www.henryherald.com Open in urlscan Pro
192.104.183.109 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.henryherald.com/
Submission: On October 16 via api (October 16th 2024, 7:01:45 pm UTC) from CA — Scanned from CA

Summary HTTP 346 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 84 IPs in 6 countries across 78 domains to perform 346 HTTP transactions. The main IP is 192.104.183.109, located in United States and belongs to LEE-ASN, US. The main domain is www.henryherald.com.
TLS certificate: Issued by WR1 on September 4th 2024. Valid for: 3 months.

This is the only time www.henryherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	192.104.183.109 192.104.183.109	10668 (LEE-ASN) (LEE-ASN)
44	104.16.133.24 104.16.133.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.251.35.170 142.251.35.170	15169 (GOOGLE) (GOOGLE)
10	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
2	142.250.80.67 142.250.80.67	15169 (GOOGLE) (GOOGLE)
11	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
2	52.216.145.69 52.216.145.69	16509 (AMAZON-02) (AMAZON-02)
2	50.21.179.247 50.21.179.247	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
3	108.138.106.56 108.138.106.56	16509 (AMAZON-02) (AMAZON-02)
2	142.251.40.148 142.251.40.148	15169 (GOOGLE) (GOOGLE)
1	152.195.19.97 152.195.19.97	15133 (EDGECAST) (EDGECAST)
2	216.17.94.178 216.17.94.178	10242 (USINTERNET) (USINTERNET)
3	13.35.93.31 13.35.93.31	16509 (AMAZON-02) (AMAZON-02)
10	142.250.80.104 142.250.80.104	15169 (GOOGLE) (GOOGLE)
6	18.238.63.215 18.238.63.215	16509 (AMAZON-02) (AMAZON-02)
6	142.251.40.195 142.251.40.195	15169 (GOOGLE) (GOOGLE)
12	142.251.40.142 142.251.40.142	15169 (GOOGLE) (GOOGLE)
2	108.138.106.70 108.138.106.70	16509 (AMAZON-02) (AMAZON-02)
2	23.203.179.38 23.203.179.38	16625 (AKAMAI-AS) (AKAMAI-AS)
2	108.138.128.46 108.138.128.46	16509 (AMAZON-02) (AMAZON-02)
3	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.22.53.173 104.22.53.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.22.53.86 104.22.53.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
1	18.164.111.42 18.164.111.42	16509 (AMAZON-02) (AMAZON-02)
1	74.119.117.4 74.119.117.4	19750 (AS-CRITEO) (AS-CRITEO)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.232.0.61 3.232.0.61	14618 (AMAZON-AES) (AMAZON-AES)
3	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
5	13.226.38.199 13.226.38.199	16509 (AMAZON-02) (AMAZON-02)
2	216.239.36.181 216.239.36.181	15169 (GOOGLE) (GOOGLE)
1	142.250.31.155 142.250.31.155	15169 (GOOGLE) (GOOGLE)
1	142.250.64.98 142.250.64.98	15169 (GOOGLE) (GOOGLE)
1	142.250.65.227 142.250.65.227	15169 (GOOGLE) (GOOGLE)
1	141.95.33.120 141.95.33.120	16276 (OVH) (OVH)
5	142.251.32.110 142.251.32.110	15169 (GOOGLE) (GOOGLE)
14	104.22.4.69 104.22.4.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	172.67.23.234 172.67.23.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.81.90.104 35.81.90.104	16509 (AMAZON-02) (AMAZON-02)
1 15	52.42.22.207 52.42.22.207	16509 (AMAZON-02) (AMAZON-02)
2 2	68.67.161.182 68.67.161.182	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
1	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.194.240.13 69.194.240.13	26120 (RHYTHMONE) (RHYTHMONE)
3	216.239.32.3 216.239.32.3	15169 (GOOGLE) (GOOGLE)
1	74.119.117.17 74.119.117.17	19750 (AS-CRITEO) (AS-CRITEO)
1	192.104.183.209 192.104.183.209	10668 (LEE-ASN) (LEE-ASN)
1	151.101.65.55 151.101.65.55	54113 (FASTLY) (FASTLY)
3	18.238.80.124 18.238.80.124	16509 (AMAZON-02) (AMAZON-02)
1	104.26.3.103 104.26.3.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	18.233.80.206 18.233.80.206	14618 (AMAZON-AES) (AMAZON-AES)
2	104.18.43.90 104.18.43.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	18.164.124.94 18.164.124.94	16509 (AMAZON-02) (AMAZON-02)
1	18.238.80.114 18.238.80.114	16509 (AMAZON-02) (AMAZON-02)
2	142.251.40.202 142.251.40.202	15169 (GOOGLE) (GOOGLE)
4	108.139.48.9 108.139.48.9	16509 (AMAZON-02) (AMAZON-02)
1 1	74.214.194.131 74.214.194.131	19189 (PULSEPOINT) (PULSEPOINT)
2 2	3.222.126.88 3.222.126.88	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.166.70.59 35.166.70.59	16509 (AMAZON-02) (AMAZON-02)
1 1	172.240.155.116 172.240.155.116	7979 (SERVERS-COM) (SERVERS-COM)
1 1	69.166.1.67 69.166.1.67	27630 (AS-XFERNET) (AS-XFERNET)
1	51.222.39.187 51.222.39.187	16276 (OVH) (OVH)
2 4	98.82.157.231 98.82.157.231	14618 (AMAZON-AES) (AMAZON-AES)
4	18.173.132.82 18.173.132.82	16509 (AMAZON-02) (AMAZON-02)
8	142.250.176.193 142.250.176.193	15169 (GOOGLE) (GOOGLE)
1	130.211.10.17 130.211.10.17	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.45.193.13 23.45.193.13	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.65.170 142.250.65.170	15169 (GOOGLE) (GOOGLE)
1	34.120.58.62 34.120.58.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 5	142.250.65.193 142.250.65.193	15169 (GOOGLE) (GOOGLE)
1	142.250.65.206 142.250.65.206	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.72.110 142.250.72.110	15169 (GOOGLE) (GOOGLE)
7	3.209.42.86 3.209.42.86	14618 (AMAZON-AES) (AMAZON-AES)
1	54.158.203.65 54.158.203.65	14618 (AMAZON-AES) (AMAZON-AES)
1 5	108.139.47.33 108.139.47.33	16509 (AMAZON-02) (AMAZON-02)
1	104.18.166.97 104.18.166.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	18.238.55.120 18.238.55.120	16509 (AMAZON-02) (AMAZON-02)
1	142.250.80.54 142.250.80.54	15169 (GOOGLE) (GOOGLE)
3	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
1	23.55.235.217 23.55.235.217	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	207.65.37.179 207.65.37.179	() ()
1	104.18.36.155 104.18.36.155	() ()
1	51.81.244.170 51.81.244.170	() ()
346	84

9 192.104.183.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

www.henryherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.newyork1.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.35.170 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.67 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.145.69 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.21.179.247 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: cldsrv95.wehaaserver.com

gajobsource.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.106.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-56.jfk50.r.cloudfront.net

embed.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.148 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f20.1e100.net

japfg-trending-content.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.19.97 (San Jose, United States)

ASN15133 (EDGECAST, US)

cdn.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.17.94.178 (United States)

ASN10242 (USINTERNET, US)
PTR: 216.17.94.178.ip.usinternet.com

henrycounty.chambermaster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.93.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-31.jfk50.r.cloudfront.net

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.80.104 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.238.63.215 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-63-215.jfk52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.40.195 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.251.40.142 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.106.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-70.jfk50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.179.38 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-179-38.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.53.173 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.111.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-111-42.jfk50.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.193.51 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.232.0.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-0-61.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.226.38.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-38-199.ewr53.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.32.110 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.22.4.69 (None, )

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seg.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
proton.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.67.23.234 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.90.104 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-90-104.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.42.22.207 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-22-207.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.161.182 (Colonia, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.83 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.98 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.32.3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.17 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.104.183.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

www.mdjonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.55 (San Francisco, United States)

ASN54113 (FASTLY, US)

e.issuu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.238.80.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-124.jfk52.r.cloudfront.net

mp.mmvideocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.3.103 (None, )

ASN13335 (CLOUDFLARENET, US)

events3.bqstreamer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.233.80.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-80-206.compute-1.amazonaws.com

s2l.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.43.90 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.164.124.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-94.jfk50.r.cloudfront.net

cdnmedia.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.80.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-114.jfk52.r.cloudfront.net

mp.mmvideocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.202 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.139.48.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-48-9.jfk50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.131 (Amsterdam, Netherlands) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.222.126.88 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-126-88.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.166.70.59 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-70-59.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.155.116 (United States) 1 redirects

ASN7979 (SERVERS-COM, US)

sync.colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.67 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.187 (Canada)

ASN16276 (OVH, FR)
PTR: ip187.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 98.82.157.231 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-157-231.compute-1.amazonaws.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.173.132.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-82.jfk52.r.cloudfront.net

selector.voltaxam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.176.193 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f1.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.10.17 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.10.211.130.bc.googleusercontent.com

www.justapinch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.193.13 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-193-13.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.170 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.58.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.58.120.34.bc.googleusercontent.com

www.americanhometownmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.65.193 (Plainview, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.209.42.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-42-86.compute-1.amazonaws.com

yeet.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.158.203.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-203-65.compute-1.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.139.47.33 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-33.jfk50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.166.97 (None, )

ASN13335 (CLOUDFLARENET, US)

video.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

justapinch-com-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.238.55.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-120.jfk52.r.cloudfront.net

images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.54 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.34 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.55.235.217 (Newark, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-235-217.deploy.static.akamaitechnologies.com

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.37.179 (None, )

ASN- ()

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.155 (None, )

ASN- ()

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.81.244.170 (None, )

ASN- ()

pbs.nextmillmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	ad.gt 1 redirects id.hadron.ad.gt — Cisco Umbrella Rank: 1450 a.ad.gt — Cisco Umbrella Rank: 1552 p.ad.gt — Cisco Umbrella Rank: 1739 ids.ad.gt — Cisco Umbrella Rank: 1464 pixels.ad.gt Failed seg.ad.gt — Cisco Umbrella Rank: 1970 proton.ad.gt — Cisco Umbrella Rank: 8121	46 KB
44	townnews.com bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 18233	603 KB
19	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192 cm.g.doubleclick.net — Cisco Umbrella Rank: 283 pubads.g.doubleclick.net — Cisco Umbrella Rank: 441	272 KB
16	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 345 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 651 aax.amazon-adsystem.com — Cisco Umbrella Rank: 457 s.amazon-adsystem.com — Cisco Umbrella Rank: 352	95 KB
16	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 8650ff432ddd309d15a15e415a062d46.safeframe.googlesyndication.com Failed tpc.googlesyndication.com — Cisco Umbrella Rank: 163 ade.googlesyndication.com Failed	544 KB
15	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 8939 trends.revcontent.com — Cisco Umbrella Rank: 2636 Failed yeet.revcontent.com — Cisco Umbrella Rank: 9897 images.revcontent.com — Cisco Umbrella Rank: 10172	149 KB
15	sendtonews.com embed.sendtonews.com — Cisco Umbrella Rank: 12149 s2l.sendtonews.com — Cisco Umbrella Rank: 11920 cdnmedia.sendtonews.com — Cisco Umbrella Rank: 13244	2 MB
13	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 analytics.google.com — Cisco Umbrella Rank: 147	75 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	244 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	693 KB
9	henryherald.com www.henryherald.com	102 KB
8	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 47	128 KB
6	33across.com 1 redirects cdn-ima.33across.com — Cisco Umbrella Rank: 1183 lexicon.33across.com — Cisco Umbrella Rank: 1340	14 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 imasdk.googleapis.com — Cisco Umbrella Rank: 501	170 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 170	3 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	23 KB
5	segment.com cdn.segment.com — Cisco Umbrella Rank: 1794	40 KB
5	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 994 id5-sync.com — Cisco Umbrella Rank: 522	59 KB
4	voltaxam.com prediction.voltaxam.com Failed selector.voltaxam.com — Cisco Umbrella Rank: 16071	2 KB
4	mmvideocdn.com mp.mmvideocdn.com — Cisco Umbrella Rank: 10633	693 KB
4	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 867 ads.pubmatic.com — Cisco Umbrella Rank: 557 hbopenbid.pubmatic.com	68 KB
4	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1011 bcp.crwdcntrl.net — Cisco Umbrella Rank: 976	27 KB
3	youtube.com www.youtube.com — Cisco Umbrella Rank: 77	12 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 446	1 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 373	2 KB
2	doubleverify.com video.doubleverify.com — Cisco Umbrella Rank: 43242 cdn.doubleverify.com — Cisco Umbrella Rank: 526 vtrk.doubleverify.com Failed	65 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 243	1 KB
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 734	724 B
2	openx.net u.openx.net Failed justapinch-com-d.openx.net — Cisco Umbrella Rank: 68047 us-u.openx.net — Cisco Umbrella Rank: 516	596 B
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1693	144 KB
2	casalemedia.com ssum-sec.casalemedia.com — Cisco Umbrella Rank: 506 htlb.casalemedia.com	1 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 479 ib.adnxs.com — Cisco Umbrella Rank: 267 Failed	2 KB
2	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1601	23 KB
2	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1096	17 KB
2	chambermaster.com henrycounty.chambermaster.com	3 KB
2	appspot.com japfg-trending-content.appspot.com — Cisco Umbrella Rank: 37813	4 KB
2	gajobsource.com gajobsource.com	676 B
2	amazonaws.com s3.amazonaws.com	20 KB
1	nextmillmedia.com pbs.nextmillmedia.com	290 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 99	9 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	4 KB
1	americanhometownmedia.com www.americanhometownmedia.com — Cisco Umbrella Rank: 105019	103 KB
1	justapinch.com www.justapinch.com — Cisco Umbrella Rank: 59545	22 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 691	341 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 922	665 B
1	colossusssp.com 1 redirects sync.colossusssp.com — Cisco Umbrella Rank: 1632	675 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 541	852 B
1	bqstreamer.com events3.bqstreamer.com — Cisco Umbrella Rank: 10549	376 B
1	issuu.com e.issuu.com — Cisco Umbrella Rank: 40678
1	mdjonline.com www.mdjonline.com
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 461
1	1rx.io sync.1rx.io — Cisco Umbrella Rank: 503	99 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 486 prebid-server.rubiconproject.com Failed	1 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1324	177 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 917	291 B
1	google.ca www.google.ca — Cisco Umbrella Rank: 12143	63 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2648	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2261	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 776	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3694	4 KB
1	cityspark.com cdn.cityspark.com — Cisco Umbrella Rank: 28430 cdn-p.cityspark.com Failed	1 KB
0	brainlyads.com Failed report2.hb.brainlyads.com Failed
0	yieldmo.com Failed ads.yieldmo.com Failed
0	sharethrough.com Failed btlr.sharethrough.com Failed
0	3lift.com Failed tlx.3lift.com Failed
0	stickyadstv.com Failed ads.stickyadstv.com Failed
0	undertone.com Failed hb.undertone.com Failed
0	unrulymedia.com Failed targeting.unrulymedia.com Failed
0	lijit.com Failed ap.lijit.com Failed
0	windows.net Failed chambermaster.blob.core.windows.net Failed
0	2mdn.net Failed s0.2mdn.net Failed gcdn.2mdn.net Failed
0	turn.com Failed d.turn.com Failed
0	ccgateway.net Failed pb-rtd-minutemedia.ccgateway.net Failed pb-ing-minutemedia.ccgateway.net Failed
0	voltaxservices.io Failed factor-service.prod.voltaxservices.io Failed
0	smartadserver.com Failed sync.smartadserver.com Failed prg.smartadserver.com Failed
0	jsdelivr.net Failed cdn.jsdelivr.net Failed
0	legacy.com Failed www.legacy.com Failed
0	cloudfront.net Failed d3uvwl4wtkgzo1.cloudfront.net Failed
346	78

