16fd6a34517f29f62a8248d8fd9fc57748cdeee291a9f26e221ad9224bfad7
1342f437e1b14148574e30cb38e35764f5a4a6e13c30cdf8118f2470260d67ee
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
1afd4cd8d503e95ecca04c05a585e66e593d6c622c7b9b8d8d5a9eafd370061d
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1ec9452871829836b523832aa7bb082984eda0b8e64fc7ba7dcd66602daf2e58
2c051374591f7c373d512e10ab5538d9fdd17efeb861d7756933ad5b73ccab9f
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
2f16920eca66247532665ef28d270dcd912c868b11ce32f0fece6ddce5511b3e
30032375de9172d3d74f03e435544f19b40f09dce208204ee9b9e92b29ef36b3
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41ff64fe4fa67802407a38711ad48c475f79d10ceaae44287c30f955f252d2e4
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
512526d138fb64333963d1fed82328f8cb0193fb9cabdea3d1900c52e4a9fa23
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
63a58145771aee89c6885dd322dbc9c3724495f6b6c43553e90fa12644253b1b
683c9b0530c613523f1b02a246d7bccaa9f68af46df061f4d9f72c178c01b874
6aa736f40eaad43214fcf3866fa8b56f002668d2da78b570a758241ee44c0046
6b7dfb79b63e4202eaad4d930a87c85325776c5b800a672363283ad3dc73af1c
774f3bcb8269d3b3c7e9588fb87b10dac655e27dc4ee39bfee433c3010879afb
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
86bfa971e877947b775d2f918a477a0a6bfbd6eaf58f676fb365c9aa7cabf52a
8df485a16a8add9dcb485a639adcccf85c70f06211327a5f138cf20bc33065ab
8f94c5866920b623223052caaa72ef50002cd4884ea4eb2301421434d82f80bb
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93781ad228a73792c7336b0e02a03e1a5dafa104d2e90c07bdc9cc2c8085ba76
94df46dd07f333daac438bcc55a083d70d872cfd398c654eb5185f882734e761
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9d0368a3e000707e5773894dfdbadc2c83bc1ee27069859a8537d9809a64ccd4
9f377fff78979a9512f6620a50a44f96b2c2f3841d7a6d17adcceb11f1aae4ff
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a6e743a0bcb5dd90ac7a548ea7fce16efffe29bea09db4e4998023eb86c6838c
abc9edca9a4e15bd1a1e3d2dc82b927d853539e9819c6ea39a90e425ea7634b9
b07ecdf2dc81ce1253b55a0a543a6cc86642500c7b95c06d5d67d3f9d29e43cb
b44d87ce35eae891e22e958608cabab6dc27c6398cdd9707d3a45c6fcb5d57cc
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5489043bc78655f411a442c4ae372cef086732096f91d06d12eb2041c00b681
c7f9ed77e452d3c71ed038403a52b72db3801fa1c205c227910c2a10ea16925b
c842b608d7b45f08b70a4969dde265092927c8226048fb9e4ddeb8eea7c4faaa
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
db6b57ae73f27ef2a3d9e454b0a7e9d0c3f74f034f30478cab1026072d5d76ce
dc510b264cc5b68ed3dd91056d54b022dac511df6f4f3c8051b5562aad7912ca
e1f1864fbaf114547917639d073f4b3e1daadb8b2975cc240f303dfeedde8f76
e2d1345e1ab5e82f5113b8fc5360aec0227964373d0ca9cb292560c5add86870
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
edeb83286e0cb775b598badf7d91e8d555550b4393b785f7133aa0abed4ae03c
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
ff15e552ea42fdb9f26888e168f3a9c4a5738187eeec3d047d5dfbb9fec2a1aa

gilaherald.com Open in urlscan Pro 192.124.249.165 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

98 %HTTPS

63 %IPv6

7 Domains

7 Subdomains

9 IPs

2 Countries

2541 kBTransfer

4468 kBSize

3 Cookies

17 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gilaherald.com Open in urlscan Pro
192.124.249.165 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

98 %
HTTPS

63 %
IPv6

7
Domains

7
Subdomains

9
IPs

2
Countries

2541 kB
Transfer

4468 kB
Size

3
Cookies

59 HTTP transactions
0 data transactions