	Domain	Requested by
44	bloximages.newyork1.vip.townnews.com	www.henryherald.com
15	ids.ad.gt	1 redirects www.henryherald.com
11	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
11	pagead2.googlesyndication.com	www.henryherald.com pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
10	seg.ad.gt	p.ad.gt
10	p.ad.gt	a.ad.gt p.ad.gt
10	www.googletagmanager.com	www.henryherald.com www.googletagmanager.com p.ad.gt
10	securepubads.g.doubleclick.net	www.henryherald.com securepubads.g.doubleclick.net imasdk.googleapis.com pagead2.googlesyndication.com
9	www.henryherald.com	www.henryherald.com
8	lh3.googleusercontent.com	www.henryherald.com
7	cdnmedia.sendtonews.com	www.henryherald.com mp.mmvideocdn.com
6	yeet.revcontent.com	assets.revcontent.com
6	a.ad.gt	cdn.hadronid.net www.henryherald.com p.ad.gt
6	fonts.gstatic.com	fonts.googleapis.com
6	c.amazon-adsystem.com	www.henryherald.com c.amazon-adsystem.com mp.mmvideocdn.com
5	sb.scorecardresearch.com	1 redirects www.henryherald.com
5	tpc.googlesyndication.com	2 redirects securepubads.g.doubleclick.net www.henryherald.com
5	s2l.sendtonews.com	mp.mmvideocdn.com
5	www.google-analytics.com	www.googletagmanager.com p.ad.gt www.google-analytics.com
5	cdn.segment.com	www.henryherald.com cdn.segment.com
4	images.revcontent.com	www.henryherald.com
4	selector.voltaxam.com	mp.mmvideocdn.com
4	s.amazon-adsystem.com	2 redirects c.amazon-adsystem.com
4	aax.amazon-adsystem.com	c.amazon-adsystem.com
4	mp.mmvideocdn.com	embed.sendtonews.com mp.mmvideocdn.com
3	pubads.g.doubleclick.net	video.doubleverify.com www.henryherald.com
3	www.youtube.com	bloximages.newyork1.vip.townnews.com www.youtube.com
3	imasdk.googleapis.com	mp.mmvideocdn.com imasdk.googleapis.com
3	csi.gstatic.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	pixel.tapad.com	3 redirects
3	match.adsrvr.org	3 redirects
3	id5-sync.com	cdn.id5-sync.com www.henryherald.com
3	lexicon.33across.com	1 redirects www.henryherald.com cdn-ima.33across.com
3	cdn-ima.33across.com	www.henryherald.com securepubads.g.doubleclick.net
3	assets.revcontent.com	www.henryherald.com assets.revcontent.com
3	embed.sendtonews.com	www.henryherald.com mp.mmvideocdn.com
3	fonts.googleapis.com	www.henryherald.com mp.mmvideocdn.com
2	proton.ad.gt	p.ad.gt
2	trends.revcontent.com	assets.revcontent.com
2	dpm.demdex.net	2 redirects
2	ad.360yield.com	2 redirects
2	cdn.confiant-integrations.net	www.googletagmanager.com cdn.confiant-integrations.net
2	cm.g.doubleclick.net	1 redirects www.henryherald.com
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	id.hadron.ad.gt	cdn.hadronid.net
2	analytics.google.com	www.googletagmanager.com
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdn.id5-sync.com	www.henryherald.com securepubads.g.doubleclick.net
2	cdn.hadronid.net	www.henryherald.com
2	tags.crwdcntrl.net	www.henryherald.com securepubads.g.doubleclick.net
2	secure.cdn.fastclick.net	www.henryherald.com
2	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
2	henrycounty.chambermaster.com	www.henryherald.com henrycounty.chambermaster.com
2	japfg-trending-content.appspot.com	www.henryherald.com
2	gajobsource.com	www.henryherald.com gajobsource.com
2	s3.amazonaws.com	www.henryherald.com
2	www.gstatic.com	www.henryherald.com
1	pbs.nextmillmedia.com	mp.mmvideocdn.com
1	htlb.casalemedia.com	mp.mmvideocdn.com
1	hbopenbid.pubmatic.com	mp.mmvideocdn.com
1	us-u.openx.net	www.americanhometownmedia.com
1	cdn.doubleverify.com	video.doubleverify.com www.henryherald.com
1	i.ytimg.com	www.henryherald.com
1	justapinch-com-d.openx.net	www.americanhometownmedia.com
1	video.doubleverify.com	imasdk.googleapis.com
1	cdnjs.cloudflare.com	bloximages.newyork1.vip.townnews.com
1	www.americanhometownmedia.com	www.henryherald.com
1	ads.pubmatic.com	assets.revcontent.com
1	www.justapinch.com	www.henryherald.com
1	onetag-sys.com	www.henryherald.com
1	sync.go.sonobi.com	1 redirects
1	sync.colossusssp.com	1 redirects
1	bh.contextweb.com	1 redirects
1	events3.bqstreamer.com	mp.mmvideocdn.com
1	e.issuu.com	www.henryherald.com
1	www.mdjonline.com	www.henryherald.com
1	gum.criteo.com	static.criteo.net
1	sync.1rx.io	www.henryherald.com
1	ssum-sec.casalemedia.com	www.henryherald.com
1	token.rubiconproject.com	www.henryherald.com
1	api.segment.io	cdn.segment.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	www.google.ca	www.henryherald.com
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.cityspark.com	www.henryherald.com
0	ade.googlesyndication.com Failed
0	report2.hb.brainlyads.com Failed
0	ads.yieldmo.com Failed	mp.mmvideocdn.com
0	btlr.sharethrough.com Failed	mp.mmvideocdn.com
0	tlx.3lift.com Failed	mp.mmvideocdn.com
0	ads.stickyadstv.com Failed	mp.mmvideocdn.com
0	ib.adnxs.com Failed	mp.mmvideocdn.com
0	hb.undertone.com Failed	mp.mmvideocdn.com
0	prg.smartadserver.com Failed	mp.mmvideocdn.com
0	prebid-server.rubiconproject.com Failed	mp.mmvideocdn.com
0	targeting.unrulymedia.com Failed	mp.mmvideocdn.com
0	pb-ing-minutemedia.ccgateway.net Failed	mp.mmvideocdn.com
0	gcdn.2mdn.net Failed	www.henryherald.com
0	vtrk.doubleverify.com Failed	video.doubleverify.com
0	ap.lijit.com Failed	www.americanhometownmedia.com
0	8650ff432ddd309d15a15e415a062d46.safeframe.googlesyndication.com Failed	securepubads.g.doubleclick.net
0	chambermaster.blob.core.windows.net Failed	www.henryherald.com
0	pixels.ad.gt Failed	p.ad.gt
0	s0.2mdn.net Failed	imasdk.googleapis.com
0	cdn-p.cityspark.com Failed	cdn.cityspark.com
0	d.turn.com Failed	www.henryherald.com
0	u.openx.net Failed	www.henryherald.com
0	prediction.voltaxam.com Failed	mp.mmvideocdn.com
0	pb-rtd-minutemedia.ccgateway.net Failed	mp.mmvideocdn.com
0	factor-service.prod.voltaxservices.io Failed	mp.mmvideocdn.com
0	sync.smartadserver.com Failed	www.henryherald.com
0	cdn.jsdelivr.net Failed	securepubads.g.doubleclick.net
0	www.legacy.com Failed	www.henryherald.com
0	d3uvwl4wtkgzo1.cloudfront.net Failed	www.henryherald.com
346	121

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
www.facebook.com
twitter.com
www.youtube.com
instagram.com
www.news-daily.com
www.myjpa.com
www.georgiapublicnotices.com
classadz.vdata.com
www.georgiapublicnotice.com
www.tvinsider.com
gajobsource.com
www.justapinch.com
japfg-trending-content.appspot.com
www.henrycounty.com
smeagol.revcontent.com
www.gajobsource.com
www.greateratlantaautos.com
www.microsoft.com
www.google.com
www.mozilla.org
bloxcms.com
bloxdigital.com

Subject Issuer	Validity	Valid
henryherald.com WR1	`2024-09-04` - `2024-12-03`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1	`2024-03-12` - `2025-04-12`	a year	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-09-18` - `2025-09-16`	a year	crt.sh
gajobsource.com R10	`2024-09-13` - `2024-12-12`	3 months	crt.sh
sendtonews.com Amazon RSA 2048 M03	`2024-09-21` - `2025-10-20`	a year	crt.sh
*.appspot.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
sni0f49gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-23` - `2025-07-24`	a year	crt.sh
*.chambermaster.com Go Daddy Secure Certificate Authority - G2	`2024-08-23` - `2025-09-24`	a year	crt.sh
revcontent.com Amazon RSA 2048 M03	`2024-04-18` - `2025-05-17`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2024-08-07` - `2025-08-07`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-30`	a year	crt.sh
hadronid.net WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
id5-sync.com WE1	`2024-09-30` - `2024-12-29`	3 months	crt.sh
cdn.prod.uidapi.com E6	`2024-09-11` - `2024-12-10`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-21`	3 months	crt.sh
oa.openxcdn.net WR3	`2024-09-16` - `2024-12-15`	3 months	crt.sh
invstatic101.creativecdn.com WR3	`2024-10-15` - `2025-01-13`	3 months	crt.sh
*.id5-sync.com E5	`2024-09-01` - `2024-11-30`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M02	`2024-10-15` - `2025-11-14`	a year	crt.sh
*.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google.ca WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.eu-1-id5-sync.com R10	`2024-09-01` - `2024-11-30`	3 months	crt.sh
id.hadron.ad.gt WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
a.ad.gt WE1	`2024-10-05` - `2025-01-03`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
p.ad.gt WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
*.ad.gt Amazon RSA 2048 M02	`2024-03-10` - `2025-04-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
casalemedia.com E6	`2024-10-13` - `2025-01-11`	3 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2024-06-13` - `2025-07-14`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
mdjonline.com WR1	`2024-08-07` - `2024-11-05`	3 months	crt.sh
*.issuu.com GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-09-10` - `2025-10-12`	a year	crt.sh
mp.mmvideocdn.com Amazon RSA 2048 M02	`2024-03-27` - `2025-04-25`	a year	crt.sh
bqstreamer.com WE1	`2024-08-28` - `2024-11-26`	3 months	crt.sh
*.sendtonews.com Amazon RSA 2048 M02	`2024-03-18` - `2025-04-15`	a year	crt.sh
confiant-integrations.net WE1	`2024-09-09` - `2024-12-08`	3 months	crt.sh
cdnmedia.sendtonews.com Amazon RSA 2048 M02	`2024-07-01` - `2025-07-30`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
lexicon.33across.com WR3	`2024-09-06` - `2024-12-05`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2024-04-24` - `2025-04-17`	a year	crt.sh
*.voltaxam.com Amazon RSA 2048 M03	`2024-04-11` - `2025-05-10`	a year	crt.sh
*.googleusercontent.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
justapinch.com Go Daddy Secure Certificate Authority - G2	`2024-04-29` - `2025-05-31`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
seg.ad.gt WE1	`2024-09-05` - `2024-12-04`	3 months	crt.sh
www.americanhometownmedia.com Go Daddy Secure Certificate Authority - G2	`2024-05-13` - `2025-06-14`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
video.doubleverify.com WE1	`2024-10-01` - `2024-12-30`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
proton.ad.gt WE1	`2024-09-07` - `2024-12-06`	3 months	crt.sh
edgestatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-11` - `2025-03-14`	a year	crt.sh
*.nextmillmedia.com R11	`2024-10-08` - `2025-01-06`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://www.henryherald.com/
Frame ID: B4C64358627D3F422C1058C8B782A2E2
Requests: 290 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: B7EF487B9C45693A2C04795AA12D595E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-3129558407352269&output=html&adk=1812271804&adf=3025194257&abgtt=5&lmt=1729105268&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.henryherald.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729105279907&bpp=6&bdt=7710&idt=211&shv=r20241014&mjsv=m202410100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5561657985040&rume=1&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31087892%2C31087986%2C44795921%2C95341937%2C95344189%2C31061691%2C31061692&oid=2&pvsid=478677450668246&tmod=2000360189&uas=0&nvt=1&fsapi=1&fc=1920&brdim=220%2C220%2C220%2C220%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=552
Frame ID: 003646564FF9515F2B7BCBC0A657A9F3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 3D09E5B1362765D82DE7E2DA92EEC86F
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-4T2EB147B8&gacid=1023424955.1729105281&gtm=45je4ae0v887101457z8861227858za200zb861227858&dma=0&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685&z=1197646105
Frame ID: 7C7991123CAC3D59A8CFEB186E0D347F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.henryherald.com&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1
Frame ID: 8A27CA829D8BBB4B37788EE62D0295EF
Requests: 1 HTTP requests in this frame

Frame: https://gajobsource.com/places/widget/widget:1/type:300x250
Frame ID: 325392BF000D7DB39DFDBAEDF3F46926
Requests: 1 HTTP requests in this frame

Frame: https://www.mdjonline.com/tncms/block/1649425/
Frame ID: CDD7FA495BA4C5DA91247C1B0C2BB926
Requests: 1 HTTP requests in this frame

Frame: https://e.issuu.com/embed.html?d=comlv_&u=cobblifemagazine
Frame ID: 1C10E4D20A79691327A5DCEC40C345F7
Requests: 1 HTTP requests in this frame

Frame: https://mp.mmvideocdn.com/mini-player/scripts/voltax_mp_bridge.html
Frame ID: 42868815B6C1C629A6C091D434A33211
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 5EF1B53384E314F30576249BB14BC7D7
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_n-adMediaV1_rx_n-acuityads_n-Beeswax_smrt_cnv_n-smaato_n-adman-v2_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Frame ID: B48D2D83FC1BD02F0DAF21AACDA211E3
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.673.0_en.html
Frame ID: DFC246D9199263ECD3D7C687D9CDDFAF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4F38E4E8B081AA516DA69D834DB75C4E
Requests: 1 HTTP requests in this frame

Frame: https://8650ff432ddd309d15a15e415a062d46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 38C1FB89DDDEB3AB1370099CEDF76EE3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-minuteMedia_n-adMediaV1_n-Azerion_n-acuityads_n-MediaNet_n-Beeswax_smrt_cnv_n-smaato_n-adman-v2_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise&dcc=t
Frame ID: 899AE379E7493D94B7AB5B5E444B5CC8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssviFfen7bbbtxNdqI6cyz_f-fRA3Koso-v0OgH16p8nw32QGDxls6z7D9kyWuOZaBYOiC24SUPtM6ER9nm2_0_2UuX-703V75WndkLLNlLkcNjGGR34aKKOgB3vfSL2T_pQm3zVWejGTGrL8RLN1mc5roClu5J5oSFtIqbooTQtnNiYoZPv_KxKPpwB4tY1RxGQPtLXo0IQjAURimjvjcxlBpLxz33xEchMUK_4UdBJ3sA0rUkV8ZvYIKk56CCpNhsza0lkvIHJT8QCGWIOOdILsof4tXT_-bx8OiCfPuxwQ1ELbk2-xF9WjvvHPvBPjFiELLSPpwcIv7hZxDhYco-NLGs-juAvlP7wKleXYz7qpApx1yeCRD3GtySzVdlTW2EYFZYsdAJHvioAbk2C4ft0ADiHfYrjerImM9PUV8&sai=AMfl-YQAjgBKxfYMvqjnh1FQaLeJz3Uq7g7K3IipwQOfceSVEY6g25vI-AuQ2gcITW9XFJ1XuduJ8mpSB-PWw4f9y2vgOgOAX6tb8z2-3vpvU3TwLH_tiAG4uz2Dc54&sig=Cg0ArKJSzGhT5xe6HXpzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: F9FB595138103C1FD87AB504C0DE3957
Requests: 8 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Oa0VkxUIAPQ?enablejsapi=1&autoplay=1&loop=1&playlist=Oa0VkxUIAPQ&modestbranding=1&controls=1
Frame ID: 67D8450E8711BE604BDC264DF6E20D65
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 4A23513AD23F786329C76AAAE617696A
Requests: 7 HTTP requests in this frame

Frame: https://8650ff432ddd309d15a15e415a062d46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1CD9D013EB1CC68CA5A203E46A3F2213
Requests: 1 HTTP requests in this frame

Frame: https://8650ff432ddd309d15a15e415a062d46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E2B3234DBBC4ACC5E14E7AE262F764B2
Requests: 1 HTTP requests in this frame

Frame: https://proton.ad.gt/join-ad-interest-groups.html
Frame ID: 5A2ABD1159D8B0138569A27F248CAB9E
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Frame ID: F93BEBC2BB67C5FEAB16A491012E4364
Requests: 1 HTTP requests in this frame

Frame: https://proton.ad.gt/join-ad-interest-groups.html
Frame ID: 79EA500C08B5708613DE57743A812158
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements6813.js
Frame ID: DA91989B70D9E3B8DAC40DBA9036E07A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

henryherald.com

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

346
Requests

83 %
HTTPS

0 %
IPv6

78
Domains

121
Subdomains

84
IPs

6
Countries

6381 kB
Transfer

15459 kB
Size

119
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsskRKSUQHv96fcKVxn_q_0w5zG-JZVbNB654VcfAQykYYohJ9mSbERV_Bjf-xQnOWZvMg21p1U4bhh5NGf_LIuxpspIZxSuMvhK9kxsoQSvxjDLhQ67L67BT77PSZJ_aZzabP1y-4sLQ-RBKjpp57vd7kAb3vukvPwHNlsGJEVtZlKH0FOuTR-Fym-Sad83jXfQ1hjc4c1xlpuaKEvFNEphlw7jQ1kvS-PlYSTcIXLsl2RQ9NsP2dLvqeAxZSh6u9_oaIttKyoIdhtJnaUXZ1xe4KQUDk50yqz9k4b8UoY0Xp2TZqKYQRRx7i9_UJDTf36EqOrL1q6De5jjsYAEYMbsF_wdk9wjTL5o-zyLEkB0kRXbZzDb-K7tGnByx9LCpTmRZNHSMbEh&sai=AMfl-YQoqxxTVpTFrEoTDhvZJAjqDszVXODQyuyJ0_b-948gKRSegUa0trhsX6C46648g-j23rolol6bpppFpxMkBb-yxdAnSKPf-OxyiuI3D25DxTWZINS9UdzBvAg&sig=Cg0ArKJSzI9pfVdt2rz7EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https%3A%2F%2Fwww.scandrett4sheriff.com%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thehenryherald
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/thehenryherald
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCvEupwm9DrZ_S0qABdI6c4Q
Title: YouTube

Search URL Search Domain Scan URL

URL: https://instagram.com/thehenryherald
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.news-daily.com/
Title: Clayton News

Search URL Search Domain Scan URL

URL: http://www.myjpa.com/
Title: Jackson News

Search URL Search Domain Scan URL

URL: http://www.news-daily.com/sports/
Title: Clayton Sports

Search URL Search Domain Scan URL

URL: https://www.georgiapublicnotices.com/
Title: Legal Notices

Search URL Search Domain Scan URL

URL: https://classadz.vdata.com/MariettaTimesJournal/Advertising/Advertiser
Title: Place ad

Search URL Search Domain Scan URL

URL: https://www.georgiapublicnotice.com/
Title: Legal Notices

Search URL Search Domain Scan URL

URL: https://www.tvinsider.com/
Title: TV Insider

Search URL Search Domain Scan URL

URL: https://gajobsource.com/

Search URL Search Domain Scan URL

URL: https://www.justapinch.com/recipes/side/vegetable/brown-sugar-cinnamon-butternut-squash.html?utm_source=Southern+Community+Newspaper+%28TRX%29&utm_medium=curatorcrowd&utm_campaign=RTDX&utm_content=https%3A%2F%2Fwww.henryherald.com%2F

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10238&p=/recipes/main-course/turkey/grannas-cornbread-dressing.html&s=10000&do=www.henryherald.com
Title: Carly B.Lubbock, TX

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10238&p=/recipes/dessert/cake/oatmeal-cake-12.html&s=10000&do=www.henryherald.com
Title: Jolayne C.Americus, GA

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10238&p=/recipes/side/potatoes/best-oven-baked-fries-and-potato-wedges-2.html&s=10000&do=www.henryherald.com
Title: BonniE !.Cottonwood, CA

Search URL Search Domain Scan URL

URL: https://www.henrycounty.com/

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/3NwXVBtPsDhK4tUyiJZnWKbleV72TjGJkfLvntqDAxujTRgWD8eqNqKZ5fchU_od4tnXjrM9iE-x95XWbjfS8JfiEGITzODf_8p2Ws0aZCDeMFeel4BjMUZEx-9vUDJtdA0y3pXidO7PLdDKRTmPb_bsP4qMiR1H4JGBLwTbUKjUeftSwoIruYKqeClFMvDSToZiZGJpcAJwQUPIQLXfBqZVIq5Kvl5EQTBgIm1VlPJZxBosZoVWg5OfG02fBXee1-reU72UfBoILptTjIilpnaZ58o7wO-aL-E5jUejqPJeBrlhrLFljZK2qWso2qClO57LAaRrokXQgIclxIJAB29u5EOIrF9pEPJs794-ydyJJDatRiTGUG9MdvTbqAe0-JiCbIFZxqidd5rdESguLunw8gQ7J9eZkUatu4AThZbzoexonqEtHIH-IHaa_WCxfEa-bFAI0tl74AfIC5ebV7wBcg-34X_HweWYlwbyVKw2pbyN85ssu6y-YS7P_s-AwGHS3aRSXnZ6h_Ionb_aUxjvA4kEjvG679ov_vrFPyQdjwahE16Ar1qufeKauzLut_OD-JtMZgI1naipv0kuHD4-uAzUmaBcvEIr6P1w_d7RL5tqSL0g6nZFxlD6D2z4R8Uu_vctBPpCTynLh7pqV-NosrekwXiitkurTxVZR7_O0Hfc0XahUntSrVgEXhesOaQUbmy8h6nfck8ldpH3_FMRZa1GC8BapHPKSoEOiH1hTcsE9zaiUJ4aB9yEbSKKlCSTSiDRtE1qYwbJ1wEeHzRLrNzW_waFNIivEMF0aGpg1mMlJ4KGBpRo8jP9VXdzLUaniRhrHR3CP5-48Av_DSmnHJZtRFmFbxJ_08MRZBzzV81Uwtt25G1x4aTRwtcXMoiAY5mLXIvIYfQCrIhyfqJ4vNwFdQ?p=GgFDMI-bwLgGOiRiZGViNzEzZS1jNDE1LTQyOWQtOWFmMi00ZTY5N2QxYWFiNzNCJGZlZTAxMDdlLWY5ZTItNDNmZS04Zjk1LTJiMzE0YmUzYjRiZEoLd2hpZS13YWxrZXJQ5pwJWPWREWIPaGVucnloZXJhbGQuY29tagdkZXNrdG9wkAEB2AGyjvABkQKF61G4HoXrP6oCDDE1NC40Ny4xNy40MeoCEQoIZ3JheV9pbXASBWZhbHNl6gISCgl0ZXN0X21vZGUSBWZhbHNl6gIXCg51cHNjYWxlZF9pbWFnZRIFZmFsc2U
Title: Ontario Baby Boomers Can Get Up To $100k in Life Insurance As Low As $9.66/mo*

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/3ZJu29J5FnwqoDj5payFj-SLNIcXYkzu7j0929bvcuxgnyn5EjhsjfvME37pRJcaEIKThYfXYUA5F_PqQ0U9EZ3hWwRkTUqpeV3h-EYBoTqFpOI1Obx_SJDSdlKIiwq43qumZqwhgNrPVK_49TXKpFIqUNz7FziiGL8A4OZslfd_7m_7YP4fP2B7m7UU6EABcU9ol2xPx53P_EokDl4p8Ou4TM0lJ6MwvsVP0SRXeE63wrf9gThPl6GAa78WfbSPHUJeqYkzmeE9ap4217e0AFl103S200p0Jv13ssr-gIfH14ke-FyCIMo7LNmlmXVvAdBYUd0smiNRXHMq2x7q7DjhO1hrk4cZ-iCtA7nE679w-yq9Wh9kfTHs3P2T9nTbFr6jt7iSZ-Z5xthLPcU21DTEAS1Rnvhhqi3qovKhvFA9W-xQFfNoDwfr_blH1U1n3LJTKvPzHWQUqVhkVbgOWYRClZ0KObuHxRSy3h1wNSEyBHrZt1_2OendYFK2MF9xdiR3iXpG5NPdLZdf7yKM0BWCnuigtSMPUuphyOI2AMdbKQ_6vao1yY4ukpcpWVxdaHiwBs1CJdI_yyALuZMyFPn9QmMKY0Y6bHNqoZEIj2AevhYJicU4p0MN0QQZcYldY8t_x8ZgVGTIvTLe6h52v4PQVjr7jY8VTvaAK3Dea9IXQSTUluOc5I69mj1ts-8FcMpCMu6pZWNyXucfvwKHP-Bnad-dOdQ?p=GgFDMI-bwLgGOiRiZGViNzEzZS1jNDE1LTQyOWQtOWFmMi00ZTY5N2QxYWFiNzNCJGZlZTAxMDdlLWY5ZTItNDNmZS04Zjk1LTJiMzE0YmUzYjRiZEoLd2hpZS13YWxrZXJQ5pwJWPWREWIPaGVucnloZXJhbGQuY29tagdkZXNrdG9wkAEC2AGyjvABkQKF61G4HoXrP6oCDDE1NC40Ny4xNy40MeoCEQoIZ3JheV9pbXASBWZhbHNl6gISCgl0ZXN0X21vZGUSBWZhbHNl6gIXCg51cHNjYWxlZF9pbWFnZRIFZmFsc2U
Title: What's The Best Way To Make A Second Income Per Month

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/cf5SS2BW1FxubOJ-AKfUtpkXE6uFaixSfq8EhXDMM5vhxjdh-JvUaUYSyLs-OiKld5XJzJUx2iYd6XS9Wc7acPQntmnwApuNNGV5360aEAacGHmtpZiYJaSx_OnOMlCxiBwl5wmof5OFbakMxnuFpUAyJCtkmbKKFfVxYPC24QW_bPX4Pud8lWHgGwdmzmX0cxAdpOVYIvLl-w0g7MHVZ08TaBfoxle4xR0jzWJNCU-xNGz4vXlb34wc_ZHGerSYNu3a4PrFTDABH3-9nycvRI6SneaZSnkir7iqv_MP-H_Cgcc2I3BTblqtbFemBBm0_q-bpf9nnYvT3F5xvBx1irWRjizu_JtGjhvajiDgTnLgOl8BKZyLDsZIpuKO3rN8G9Nrq9mxEjCh1G7m4t7c8FkkWVxEZMN92TCfSlx7NzimA3EN5l271-4jvT_hTMHndEmZhZ9NG5hDoaI7k7kMc2HnnSq_MH1VRS9djw7sRD255B-cciWLr6kVwLybuyLwS8p1Rzadzo_3-vH2e7Hw9IrscSwCxlm_Iryxy8UzNOGFnMnzroxBIgjeMgvsds2HdMBJvNJxK3P1vssh5_H8b8UoVS3T-dgAhgr4tR5uNaqsIQ6zo8gnVXnKXNvRCuvl81dwvJcF-uFaviEWuXzN02vJtYUgRHGrKVBmGJmj-8gPvyUj2GOmav72kW0DS8-6r76qiaegckU?p=GgFDMI-bwLgGOiRiZGViNzEzZS1jNDE1LTQyOWQtOWFmMi00ZTY5N2QxYWFiNzNCJGZlZTAxMDdlLWY5ZTItNDNmZS04Zjk1LTJiMzE0YmUzYjRiZEoLd2hpZS13YWxrZXJQ5pwJWPWREWIPaGVucnloZXJhbGQuY29tagdkZXNrdG9wkAED2AGyjvABkQKF61G4HoXrP6oCDDE1NC40Ny4xNy40MeoCEQoIZ3JheV9pbXASBWZhbHNl6gISCgl0ZXN0X21vZGUSBWZhbHNl6gIXCg51cHNjYWxlZF9pbWFnZRIFZmFsc2U
Title: Canadian Citizens 1964-1994 Should Be Aware of Their Earning Capacity

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/sM09_-praRi5bO201x0FVXjTRu8tFFdoFnaVSZGf88Z_T6uETo_QVjJ8afSqHH1_Rqos6GZyqD3XNSmUoZtoCIlcCHw6l5q6vXMbTjB2kwPGQjEN1HguAzBtplkwpKvfqMoN1jkCRpek83rVxvHbnEru5ovQNpIR5cW2_N8X6N8byS3ZqHVp2b0U4i57_oqBLmlVDgJFe0UGWTezY1ziRmRXWLJfoK1Pqrb89pKUK7pgnegG_3brKorPWAlxiU49QZGB6V9PQZzh0pmOKfkPvam254ehaqnfnZy6R0OF1M5kiMkhICLw6Ewc65STpElGnTGTD-Zf8E_bSLgV-l3zt2s-IyLCEU0jzu4SvNKpM193cVRh8o93pQWtGIJM57wVMU5YkrIYXsOuWPNL_Do28R6UqjIV04hfFGn-A5a7ICabww9YqeQLT26pacC9DXwFSFMZQKadUpCjwx2RVgDI0_62gnhxGUV49MG8y6HlQKAlLpJxkTCinov3Bcg6deNooHtvJO9KoJ4kAIt6WLvW8e1e4dsdGny1_elSdMH-nK6LvVI0OB3YKF1ULU-eprBAmqxdh8UH5f9cR_HSTFaGk0VyC6rKuZtk33FnBmOt89JLEZgJvzEIs1YmZc_dW2M?p=GgFDMI-bwLgGOiRiZGViNzEzZS1jNDE1LTQyOWQtOWFmMi00ZTY5N2QxYWFiNzNCJGZlZTAxMDdlLWY5ZTItNDNmZS04Zjk1LTJiMzE0YmUzYjRiZEoLd2hpZS13YWxrZXJQ5pwJWPWREWIPaGVucnloZXJhbGQuY29tagdkZXNrdG9wkAEE2AGyjvABkQKF61G4HoXrP6oCDDE1NC40Ny4xNy40MeoCEgoJdGVzdF9tb2RlEgVmYWxzZeoCFwoOdXBzY2FsZWRfaW1hZ2USBWZhbHNl6gIRCghncmF5X2ltcBIFZmFsc2U
Title: If You Do This at Night, the Pants Won’t Fit the Next Day

Search URL Search Domain Scan URL

URL: http://www.gajobsource.com/henry/
Title: Jobs

Search URL Search Domain Scan URL

URL: http://www.greateratlantaautos.com/
Title: Greater Atlanta Autos

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/edge
Title: Microsoft Edge

Search URL Search Domain Scan URL

URL: https://www.google.com/chrome/
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/
Title: Firefox

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://bloxdigital.com/
Title: BLOX Digital

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://lexicon.33across.com/v1/envelope?pid=0010b00002XdhehAAB&src=aps&ver=1.13.1&us_privacy=1--- HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0010b00002XdhehAAB&src=aps&ver=1.13.1&us_privacy=1---&b=1&tp=qrOUGlc7E0%2BQg4VcAgrVrAWSd6fyHvgce99ESizJP2U%3D

Request Chain 135

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&adnxs_id=$UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&adnxs_id=8539633969967250559&gdpr=0

Request Chain 136

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001729105284-ZO8LXXYM-6PWP&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001729105284-ZO8LXXYM-6PWP&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=2d3729d5-b806-4067-822d-2decd7d2b6d0&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP

Request Chain 137

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=FB66445C-C3F3-44ED-8C0A-4EBDD069BC32&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP

Request Chain 139

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9f4b967b-9b8a-4009-b171-1f34dcaedc2e%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001729105284-ZO8LXXYM-6PWP%252526tapad_id%25253D9f4b967b-9b8a-4009-b171-1f34dcaedc2e%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2d3729d5-b806-4067-822d-2decd7d2b6d0&ttd_puid=9f4b967b-9b8a-4009-b171-1f34dcaedc2e%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001729105284-ZO8LXXYM-6PWP%2526tapad_id%253D9f4b967b-9b8a-4009-b171-1f34dcaedc2e%2C HTTP 302
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&tapad_id=9f4b967b-9b8a-4009-b171-1f34dcaedc2e

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP HTTP 302
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&google_gid=CAESEBnfPwinZWwCWGcUB9z9K_0&google_cver=1&google_ula=450542624,0

Request Chain 141

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTEwNTI4NC1aTzhMWFhZTS02UFdQ

Request Chain 199

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP HTTP 302
https://ids.ad.gt/api/v1/ppnt_match?uid=EaEUmMnk2Wkt&ev=1&pid=562316&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP

Request Chain 202

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&impr_uid=cec14f94-bebb-4311-8644-c7c929151504

Request Chain 203

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001729105284-ZO8LXXYM-6PWP&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001729105284-ZO8LXXYM-6PWP&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP HTTP 302
https://ids.ad.gt/api/v1/adb_match?adb=44798942743196665340047150774923446324&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP

Request Chain 204

https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001729105284-ZO8LXXYM-6PWP&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP HTTP 302
https://ids.ad.gt/api/v1/colossus?cls_id=d81c5494-fcca-4936-a151-ff9a19b1ea8d&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP

Request Chain 205

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&uid=[UID]&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&uid=a4c8f263-ad69-4e9a-bb33-e6e4e276ac3a&gdpr=0

Request Chain 214

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_n-adMediaV1_rx_n-acuityads_n-Beeswax_smrt_cnv_n-smaato_n-adman-v2_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_n-adMediaV1_rx_n-acuityads_n-Beeswax_smrt_cnv_n-smaato_n-adman-v2_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&dcc=t

Request Chain 235

https://id5-sync.com/i/914/8.gif?o=api&id5id=ID5*wlJN_S5hDSQGdMeFqFIhyailOQZa-XDEV-Bc21ilPPrPIpiK5MqdxG49qqJdOO8G&gdpr_consent=undefined&gdpr=false HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=2d3729d5-b806-4067-822d-2decd7d2b6d0&ttl=%%TTL%% HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/914/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/914/2/6/3.gif?puid=8539633969967250559&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F914%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/914/108/5/4.gif?puid=9f4b967b-9b8a-4009-b171-1f34dcaedc2e&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F914%2F434%2F4%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
https://id5-sync.com/c/914/434/4/5.gif?puid=a4c8f263-ad69-4e9a-bb33-e6e4e276ac3a&gdpr=0&gdpr_consent=

Request Chain 259

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-minuteMedia_n-adMediaV1_n-Azerion_n-acuityads_n-MediaNet_n-Beeswax_smrt_cnv_n-smaato_n-adman-v2_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-minuteMedia_n-adMediaV1_n-Azerion_n-acuityads_n-MediaNet_n-Beeswax_smrt_cnv_n-smaato_n-adman-v2_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise&dcc=t

Request Chain 267

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgOCX1o7qQhABGAEyCFonFL5Le1nV HTTP 301
https://tpc.googlesyndication.com/simgad/5723088144446316408

Request Chain 268

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgOCX1qbDIRABGAEyCD79Tb4DWM35 HTTP 301
https://tpc.googlesyndication.com/simgad/8233330427528090527

Request Chain 276

https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1729105289202&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=15000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=2&ns_st_ad=1&ns_st_ci=3921185&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1729105293390&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=4188&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_an=1&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.henryherald.com%2F&c8=henryherald.com&c9= HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1729105289202&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=15000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=2&ns_st_ad=1&ns_st_ci=3921185&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1729105293390&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=4188&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_an=1&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.henryherald.com%2F&c8=henryherald.com&c9=

346 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.henryherald.com/ 411 KB
64 KB 3419ms
3239ms Document
text/html 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

be4d73d8f5bd72ddf86ff4bfa39757dc308a209432fdcbca401eaa28c7cac0a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
cache-control: public, max-age=60, s-maxage=30, must-revalidate, proxy-revalidate
content-encoding: gzip
content-length: 63607
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 16 Oct 2024 19:01:12 GMT
etag: W/aadfcb03a9e1e9f323f5e576d2280f27
last-modified: Wed, 16 Oct 2024 19:01:08 GMT
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.0758030105fdd3a70dff03f4da4530e2.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
vary: X-IPCountry, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.82.0; app13; 3.16s; 6.8M
x-ua-compatible: IE=edge
x-vcache: MISS
x-xrds-location: https://www.henryherald.com/tncms/xrds/
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
38 KB 7346ms
90ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"60e609f2-1882c"
age: 13411623
expires: Thu, 13 Mar 2025 15:33:59 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: application/x-javascript
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfcd992b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38456
server: cloudflare

GET
H2 200 user.js Show response
www.henryherald.com/shared-content/art/tncms/user/ 4 KB
2 KB 55ms
36ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.henryherald.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"6707d795-ee3"
age: 105
accept-ranges: bytes
content-length: 1658
date: Wed, 16 Oct 2024 18:59:26 GMT
last-modified: Thu, 10 Oct 2024 13:33:09 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
13 KB 7340ms
86ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5d726a23-9bd8"
age: 19949051
expires: Thu, 28 Nov 2024 07:10:24 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: application/x-javascript
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfcd98bb408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12719
server: cloudflare

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 33 KB
14 KB 7314ms
60ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66922-841f"
age: 13879501
expires: Thu, 13 Mar 2025 18:01:21 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:34 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfcd98db408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14189
server: cloudflare

GET
H2 200 tnt.ee95c0b6f1daceb31bf5ef84353968c6.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 11 KB
4 KB 7344ms
91ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66921-2d77"
age: 14623592
expires: Thu, 13 Mar 2025 18:01:21 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfcd993b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4260
server: cloudflare

GET
H2 200 application.0758030105fdd3a70dff03f4da4530e2.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 7315ms
63ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.0758030105fdd3a70dff03f4da4530e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f4049e8923ddb3b759697aebae3d69181b42fa677abba4d875f4a1ba7beff89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6707d183-1166"
age: 76785
expires: Wed, 15 Oct 2025 19:01:51 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: application/x-javascript
last-modified: Thu, 10 Oct 2024 13:07:15 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfcd990b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1636
server: cloudflare

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
1 KB 7337ms
86ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6564a921-9b8"
age: 19960946
expires: Thu, 28 Nov 2024 10:17:10 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: application/x-javascript
last-modified: Mon, 27 Nov 2023 14:35:13 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfcd98fb408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 910
server: cloudflare

GET
H2 200 bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
21 KB 7311ms
60ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66920-1ac2e"
age: 14623592
expires: Thu, 13 Mar 2025 16:44:41 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: text/css
last-modified: Wed, 21 Feb 2024 21:20:32 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfcd985b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21439
server: cloudflare

GET
H2 200 layout.4f2008879f13ddd758050a76c1e8672c.css
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 155 KB
34 KB 7315ms
65ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.4f2008879f13ddd758050a76c1e8672c.css

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

252904bb838e1fb52a44c23792b4f5395783fae0ce1e9fa1d02f307c7657d1b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f1b7c5-26de1"
age: 1291032
expires: Wed, 01 Oct 2025 19:01:27 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: text/css
last-modified: Mon, 23 Sep 2024 18:47:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfcd984b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34470
server: cloudflare

GET
H2 200 theme-basic.7fe92e6efd905ab9f8cd307568b298f3.css
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 41 KB
9 KB 7340ms
91ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.7fe92e6efd905ab9f8cd307568b298f3.css

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b8506928501a437418ca18498b5fcbd474b0c4bfc96b438bc9e09baa53adce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66be51f7-a358"
age: 4921055
expires: Wed, 20 Aug 2025 19:01:17 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: text/css
last-modified: Thu, 15 Aug 2024 19:07:35 GMT
vary: Accept-Encoding
x-vcache: HIT
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfcd988b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9533
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
2 KB 3516ms
99ms Stylesheet
text/css 142.251.35.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=PT+Serif:wght@400;700&display=swap

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.170 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f10.1e100.net

Software

ESF /

Resource Hash

87767252cdad9bc33f0b331cd2cee841459fdb852f523511d3d6e6b7d043aac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:01:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:15 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 16 Oct 2024 19:01:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 928 B
560 B 7306ms
62ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a69ce83f86f2e80772d4e867c6d46d9aac905c7554a9300222eefa80e34c24bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66925-3a0"
age: 8450624
expires: Thu, 13 Mar 2025 19:25:23 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: text/css
last-modified: Wed, 21 Feb 2024 21:20:37 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfcd983b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 448
server: cloudflare

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 7302ms
59ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66925-183e"
age: 14634499
expires: Thu, 13 Mar 2025 18:01:21 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: text/css
last-modified: Wed, 21 Feb 2024 21:20:37 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfcd986b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1979
server: cloudflare

GET
H2 200 flex-utility-text-promo.945a2efac4892ce469180c513f411107.css
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 531 B
409 B 7306ms
63ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

770dcaf045c045c66d6903b436c5b8c6f5d5a466fb3f17b3ba8f778f756b7621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"667d97d5-213"
age: 53405
expires: Thu, 03 Jul 2025 17:06:24 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: text/css
last-modified: Thu, 27 Jun 2024 16:48:21 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfcd98ab408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 263
server: cloudflare

GET
H2 200 tntslider.61e562ee97efb10698d15f5cee4962dc.css
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 5 KB
1 KB 7326ms
85ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/tntslider.61e562ee97efb10698d15f5cee4962dc.css

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3636b95d15f61f445c9454c7e75a8cd46c8d549a80d0595868280967bfc02d41

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66925-1411"
age: 329684
expires: Thu, 13 Mar 2025 16:55:34 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: text/css
last-modified: Wed, 21 Feb 2024 21:20:37 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfcd987b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1362
server: cloudflare

GET
H2 200 csrf.js Show response
www.henryherald.com/shared-content/art/tncms/api/ 940 B
763 B 43ms
40ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.henryherald.com/shared-content/art/tncms/api/csrf.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.henryherald.com
Referer: https://www.henryherald.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"6707d795-3ac"
age: 143
accept-ranges: bytes
content-length: 537
date: Wed, 16 Oct 2024 18:58:48 GMT
last-modified: Thu, 10 Oct 2024 13:33:09 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 access.3e0b8030b6000aa9a609.js Show response
www.henryherald.com/shared-content/art/tncms/api/ 71 KB
29 KB 44ms
41ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.henryherald.com/shared-content/art/tncms/api/access.3e0b8030b6000aa9a609.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.henryherald.com
Referer: https://www.henryherald.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"66e33faa-11c3d"
age: 285
accept-ranges: bytes
content-length: 29787
date: Wed, 16 Oct 2024 18:56:26 GMT
last-modified: Thu, 12 Sep 2024 19:23:22 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 108 KB
33 KB 156ms
70ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

8961f5c4bd305e75618ec23aebca6c4e4c3ad93ade20f6673a58172be4568d6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
etag: 823 / 20012 / m202410100101 / config-hash: 999708810307259352
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:01:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33834
x-xss-protection: 0
server: cafe

GET
H2 200 user-controls.578df3df79d812af55ab13bae47f9857.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 533 B
501 B 91ms
83ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

448e1a4179ffa476609ed1e8909867082486239c06fb2e277f7843e3269d427b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65f221da-215"
age: 14634498
expires: Mon, 31 Mar 2025 12:08:46 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Mar 2024 21:59:54 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfdca62b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 355
server: cloudflare

GET
H2 200 tntslider.41319cc6b0af996b88cedfe694fc2a78.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 23 KB
7 KB 84ms
77ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/tntslider.41319cc6b0af996b88cedfe694fc2a78.js

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3446800d89c735843e2da095bdff24d4f72821848ea065954f404df635b4b7c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66be51f4-5d5b"
age: 329683
expires: Wed, 20 Aug 2025 19:02:52 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: application/x-javascript
last-modified: Thu, 15 Aug 2024 19:07:32 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfdca63b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7183
server: cloudflare

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 85ms
77ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66921-dbe"
age: 13879501
expires: Thu, 13 Mar 2025 15:33:59 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfdca65b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1322
server: cloudflare

GET
H2 200 tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
2 KB 88ms
82ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66921-1baf"
age: 14634498
expires: Thu, 13 Mar 2025 16:44:44 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfdca67b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2388
server: cloudflare

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 95ms
41ms Script
text/javascript 142.250.80.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.67 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f3.1e100.net

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: gzip
age: 23629
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 12:27:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 12:27:30 GMT
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3945
x-xss-protection: 0
server: sffe

GET
H3 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
8 KB 97ms
43ms Script
text/javascript 142.250.80.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.67 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f3.1e100.net

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: gzip
age: 568510
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 05:06:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 05:06:09 GMT
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8653
x-xss-protection: 0
server: sffe

GET
H2 200 messaging662.js Show response
www.henryherald.com/shared-content/art/tncms/api/ 2 KB
1 KB 119ms
36ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.henryherald.com/shared-content/art/tncms/api/messaging662.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: fe9d3c399cfab2beae377ccb7ebd0e90cc65bd98aa0172e82e21e4cdb57ef597

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"6707d795-9ce"
age: 265
accept-ranges: bytes
content-length: 891
date: Wed, 16 Oct 2024 18:56:54 GMT
last-modified: Thu, 10 Oct 2024 13:33:09 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 207 B
328 B 7243ms
90ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6564a923-cf"
age: 19953073
expires: Thu, 28 Nov 2024 10:33:12 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: application/x-javascript
last-modified: Mon, 27 Nov 2023 14:35:15 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfcd991b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 176
server: cloudflare

GET
H2 200 tracking.js Show response
www.henryherald.com/shared-content/art/tncms/ 3 KB
1 KB 44ms
42ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.henryherald.com/shared-content/art/tncms/tracking.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"6707d795-a3a"
age: 85
accept-ranges: bytes
content-length: 1157
date: Wed, 16 Oct 2024 18:59:46 GMT
last-modified: Thu, 10 Oct 2024 13:33:09 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 fontawesome.48f6e778a25162f5c4a6977fb556155b.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 277 KB
115 KB 81ms
77ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.48f6e778a25162f5c4a6977fb556155b.js

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66e19e2e-45518"
age: 2502939
expires: Wed, 17 Sep 2025 19:01:32 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: application/x-javascript
last-modified: Wed, 11 Sep 2024 13:42:06 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfdca69b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 117608
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
51 KB 173ms
77ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

25d8156ac83ab2c9d4dc8c43c296272815f1e3a1defcabc8392c8f44246418a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
etag: 15848836156065187609
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:01:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52528
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK jquery.smartbanner.css
s3.amazonaws.com/v4.static.shoutem.com/popup_scripts/ 4 KB
4 KB 184ms
60ms Stylesheet
text/css 52.216.145.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/v4.static.shoutem.com/popup_scripts/jquery.smartbanner.css
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.145.69 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 73fedefec9a793510e7041b5e6275ba26c135ef44682c504bd2a0b940fbed0ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

ETag: "347384d39f5b6dbcedaf5d3711f27d6d"
x-amz-request-id: ZA1SK4H8DRGAW8T4
Accept-Ranges: bytes
Content-Length: 4105
Date: Wed, 16 Oct 2024 19:01:13 GMT
Last-Modified: Tue, 17 Sep 2019 15:35:22 GMT
Content-Type: text/css
Server: AmazonS3
x-amz-id-2: lyuSPre89zizi+Q51/mIojGI6nhZaPsfC3dQOexcHoneYXZDAUJCO1oSSFVWWB3HsIZH0EEgOdk=

GET 8a9003e0-58e0-4430-ad2d-f4cfb40e4f89.js
d3uvwl4wtkgzo1.cloudfront.net/ 0
0

GET
H2 200 tracker.js Show response
www.henryherald.com/shared-content/art/stats/common/ 9 KB
3 KB 44ms
42ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.henryherald.com/shared-content/art/stats/common/tracker.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"66f6f794-2200"
age: 143
accept-ranges: bytes
content-length: 3224
date: Wed, 16 Oct 2024 18:58:48 GMT
last-modified: Fri, 27 Sep 2024 18:21:08 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 acea4f66-00ae-11ee-bb03-07ff5a614590.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/ 6 KB
7 KB 50ms
44ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/acea4f66-00ae-11ee-bb03-07ff5a614590.jpg

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58fa2158df0d62fb6cd500195fc63b30e2ade951a0eb047571b516f6baf4a8b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "6478eaf8-2d9d"
age: 13406877
cf-cache-status: HIT
expires: Thu, 13 Mar 2025 15:33:59 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=11677
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/webp
content-disposition: inline; filename="acea4f66-00ae-11ee-bb03-07ff5a614590.webp"
vary: Accept
last-modified: Thu, 01 Jun 2023 19:01:12 GMT
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfd19deb408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6478
server: cloudflare

GET
H2 200 6e60e716-5af3-11ed-9011-df0559fb2f5d.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/ 33 KB
33 KB 51ms
46ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/6e60e716-5af3-11ed-9011-df0559fb2f5d.jpg

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dab85214b33f45bd9b39ca662039d3683a7c23ad51a54e6ebeca54e3c69cc544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "6362dddd-15427"
age: 804231
cf-cache-status: HIT
expires: Tue, 30 Sep 2025 16:11:03 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=87079
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/webp
content-disposition: inline; filename="6e60e716-5af3-11ed-9011-df0559fb2f5d.webp"
vary: Accept
last-modified: Wed, 02 Nov 2022 21:15:09 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfd19dfb408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33456
server: cloudflare

GET
H2 200 76145f42-5af3-11ed-a02e-c7e09e864ee7.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/ 33 KB
33 KB 48ms
47ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/76145f42-5af3-11ed-a02e-c7e09e864ee7.jpg

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dab85214b33f45bd9b39ca662039d3683a7c23ad51a54e6ebeca54e3c69cc544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "6362ddea-15427"
age: 804231
cf-cache-status: HIT
expires: Sat, 20 Sep 2025 13:03:28 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=87079
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/webp
content-disposition: inline; filename="76145f42-5af3-11ed-a02e-c7e09e864ee7.webp"
vary: Accept
last-modified: Wed, 02 Nov 2022 21:15:22 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfd7a28b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33456
server: cloudflare

GET
H2 200 a39f2464-3dfb-11ef-9c68-cb931be8da62.png
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/ 16 KB
17 KB 50ms
49ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/a39f2464-3dfb-11ef-9c68-cb931be8da62.png

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48d35e8f6e4acdc47ecbc0561060dbd83f34c7c268ed49dad0a57ec5337fa587

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "668d428e-5586"
age: 53403
cf-cache-status: HIT
expires: Wed, 09 Jul 2025 14:01:32 GMT
cf-polished: origFmt=png, origSize=21894
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/webp
content-disposition: inline; filename="a39f2464-3dfb-11ef-9c68-cb931be8da62.webp"
vary: Accept
last-modified: Tue, 09 Jul 2024 14:00:46 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfd7a2bb408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16834
server: cloudflare

GET
H/1.1 200
OK type:300x250 Show response
gajobsource.com/places/widget/js:1/ 249 B
676 B 7786ms
65ms Script
text/javascript 50.21.179.247
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gajobsource.com/places/widget/js:1/type:300x250
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.21.179.247 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv95.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: 68e8f43c950afadfbb7ed37ddf551f2467c1513959cbdcbd918a9ff55fb5aa65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Content-Encoding: gzip
Pragma: no-cache
Connection: Keep-Alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 206
Keep-Alive: timeout=15, max=500
Date: Wed, 16 Oct 2024 19:01:27 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Server: Apache
X-Powered-By: PleskLin

GET
H2 200 embedcode.php Show response
embed.sendtonews.com/player2/ 26 KB
9 KB 7826ms
169ms Script
application/javascript 108.138.106.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player2/embedcode.php?fk=NWef1XMk&cid=12404
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-56.jfk50.r.cloudfront.net
Software: nginx/1.25.5 /
Resource Hash: 47313660cd0b1b4de6e9ddbdfd085ed67664a06bdf4a368ea96e764121dfa86e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: private, no-store
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: FtOmiM5-eSUHNSsLSqMeaBpmahLi_djxUZy2n6oui7J42Vv3nbnuvw==
date: Wed, 16 Oct 2024 19:01:27 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx/1.25.5
x-amz-cf-pop: JFK50-P3
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

GET
H2 200 widgey-dug.php Show response
japfg-trending-content.appspot.com/ 10 KB
2 KB 11922ms
120ms Script
text/html 142.251.40.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://japfg-trending-content.appspot.com/widgey-dug.php?s=10238&v=1&q=3&i=1
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.148 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s80-in-f20.1e100.net
Software: nginx /
Resource Hash: ee5dfacd4dc98aa1154615d6453fe327433e0bf3e9c4b18b38e3b9894fae8756

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
date: Wed, 16 Oct 2024 19:01:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: nginx

GET
H2 200 get.js Show response
cdn.cityspark.com/wid/ 2 KB
1 KB 3889ms
78ms Script
application/x-javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cityspark.com/wid/get.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (chd/0710) /
Resource Hash: 2e4346aa7f0340066dfb5aa361ff449a438a172d5432719cd405e876a0d7b439

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-md5: 8ouzdXeMpGxUBMAUF/mhkg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: "0x8DB2194D3ACD75C+gzip"
age: 89179
x-ms-version: 2014-02-14
x-ms-lease-state: available
x-cache: HIT
date: Wed, 16 Oct 2024 19:01:23 GMT
content-type: application/x-javascript
last-modified: Fri, 10 Mar 2023 18:25:29 GMT
vary: Accept-Encoding
x-ms-request-id: 6457507e-f01e-0041-782e-1ff159000000
access-control-allow-origin: *
content-length: 1002
x-ms-blob-type: BlockBlob
server: ECAcc (chd/0710)

GET widgetLoader.js
www.legacy.com/widgetloader/ 0
0

GET
H2 200 Member.js Show response
henrycounty.chambermaster.com/Content/Script/ 7 KB
2 KB 213ms
57ms Script
application/javascript 216.17.94.178
USINTERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://henrycounty.chambermaster.com/Content/Script/Member.js

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.17.94.178 , United States, ASN10242 (USINTERNET, US),

Reverse DNS

216.17.94.178.ip.usinternet.com

Software

/ ASP.NET, ARR/3.0

Resource Hash

1dd93cf8910d7c7a5815b85c0d5b3ec80f062d5802567090fd79e31a1583c51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
etag: "0d1492da58db1:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1956
date: Wed, 16 Oct 2024 19:00:44 GMT
content-type: application/javascript
last-modified: Tue, 17 Sep 2024 01:59:06 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET, ARR/3.0

GET
H/1.1 200
OK jquery.smartbanner.js Show response
s3.amazonaws.com/v4.static.shoutem.com/popup_scripts/ 15 KB
16 KB 157ms
65ms Script
application/javascript 52.216.145.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/v4.static.shoutem.com/popup_scripts/jquery.smartbanner.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.145.69 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1b53cc35f15a6e6c3e31df71e326e646d6989aec3917c656962a9736a5586297

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

ETag: "16ae42f55aca69b21a9f0aae52342967"
x-amz-request-id: MGSWSP85VV0HN173
Accept-Ranges: bytes
Content-Length: 15650
Date: Wed, 16 Oct 2024 19:01:20 GMT
Last-Modified: Tue, 17 Sep 2019 15:35:22 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-id-2: 6hRXHsBXiOdFMCLupr/ay+Z5Ea8XtN95wvRc3gPgPDWS/CKVkk+q6MBof3Vm+PzyIOR2EgNGsCc=

GET
H2 200 tnt.ads.core.ee10a41bfea60001b9edb7ab35e5c9e1.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 14 KB
5 KB 92ms
83ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.ee10a41bfea60001b9edb7ab35e5c9e1.js

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7458edd9b7b53f7b32c80f4856a8a0d1c4b7557c589f7c6b860c30a43829ac3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65f221dd-3662"
age: 18229138
expires: Wed, 19 Mar 2025 19:02:00 GMT
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Mar 2024 21:59:57 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfdca5eb408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5096
server: cloudflare

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 159 KB
47 KB 7747ms
81ms Script
text/javascript 13.35.93.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-31.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1760bb9355d5a32c6b3d48ecf53dcfedeca08516b0b921682e9d0ce55ce74b26

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

vary: Accept-Encoding
cache-control: public,max-age=60
content-encoding: br
etag: W/"b00e2c9578a737dff7b6f33e21f10832"
age: 44757
via: 1.1 c456cd1dcda544d97e59ee05afbea4a2.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Z_p_rVZKdMB6ZDGz9cnei0qJrViGQcpljD7x0iqI7rZcuf0m07qj5Q==
date: Wed, 16 Oct 2024 08:34:53 GMT
content-type: text/javascript
last-modified: Fri, 13 Sep 2024 16:40:01 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 222 KB
77 KB 1196ms
70ms Script
application/javascript 142.250.80.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7ea384b3204c81b1b6ab4bf34284717ddd10d0577ad0fd336231ab24041f39f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 16 Oct 2024 19:01:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:20 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 78219
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 324 KB
80 KB 167ms
45ms Script
application/javascript 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fdb7c12792ebd6e785128456249178e9b508c9677a300df8fbc6e7520147baa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"907cbdd883935369790d45cc9bd9e8b7"
age: 1782
via: 1.1 e3e94284a800d30d02bd662be67e1bf2.cloudfront.net (CloudFront), 1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: ZjllOnc3vEPhUqulfKbC6-WxgAHx51ZyzLjDCCvosktYj488yDx2Gg==
date: Wed, 16 Oct 2024 18:31:38 GMT
content-type: application/javascript
last-modified: Wed, 28 Aug 2024 22:46:41 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK52-P4
x-amz-server-side-encryption: AES256

GET
H2 200 tracker.gif
www.henryherald.com/shared-content/art/stats/common/ 0
145 B 116ms
36ms Image
image/gif 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.henryherald.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1729105279612220220160012001704529012832&tnms_dt=henryherald.com&tnms_upage=1&tnms_do=www.henryherald.com&tnms_uri=/&tnms_ref=&rt=1729105279616
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-vcache: MISS
cache-control: no-cache, no-store
etag: "48f79fed-0"
age: 0
accept-ranges: bytes
content-length: 0
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/gif
last-modified: Thu, 16 Oct 2008 20:11:25 GMT

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 88ms
39ms Font
font/woff2 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=PT+Serif:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.henryherald.com
Referer: https://fonts.googleapis.com/

Response headers

age: 44514
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 06:39:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 06:39:25 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/ 29 KB
29 KB 92ms
43ms Font
font/woff2 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=PT+Serif:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

sffe /

Resource Hash

bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.henryherald.com
Referer: https://fonts.googleapis.com/

Response headers

age: 58827
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 02:40:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 02:40:52 GMT
last-modified: Tue, 02 May 2023 15:28:35 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29588
x-xss-protection: 0
server: sffe

GET
H2 200 670ffbf5608a3.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/9/2d/92d4a026-8be6-11ef-ab46-8b4b4bf0d5c1/ 9 KB
9 KB 39ms
37ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/9/2d/92d4a026-8be6-11ef-ab46-8b4b4bf0d5c1/670ffbf5608a3.image.jpg?resize=200%2C133

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e8e4844ad1bd1b013d7e4e95587851d3cb0473ccffa908bf5ed37e3c921cd49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "9fd978be80db1b36a65c3b31ae56e425"
age: 751
cf-cache-status: HIT
expires: Thu, 16 Oct 2025 17:52:22 GMT
cf-polished: degrade=85, origSize=12002, status=webp_bigger
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/jpeg
last-modified: Wed, 16 Oct 2024 17:46:30 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfe0a9cb408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9000
server: cloudflare

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 6e60e716-5af3-11ed-9011-df0559fb2f5d.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/ 33 KB
0 5ms
5ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/6e60e716-5af3-11ed-9011-df0559fb2f5d.jpg
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dab85214b33f45bd9b39ca662039d3683a7c23ad51a54e6ebeca54e3c69cc544

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "6362dddd-15427"
age: 804231
cf-cache-status: HIT
expires: Tue, 30 Sep 2025 16:11:03 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=87079
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/webp
content-disposition: inline; filename="6e60e716-5af3-11ed-9011-df0559fb2f5d.webp"
vary: Accept
last-modified: Wed, 02 Nov 2022 21:15:09 GMT
x-vcache: MISS
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfd19dfb408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33456
server: cloudflare

GET
H2 200 670ffbf5608a3.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/9/2d/92d4a026-8be6-11ef-ab46-8b4b4bf0d5c1/ 59 KB
60 KB 62ms
53ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/9/2d/92d4a026-8be6-11ef-ab46-8b4b4bf0d5c1/670ffbf5608a3.image.jpg?resize=640%2C427

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01508050cebd845124748ef50cf6d83076278ef1bdace1fab62da9f3b9f12b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "e74da452bcb68bc2296f37c42901893d"
cf-cache-status: HIT
expires: Thu, 16 Oct 2025 18:02:18 GMT
cf-polished: degrade=85, origSize=61392, status=webp_bigger
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/jpeg
last-modified: Wed, 16 Oct 2024 17:46:30 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfe6addb408-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H2 200 6707f39f2fcbe.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/e/6b/e6bfa966-871c-11ef-91ce-6f9a3c81c585/ 8 KB
8 KB 63ms
53ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/e/6b/e6bfa966-871c-11ef-91ce-6f9a3c81c585/6707f39f2fcbe.image.jpg?resize=225%2C165

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75419e603e249b257a21cf0544fcc352060a539b8141f53d9139facc034f8446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "ff503ec25387395c2f59783784e5dab0"
cf-cache-status: HIT
expires: Thu, 16 Oct 2025 18:02:19 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=11427
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/webp
content-disposition: inline; filename="6707f39f2fcbe.webp"
vary: Accept
last-modified: Thu, 10 Oct 2024 15:32:48 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfe6adeb408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8442
server: cloudflare

GET
H2 200 670b1c2363c5a.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/d/09/d091bd1c-88fe-11ef-a532-d30ceb2bc549/ 10 KB
10 KB 64ms
54ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/d/09/d091bd1c-88fe-11ef-a532-d30ceb2bc549/670b1c2363c5a.image.jpg?resize=225%2C150

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ab706225cbeeddc1125e9da8aa4ac1cb924fb4e44635591a451fcef25df1dce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "aa20520b18f1b8b5b05a18959255f796"
cf-cache-status: HIT
expires: Thu, 16 Oct 2025 04:44:55 GMT
cf-polished: degrade=85, origSize=12952, status=webp_bigger
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/jpeg
last-modified: Sun, 13 Oct 2024 01:02:28 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfe6ae0b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10013
server: cloudflare

GET
H2 200 6705c4f947fbe.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/e/bd/ebd1f132-85cf-11ef-b3d7-1b805c15b618/ 6 KB
6 KB 65ms
56ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/e/bd/ebd1f132-85cf-11ef-b3d7-1b805c15b618/6705c4f947fbe.image.jpg?resize=150%2C100

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cb306b593b894cf55795f58dfc6582e18e2cec83da332a36394c5efce56d3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "7a0e99fc8ada954d149cde720fb83b3e"
cf-cache-status: HIT
expires: Mon, 13 Oct 2025 01:00:16 GMT
cf-polished: degrade=85, origSize=8847, status=webp_bigger
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/jpeg
last-modified: Tue, 08 Oct 2024 23:49:14 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfe6ae1b408-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H2 200 670713402802e.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/1/a3/1a3fb7b2-8697-11ef-8a40-13695781c045/ 3 KB
3 KB 69ms
60ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/1/a3/1a3fb7b2-8697-11ef-8a40-13695781c045/670713402802e.image.jpg?resize=150%2C118

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47b458d178d59aaf310eae0f2f5193a333ae9594a3339ca656e61f21b9493a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "50bf2480576739b198cee00900d4eda1"
cf-cache-status: HIT
expires: Mon, 13 Oct 2025 07:32:12 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=6737
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/webp
content-disposition: inline; filename="670713402802e.webp"
vary: Accept
last-modified: Wed, 09 Oct 2024 23:35:28 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfe6ae2b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2722
server: cloudflare

GET
H2 200 670717e5610ee.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/e/63/e6352a8a-8699-11ef-a31a-1b715865b0c2/ 8 KB
8 KB 62ms
54ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/e/63/e6352a8a-8699-11ef-a31a-1b715865b0c2/670717e5610ee.image.jpg?resize=150%2C150

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

376fae77a966c94c71a1b6766b901bc2728156af98bc9884594407fedda0b9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "dce61d96396909d9ec609e42b221f72c"
cf-cache-status: HIT
expires: Sun, 12 Oct 2025 06:01:26 GMT
cf-polished: degrade=85, origSize=9436, status=webp_bigger
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2024 23:55:17 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfe6ae5b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8399
server: cloudflare

GET
H2 200 6707f39f2fcbe.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/e/6b/e6bfa966-871c-11ef-91ce-6f9a3c81c585/ 7 KB
7 KB 41ms
30ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/e/6b/e6bfa966-871c-11ef-91ce-6f9a3c81c585/6707f39f2fcbe.image.jpg?resize=200%2C146

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37e6cc263346b4e690fae589c112933ce06b190c953dede3bdca4f6f0c2d9f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "778c5436b7f3d04980bd6c1f097b05f1"
age: 53917
cf-cache-status: HIT
expires: Thu, 16 Oct 2025 04:00:12 GMT
cf-polished: degrade=85, origSize=10063, status=webp_bigger
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/jpeg
last-modified: Thu, 10 Oct 2024 15:32:48 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfe7aebb408-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H2 200 670b1c2363c5a.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/d/09/d091bd1c-88fe-11ef-a532-d30ceb2bc549/ 8 KB
8 KB 41ms
31ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/d/09/d091bd1c-88fe-11ef-a532-d30ceb2bc549/670b1c2363c5a.image.jpg?resize=200%2C133

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f8039c88a4450c752cbe93c9917893aba2b4fa991fa092184ff6347eb7828fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "77760e2375b8d35de36fdc4fd35d594e"
age: 79648
cf-cache-status: HIT
expires: Mon, 13 Oct 2025 01:17:14 GMT
cf-polished: degrade=85, origSize=11213, status=webp_bigger
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/jpeg
last-modified: Sun, 13 Oct 2024 01:02:28 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfe7aecb408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8188
server: cloudflare

GET
H2 200 6705c4f947fbe.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/e/bd/ebd1f132-85cf-11ef-b3d7-1b805c15b618/ 9 KB
9 KB 48ms
38ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/e/bd/ebd1f132-85cf-11ef-b3d7-1b805c15b618/6705c4f947fbe.image.jpg?resize=200%2C133

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

017dd0aa14a990abfa92d4aee07a2b0f478c589e43dbd21ee7cf25d41fecf072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "73a565f31f24ada7833ae3073b898f35"
age: 53404
cf-cache-status: HIT
expires: Sun, 12 Oct 2025 23:46:32 GMT
cf-polished: degrade=85, origSize=11917, status=webp_bigger
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/jpeg
last-modified: Tue, 08 Oct 2024 23:49:14 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfe7aedb408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8948
server: cloudflare

GET
H2 200 670713402802e.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/1/a3/1a3fb7b2-8697-11ef-8a40-13695781c045/ 3 KB
4 KB 42ms
33ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/1/a3/1a3fb7b2-8697-11ef-8a40-13695781c045/670713402802e.image.jpg

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e5617805285f642b4986623c1706002e470ab76e767d3e0d1bf9a5a3a904a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "67071340-21f7"
age: 53404
cf-cache-status: HIT
expires: Sun, 12 Oct 2025 04:02:09 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=8695
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/webp
content-disposition: inline; filename="670713402802e.webp"
vary: Accept
last-modified: Wed, 09 Oct 2024 23:35:28 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfe7aeeb408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3524
server: cloudflare

GET
H2 200 670596cb3807f.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/5/bf/5bfb9024-85b4-11ef-8be2-93f8e70d0d42/ 4 KB
5 KB 42ms
33ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/5/bf/5bfb9024-85b4-11ef-8be2-93f8e70d0d42/670596cb3807f.image.jpg?crop=287%2C443%2C104%2C41&resize=130%2C200&order=crop%2Cresize

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b24ed8b1a61c8b66adb57fcbc6be9463cc6e7b690940185afd42ef3b5067e46c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "85502ab347c54cbc5f50b624d0bb5ed4"
age: 53404
cf-cache-status: HIT
expires: Sun, 12 Oct 2025 04:02:09 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=8030
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/webp
content-disposition: inline; filename="670596cb3807f.webp"
vary: Accept
last-modified: Tue, 08 Oct 2024 20:32:11 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfe7aefb408-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H2 200 670596cb3807f.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/5/bf/5bfb9024-85b4-11ef-8be2-93f8e70d0d42/ 8 KB
8 KB 46ms
38ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd10a172a92c6a0bc4bfd33f8b079b995d18ae5435a146d6a348180d5b7caa01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "70e1c0a78954aed838484fcd2f4102be"
age: 53404
cf-cache-status: HIT
expires: Sun, 12 Oct 2025 04:00:49 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=12361
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/webp
content-disposition: inline; filename="670596cb3807f.webp"
vary: Accept
last-modified: Tue, 08 Oct 2024 20:32:11 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfe7af0b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8514
server: cloudflare

GET
H2 200 670717e5610ee.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/e/63/e6352a8a-8699-11ef-a31a-1b715865b0c2/ 13 KB
14 KB 43ms
36ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/e/63/e6352a8a-8699-11ef-a31a-1b715865b0c2/670717e5610ee.image.jpg?resize=200%2C200

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

802d116e3f80c856dfef325dc70c70afcf573bbd807378c3dd74493c61aff5e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "b16e1efbfeab4555f6c3540a20bbf5e8"
age: 53404
cf-cache-status: HIT
expires: Sun, 12 Oct 2025 04:00:14 GMT
cf-polished: degrade=85, origSize=14884, status=webp_bigger
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2024 23:55:17 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfe7af2b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13677
server: cloudflare

GET
H2 200 670fe2d4d8c45.preview.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/a/b0/ab019580-c870-5ced-8b41-589dac7a5b77/ 5 KB
5 KB 75ms
68ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/a/b0/ab019580-c870-5ced-8b41-589dac7a5b77/670fe2d4d8c45.preview.jpg?resize=200%2C88

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68a6a1251605dd76925b15e3581c1f1477e3d69d142ba4a98932c2732a210c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "4bbe04cd73a795c9062690dd796e9ac0"
cf-cache-status: HIT
expires: Thu, 16 Oct 2025 16:06:41 GMT
cf-polished: degrade=85, origSize=5513, status=webp_bigger
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/jpeg
last-modified: Wed, 16 Oct 2024 15:59:17 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfe9b02b408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5075
server: cloudflare

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/ 481 KB
149 KB 63ms
63ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

f98d5fca3c93eb8086952c200e59dc21fc7b2ad893b5680cec00f4b7f2a38215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
etag: 3420270987438694644
age: 590
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 18:51:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 16 Oct 2024 18:51:29 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 152663
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/ 421 KB
140 KB 81ms
79ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

b93b4001b605115857887db3ff32d98e81c11a70d6528512e19cd3685297d781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
etag: 1984914530360987992
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:01:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 143785
x-xss-protection: 0
server: cafe

GET
H2 200 a39f2464-3dfb-11ef-9c68-cb931be8da62.png
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/ 16 KB
0 2ms
1ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/a39f2464-3dfb-11ef-9c68-cb931be8da62.png
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d35e8f6e4acdc47ecbc0561060dbd83f34c7c268ed49dad0a57ec5337fa587

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "668d428e-5586"
age: 53403
cf-cache-status: HIT
expires: Wed, 09 Jul 2025 14:01:32 GMT
cf-polished: origFmt=png, origSize=21894
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: image/webp
content-disposition: inline; filename="a39f2464-3dfb-11ef-9c68-cb931be8da62.webp"
vary: Accept
last-modified: Tue, 09 Jul 2024 14:00:46 GMT
x-vcache: MISS
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4bfd7a2bb408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16834
server: cloudflare

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 71 KB
26 KB 43ms
42ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

c925dcece063e452d7e8788f413dffe90f60e5a66b9e0ada72e03a801934d7a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
etag: 9678319810274944302
age: 2894
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:13:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 16 Oct 2024 18:13:06 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 26657
x-xss-protection: 0
server: cafe

GET
H2 200 132916964 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 204ms
109ms Script
application/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/132916964?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

47301f282e8305d2fad65561ab614d591b38f523a688c4dd4e6db97b62a6148d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v9Svu3DGhTccE29PXs41yA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:20 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJiCNCQYjh56zbTRSA-73SH6ToQS3x9yaQFxE7pM1hDgLj15jnW6UCc9O88awkQu2tdZPUHYkOFS6zOQOxYdInVE4hVey6xmgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1hYgvt10hfUxEAtxczTMPrCDTeBFy9VEJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDA0NTPQPT-AIDAG-qTyU"
content-security-policy: script-src 'report-sample' 'nonce-v9Svu3DGhTccE29PXs41yA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 e42ec5cd-11f7-4d8a-a91c-74054da9c4cb Show response
config.aps.amazon-adsystem.com/configs/ 563 B
838 B 3605ms
77ms Script
application/javascript 108.138.106.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/e42ec5cd-11f7-4d8a-a91c-74054da9c4cb
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-70.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 778ddd4dd74db059c0b76267e415e95fca61d5396f6d485e3d7a75028f371fbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: max-age=3600
age: 955
via: 1.1 410372c9ac35ccad4a4fd5dbf80c9f38.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 563
x-amz-cf-id: Wfo01hCTgmjy5GIIY5eHDwSHCWluNB_1sRHev3tIsGacADyfus_Mtg==
date: Wed, 16 Oct 2024 18:45:28 GMT
content-type: application/javascript
x-amz-cf-pop: JFK50-P3
server: CloudFront

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
3 KB 50ms
49ms XHR
application/json 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.henryherald.com&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: Server /
Resource Hash: 2a6189f8ee4035f048eaedb4744ef6300f362a90a1f7aa6906edeac2e8e49eb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: max-age=21550, s-maxage=21600
age: 6565
access-control-allow-credentials: true
via: 1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.henryherald.com
x-cache: Hit from cloudfront
content-length: 3066
x-amz-cf-id: cKOosLVrH9vTWYbyIfFvqrIQxBYNMHSOEsA0lFqHWbRymboKENDhlw==
date: Wed, 16 Oct 2024 17:11:54 GMT
content-type: application/json;charset=UTF-8
x-amz-cf-pop: JFK52-P4
server: Server

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 1154ms
44ms XHR
application/javascript 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
age: 86010
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: BJ1_i_g-FtKwnYPVOdCx3DUSWr6GoYkWwH3CL1EUwtoIRDp79AW9Jg==
date: Tue, 15 Oct 2024 19:07:52 GMT
content-type: application/javascript
vary: Accept-Encoding,Origin
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 a5ec1cc448d0ca618712f253b7a7adba.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20241014/r20190131/ 57 KB
22 KB 43ms
43ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20241014/r20190131/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

fd209725d48d96bfbd362312870bc81e38928bdde4ac3d25871b68a9e9b15d6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
etag: 5874475383760180944
age: 18952
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 13:45:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 16 Oct 2024 13:45:28 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 22504
x-xss-protection: 0
server: cafe

GET
H2 200 670fe2d4d8c45.preview.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/a/b0/ab019580-c870-5ced-8b41-589dac7a5b77/ 27 KB
27 KB 59ms
58ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/a/b0/ab019580-c870-5ced-8b41-589dac7a5b77/670fe2d4d8c45.preview.jpg?crop=659%2C659%2C420%2C0&resize=400%2C400&order=crop%2Cresize

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41ee6ab909674f99c6f3a489925bc056ae7f387da0c67b639975ae33807a6828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "40790119b3cee2a985a183559e597025"
cf-cache-status: HIT
expires: Thu, 16 Oct 2025 16:07:17 GMT
cf-polished: origSize=28732, status=webp_bigger
date: Wed, 16 Oct 2024 19:01:20 GMT
content-type: image/jpeg
last-modified: Wed, 16 Oct 2024 15:59:17 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4c010d0bb408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27842
server: cloudflare

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 7546ms
101ms Script
application/javascript 23.203.179.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.179.38 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-179-38.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
etag: "d734-5f2f3919e751f-gzip"
expires: Wed, 16 Oct 2024 19:16:27 GMT
accept-ranges: bytes
content-length: 17407
date: Wed, 16 Oct 2024 19:01:27 GMT
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 43 KB
13 KB 437ms
44ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"ad78eaf46246cac6849005eb8b50ae6f"
age: 1874
via: 1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: KPBrqRAxeUu1fIG-R1tbNwodPKIhfPumjGJxjBDdSULkLNywz7pFnA==
date: Wed, 16 Oct 2024 18:30:07 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:23 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ 16 KB
6 KB 185ms
38ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 712369aef7db8ee613780ed94892762890345add2113c7749b2f03b819c0a4fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66ce363e-403e"
age: 69107
cf-ray: 8d3a4c01fec6a1e6-YYZ
expires: Sat, 19 Oct 2024 19:01:20 GMT
date: Wed, 16 Oct 2024 19:01:20 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2024 20:25:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
12 KB 1461ms
36ms Script
application/javascript 104.22.53.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.henryherald.com%2F&ref=&_it=amazon&partner_id=664
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.53.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: max-age=432000
content-encoding: br
cf-bgj: minify
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
age: 1753
cf-cache-status: HIT
x-amz-request-id: 4GNTEWM5RE8S976C
cf-ray: 8d3a4c0aec28ac58-YYZ
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: application/javascript
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: 1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 98 KB
28 KB 681ms
40ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-amz-id-2: izcqFHTtFVTZtyU228Tts5nRS63qrTKcMYoHsM6W42EMs8ro0jf12aZJsYnbh6+XqHryNqaj8RytSnDN81CH7MWQs/w2IVpgtEEa0P9fR+U=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"f24286e1b73c01841e789906d50ce23f"
age: 2761
x-amz-request-id: ZQS24YREXSESS8H8
cf-ray: 8d3a4c064b0fabae-YYZ
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 02 Oct 2024 12:26:13 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/ Frame B7EF 0
0 147ms
40ms Document
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 87
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 18:59:53 GMT
etag: 13108003645644964576
expires: Wed, 30 Oct 2024 18:59:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxUs_oLxyusPoCJ5ixtpNL7FdXZww-HTuZG6rT4F-AWtado9b6EUNGtiqx3BmQJke2WDS_ecvyrGCpNvVTWJxi4SXWE5NLmDhpEAuyDyJJmpU34WScv8xUave0JRmWwNCa9T7QRTng== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 112ms
110ms Script
application/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUs_oLxyusPoCJ5ixtpNL7FdXZww-HTuZG6rT4F-AWtado9b6EUNGtiqx3BmQJke2WDS_ecvyrGCpNvVTWJxi4SXWE5NLmDhpEAuyDyJJmpU34WScv8xUave0JRmWwNCa9T7QRTng==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MTA1MjgwLDQzNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuaGVucnloZXJhbGQuY29tLyIsbnVsbCxbWzgsInRpZ1FnbnhuQkFJIl0sWzksImVuLVVTIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.tigQgnxnBAI.es5.O/am=DAY/d=1/rs=AJlcJMwQU0k26YJiVZG7ihW_YVMu0YEohw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

a36d75a092267e94b639bd52ac85868d9d7149b4df582fd7baa6bbcc53345ee2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OeWETRc3_eey5xk2xFLX4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:20 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRAL8XA0zD6wg03gwb693xmVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDE31DEzjCwwAUX9Kvg"
content-security-policy: script-src 'report-sample' 'nonce-OeWETRc3_eey5xk2xFLX4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0036 0
0 175ms
106ms Document
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-3129558407352269&output=html&adk=1812271804&adf=3025194257&abgtt=5&lmt=1729105268&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.henryherald.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729105279907&bpp=6&bdt=7710&idt=211&shv=r20241014&mjsv=m202410100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5561657985040&rume=1&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31087892%2C31087986%2C44795921%2C95341937%2C95344189%2C31061691%2C31061692&oid=2&pvsid=478677450668246&tmod=2000360189&uas=0&nvt=1&fsapi=1&fc=1920&brdim=220%2C220%2C220%2C220%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=552

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.henryherald.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 2101
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 19:01:20 GMT
expires: Wed, 16 Oct 2024 19:01:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 3D09 0
0 147ms
39ms Document
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29415
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 18:58:55 GMT
expires: Wed, 16 Oct 2024 19:48:55 GMT
last-modified: Mon, 14 Oct 2024 19:44:52 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
4 KB 324ms
46ms Script
text/javascript 18.164.111.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.111.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-111-42.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-amz-version-id: 0u1R0tyw.MUCZY63NwBE.7D35dRY5mh8
ETag: "0537d8d06dd9dfbe911ad6bf6504f4bf"
Age: 46426
Connection: keep-alive
Via: 1.1 5a588475f9a075d76c33229107634f8e.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 3181
X-Amz-Cf-Id: JDRcsaPeHet76nNpCZTQZ6mZND6L4qnsPPyXxKDR75hS_vuLQSQbSA==
Date: Wed, 16 Oct 2024 06:07:35 GMT
Content-Type: text/javascript
Last-Modified: Wed, 31 Jul 2024 16:30:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P6
x-amz-server-side-encryption: AES256

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 99 KB
29 KB 99ms
38ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae33c40aa889646f2c2b3383d8be2cb2a29f4c84e27cc856536bf576dcd82f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-amz-id-2: XMmQhh76Y+FIMqzMQj/5qlEPSIRhh+Kur92l/L4ZnL17a3YT119EHhfkxBnJYFKRjiZirTIbXHkqeomhiXR6VQ==
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"851c43b3dfc1b13c6814012a69b7a390"
age: 2675
x-amz-request-id: 8ZFTADYCRXGXMYEJ
cf-ray: 8d3a4c064b12abae-YYZ
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 02 Oct 2024 12:26:13 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 3414ms
105ms Script
text/javascript 74.119.117.4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

5e8020e3d61bfee03a48ca66498521053b0bdcc1a3d8791250ac9bf0f768cbf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"66d98e6d-a677"
cross-origin-resource-policy: cross-origin
expires: Thu, 17 Oct 2024 19:01:24 GMT
access-control-allow-origin: *
date: Wed, 16 Oct 2024 19:01:24 GMT
content-type: text/javascript
last-modified: Thu, 05 Sep 2024 10:56:45 GMT
server: nginx

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 1128ms
30ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 46897
x-goog-stored-content-encoding: gzip
expires: Thu, 16 Oct 2025 05:59:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Wed, 16 Oct 2024 05:59:45 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AHmUCY10EO-Niwo2VjTQkCAgSA1H_J0VY6JsTb6emB-jH2zeNDAW-L3noP0IbmcntOcrGQIGcDmPZVSs6g
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 490ms
131ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

etag: cd19e0900da0cdbc6697310fd9330fb6
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 05 Feb 2024 22:07:56 GMT
server: Google Frontend
x-cloud-trace-context: 078c54a1708a5f115910c4ff1c4d0ed1

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 43ms
42ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"7db46e1255a018ecf02f47b2c19c26c4"
age: 1875
via: 1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: GfBUFdkE0shywmiAqC3ufVNpFIKXNE0Aix7oPBnyboh7BKvPL5xAVw==
date: Wed, 16 Oct 2024 18:30:07 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256

GET pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 0
0

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
7 KB 35ms
33ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a2ab36c83d5d55e311fbf787dbc7de0a17b89eb0b30b1772f518a79db334001

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66ce3644-43df"
age: 80278
cf-ray: 8d3a4c031fbfa1e6-YYZ
expires: Sat, 19 Oct 2024 19:01:20 GMT
date: Wed, 16 Oct 2024 19:01:20 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2024 20:25:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

envelope Show response
lexicon.33across.com/v1/
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0010b00002XdhehAAB&src=aps&ver=1.13.1&us_privacy=1---
https://lexicon.33across.com/v1/envelope?pid=0010b00002XdhehAAB&src=aps&ver=1.13.1&us_privacy=1---&b=1&tp=qrOUGlc7E0%2BQg4VcAgrVrAWSd6fyHvgce99ESizJP2U%3D

42 B
138 B

56ms
49ms

XHR
application/json

35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002XdhehAAB&src=aps&ver=1.13.1&us_privacy=1---&b=1&tp=qrOUGlc7E0%2BQg4VcAgrVrAWSd6fyHvgce99ESizJP2U%3D
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.henryherald.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
date: Wed, 16 Oct 2024 19:01:23 GMT
content-type: application/json
vary: origin

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
location: https://lexicon.33across.com/v1/envelope?pid=0010b00002XdhehAAB&src=aps&ver=1.13.1&us_privacy=1---&b=1&tp=qrOUGlc7E0%2BQg4VcAgrVrAWSd6fyHvgce99ESizJP2U%3D
access-control-allow-credentials: true
referrer-policy: unsafe-url
via: 1.1 google
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://www.henryherald.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 16 Oct 2024 19:01:23 GMT
vary: origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
537 B 3323ms
130ms XHR
application/json 3.232.0.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.0.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-0-61.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 85f533abe3b5a38641f74df6b67d9af53dd013d060ab52becd0b41dddce6c757

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.henryherald.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 156
date: Wed, 16 Oct 2024 19:01:23 GMT
content-type: application/json;charset=utf-8
x-server: 10.40.61.182
server: Jetty(9.4.38.v20210224)

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 181ms
100ms Fetch
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s32-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.henryherald.com/

Response headers

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
235 B 476ms
123ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.henryherald.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.henryherald.com
date: Wed, 16 Oct 2024 19:01:20 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 216 KB
75 KB 58ms
56ms Script
application/javascript 142.250.80.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

137320c2305b2aca3dc620bfa157928e9010ece0056668e9a7ad5436a808b7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 16 Oct 2024 19:01:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 76901
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 295 KB
84 KB 61ms
60ms Script
application/javascript 142.250.80.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

083c58ad495e46056f83cab3c7704eeb7c7f780ccdfe25522c35cadd9d401a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 16 Oct 2024 19:01:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 86143
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
537 B 2797ms
93ms XHR
application/json 3.232.0.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.0.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-0-61.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f1b272d7585f0f978a4b5331e7aeba23c529519d553bcead9bc1901896c448c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.henryherald.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 156
date: Wed, 16 Oct 2024 19:01:23 GMT
content-type: application/json;charset=utf-8
x-server: 10.40.3.101
server: Jetty(9.4.38.v20210224)

GET
H3 200 putl.php Show response
fundingchoicesmessages.google.com/f/AGSKWxWlvbK9bmL30Lt6-vbN9cCz7dCAMWMpxVm1OeL8pD1iMehwHD7eYahbS3QZS8Bc4HE92YTwy1YWG8YgZVA9VGNj6DUVNriji3GkIw24-SfwJLEx2dCI_mzzBOzXm2Jrg4feQZOtYFQhbJRBmo5iLjhxLDPDG... 54 B
109 B 71ms
64ms Script
application/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWlvbK9bmL30Lt6-vbN9cCz7dCAMWMpxVm1OeL8pD1iMehwHD7eYahbS3QZS8Bc4HE92YTwy1YWG8YgZVA9VGNj6DUVNriji3GkIw24-SfwJLEx2dCI_mzzBOzXm2Jrg4feQZOtYFQhbJRBmo5iLjhxLDPDGhpBFBpoK3kMyxVqFxZ1Pby1GYVlz2yr/_/ad_utils./putl.php?/ad300f./120x240_/advert4.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.tigQgnxnBAI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwZLgkJBbRYluKqOcFul5L53UaCsg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

6ef7af6825dab9fc17277af764c79d2910919165ec48254a03eacde1d13aa9d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4xE1RMjc-2AEGXiluUYUUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw0pBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRALcXM0zj6wg01gwsq7BUoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgaGpnoGpvEFBgDtl0nr"
content-security-policy: script-src 'report-sample' 'nonce-4xE1RMjc-2AEGXiluUYUUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 40 KB
15 KB 47ms
40ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

369b0c21906fdd75d4370af92e7f46c9b494a3f7b8c0bde8ef47aaf480a73145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
etag: 16970699533094014674
age: 2056
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:27:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 16 Oct 2024 18:27:05 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 15115
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxVjTTCWJZWv65cIlDi5UYNV3nUer2wY2LQdh72u-pr9O4ZbSt3RuuFewZPhQpRrRp5Q1PDJfWixEIb3Lk24MIc624jgp31WPsbgikwWI4V_4dAp3Y8lv4WFycigYhyHTCKXd6L44g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 148ms
62ms XHR
text/html 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVjTTCWJZWv65cIlDi5UYNV3nUer2wY2LQdh72u-pr9O4ZbSt3RuuFewZPhQpRrRp5Q1PDJfWixEIb3Lk24MIc624jgp31WPsbgikwWI4V_4dAp3Y8lv4WFycigYhyHTCKXd6L44g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FBqNxPraA_iKqEYqoAAKjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.henryherald.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw05BicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiHo3H2gR1sAgtOX5jKqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MTfUMzOMLDADHfC8q"
content-security-policy: script-src 'report-sample' 'nonce-FBqNxPraA_iKqEYqoAAKjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.henryherald.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
102 KB 73ms
72ms Script
application/javascript 142.250.80.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

52318e97b26ae1450bbc70c80465ba7152b6dfea531ac6e657f3801a885e1644

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 16 Oct 2024 19:01:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 104329
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 103 KB
28 KB 174ms
42ms Script
text/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e3718c850c94db1e3daa959e53737254c607f52f2d672182df6ac3a91386885

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: 0zSZGXmaFl7u_EsnpPI2uvmKxv4SmEYW
etag: W/"4b35d51638965e83bf833be4d011abea"
age: 62
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: JWjKB_pp4hDspPY4VxIAc7FkK5ZRt_zyQelVBjfsuQapQoc6iX0KEA==
date: Wed, 16 Oct 2024 19:00:27 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 30 Jul 2024 19:42:29 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=120
via: 1.1 6377b6d44129cf483b7fc47ee1f9b05c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 243 KB
78 KB 94ms
93ms Script
application/javascript 142.250.80.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2b706e515af46421d813f90c1e8d495811050607254bc3b032df8a1c88256b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 16 Oct 2024 19:01:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80044
x-xss-protection: 0
server: Google Tag Manager

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVjTTCWJZWv65cIlDi5UYNV3nUer2wY2LQdh72u-pr9O4ZbSt3RuuFewZPhQpRrRp5Q1PDJfWixEIb3Lk24MIc624jgp31WPsbgikwWI4V_4dAp3Y8lv4WFycigYhyHTCKXd6L44g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--YSGzcN5-r_CJUSBRe5eAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.henryherald.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0JBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiHo3H2gR1sAg8-Ll3GqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MTfUMzOMLDADa7S9w"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--YSGzcN5-r_CJUSBRe5eAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.henryherald.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVjTTCWJZWv65cIlDi5UYNV3nUer2wY2LQdh72u-pr9O4ZbSt3RuuFewZPhQpRrRp5Q1PDJfWixEIb3Lk24MIc624jgp31WPsbgikwWI4V_4dAp3Y8lv4WFycigYhyHTCKXd6L44g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xf817LEPx25npwF_a8brLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.henryherald.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0JBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiHo3H2gR1sAgfW3ljOqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MTfUMzOMLDADMuC9A"
content-security-policy: script-src 'report-sample' 'nonce-xf817LEPx25npwF_a8brLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.henryherald.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVjTTCWJZWv65cIlDi5UYNV3nUer2wY2LQdh72u-pr9O4ZbSt3RuuFewZPhQpRrRp5Q1PDJfWixEIb3Lk24MIc624jgp31WPsbgikwWI4V_4dAp3Y8lv4WFycigYhyHTCKXd6L44g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QdNx1GqFaYeWZwDgJuNQJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.henryherald.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1JBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiHo3H2gR1sAj_-nl7KqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MTfUMzOMLDADwcy-6"
content-security-policy: script-src 'report-sample' 'nonce-QdNx1GqFaYeWZwDgJuNQJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.henryherald.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVJE15j6PJtzkuU9NrgdMb0SmifMGRJwckJUKcJC0ldgnZgRs94bCW_7HdsifyZO5PLMsXo0Sc6fKHeCHMRX-fNxd7ATk-6YJ9RS40DNAOyPXzNlzpfSTjxUi0_HjBy5Cum2lzzow== Show response
fundingchoicesmessages.google.com/f/ 5 KB
2 KB 89ms
87ms Script
application/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVJE15j6PJtzkuU9NrgdMb0SmifMGRJwckJUKcJC0ldgnZgRs94bCW_7HdsifyZO5PLMsXo0Sc6fKHeCHMRX-fNxd7ATk-6YJ9RS40DNAOyPXzNlzpfSTjxUi0_HjBy5Cum2lzzow==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MTA1MjgxLDMxMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmhlbnJ5aGVyYWxkLmNvbS8iLG51bGwsW1s4LCJ0aWdRZ254bkJBSSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

74f839c03bf60e8fdb077ac9fd821352ef2c5990fdc8587e77ca27093f2831bb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AWrjLIBzXn9CD7sGKVBbpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJiCNSQYjh56zbTRSA-73SH6ToQS3x9yaQFxE7pM1hDgLj15jnW6UCc9O88awkQu2tdZPUHYkOFS6zOQOxYdInVE4hVey6xmgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1hYgvt10hfUxEAvxcDTOPrCDTeDGlDnrGZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MTfUMTOMLDAC1HE8-"
content-security-policy: script-src 'report-sample' 'nonce-AWrjLIBzXn9CD7sGKVBbpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxWDWrTP2sJfcdPxPoWlHkqb52TiJWkrgIDwcvdZT8X7rDc-CB5B9WtX39lxnMHbD1HwaZw_TUFrG4qlZLhv7p6TBMmSvhy5gQiQKhzI2WJ2uT7ycSh24BL7QHCKiK-wuqM8bRzGgg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 109ms
106ms Script
application/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWDWrTP2sJfcdPxPoWlHkqb52TiJWkrgIDwcvdZT8X7rDc-CB5B9WtX39lxnMHbD1HwaZw_TUFrG4qlZLhv7p6TBMmSvhy5gQiQKhzI2WJ2uT7ycSh24BL7QHCKiK-wuqM8bRzGgg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MTA1MjgxLDQwNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmhlbnJ5aGVyYWxkLmNvbS8iLG51bGwsW1s4LCJ0aWdRZ254bkJBSSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

c3156c72751bbc6fdb263e79e4b1ab637da0c099441565aeb7f3ed24f08481b3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-pFlvi884Ni7pZUuJFuteKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw1JBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRAL8XA0zj6wg01gxeQvNxmVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDE31DEzjCwwAROFKdg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-pFlvi884Ni7pZUuJFuteKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H2 204 collect
analytics.google.com/g/ 0
0 15459ms
84ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je4ae0v887101457z8861227858za200zb861227858&_p=1729105279580&_gaz=1&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101686685&cid=1023424955.1729105281&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dt=henryherald.com&dl=https%3A%2F%2Fwww.henryherald.com%2F&sid=1729105281&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.canonical_url=https%3A%2F%2Fwww.henryherald.com%2F&epn.townnews_crm_group_id=295&ep.generator=BLOX&ep.generator_version=1.82.0&tfd=12750
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.henryherald.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:36 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
557 B 573ms
51ms Ping
text/plain 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=1023424955.1729105281&gtm=45je4ae0v887101457z8861227858za200zb861227858&aip=1&dma=0&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&frm=0&tag_exp=101686685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.henryherald.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:22 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 7C79 0
0 3419ms
108ms Document
text/html 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-4T2EB147B8&gacid=1023424955.1729105281&gtm=45je4ae0v887101457z8861227858za200zb861227858&dma=0&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685&z=1197646105

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 19:01:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 181ms
116ms Image
image/gif 142.250.65.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4T2EB147B8&cid=1023424955.1729105281&gtm=45je4ae0v887101457z8861227858za200zb861227858&aip=1&dma=0&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&frm=0&tag_exp=101686685&tag_exp=101686685&z=1993727326

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 16 Oct 2024 19:01:22 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 310 KB
105 KB 72ms
72ms Script
application/javascript 142.250.80.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YV9PEL9JN5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6552854c2a01e5f87acad2eb623a57a04889c39f16093ab44476da562bb8710d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 16 Oct 2024 19:01:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 107205
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 AGSKWxW9PpsMRxqdtzW5rRDsmugcezV_3M5v0WbMV-h_sxdRNlHyrd4TKnKmVM0d5orYnaeM0EF1suAzM4QCjxTSEbSecxXW4vhc4hO5TlWyhd9_5-41IBoSRhmPYskQVPlm3ktiQzozhQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 77ms
77ms Script
application/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW9PpsMRxqdtzW5rRDsmugcezV_3M5v0WbMV-h_sxdRNlHyrd4TKnKmVM0d5orYnaeM0EF1suAzM4QCjxTSEbSecxXW4vhc4hO5TlWyhd9_5-41IBoSRhmPYskQVPlm3ktiQzozhQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MTA1MjgxLDU4NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuaGVucnloZXJhbGQuY29tLyIsbnVsbCxbWzgsInRpZ1FnbnhuQkFJIl0sWzksImVuLVVTIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

225bae0e307129c867c2d2fc3a9826581d797b1e7abd35a202cf47e0983991b0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FJi7-1YY3MRN53akVK1a5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1JBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRAL8XA0zj6wg01gx6KutUxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGhqZ6BqbxBQYAKxxJ-A"
content-security-policy: script-src 'report-sample' 'nonce-FJi7-1YY3MRN53akVK1a5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 bounce Show response
id5-sync.com/ 29 B
457 B 1643ms
808ms Fetch
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.henryherald.com
p3p: CP="CAO PSA OUR"
date: Wed, 16 Oct 2024 19:01:23 GMT
content-type: text/plain;charset=utf-8
vary: Origin

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
291 B 1442ms
126ms Fetch
application/json 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

d8816ae743135a5a65b7bf136e9baff4dcacf733c93d147b363a9a6ad26e17e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.henryherald.com
date: Wed, 16 Oct 2024 19:01:22 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H3 204 AGSKWxUi8kdVh4sBTVr7Mz9SkT8GcyQHRNrk_ciY_nKB67yofeO6zkjq_210QJSjRUM5wTei7V5uyFPT6hZh-lw6-7snzLtOF9P5Jyf8aAqrq3FgP3ff8acPug2d81ksoa5Um2tO3eDWRw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 77ms
67ms XHR
text/html 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUi8kdVh4sBTVr7Mz9SkT8GcyQHRNrk_ciY_nKB67yofeO6zkjq_210QJSjRUM5wTei7V5uyFPT6hZh-lw6-7snzLtOF9P5Jyf8aAqrq3FgP3ff8acPug2d81ksoa5Um2tO3eDWRw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4_Jul5mhl_LXukSLc4NNdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.henryherald.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:21 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw05BicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiHo3H2gR1sAgv6ZvUwK7kk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQwNDUz0D8_gCAwCkei6w"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4_Jul5mhl_LXukSLc4NNdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.henryherald.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 428ms
63ms Fetch
text/plain 142.251.32.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YV9PEL9JN5&gtm=45je4ae0v880052357z8867863675za200zb867863675&_p=1729105279580&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101529666~101533422~101686685&cid=1023424955.1729105281&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=henryherald.com&dl=https%3A%2F%2Fwww.henryherald.com%2F&sid=1729105281&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.generator=BLOX&ep.generator_version=1.82.0&ep.cms_product=BLOX&ep.cms_version=1.82.0&tfd=13108
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YV9PEL9JN5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.32.110 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s77-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.henryherald.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:22 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 133 B
287 B 50ms
49ms XHR
application/json 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=664&sync=0&domain=www.henryherald.com&url=https://www.henryherald.com/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.henryherald.com%2F&ref=&_it=amazon&partner_id=664
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20655dabdcba99b9944db241c23280db3e0a7fe0045648e9f079dc227e56e29f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
debug: NON-OPTIONS
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
cf-ray: 8d3a4c16ce2b39d2-YYZ
access-control-allow-origin: *
date: Wed, 16 Oct 2024 19:01:23 GMT
content-type: application/json
server: cloudflare
access-control-allow-headers: authorization,content-type

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 1751ms
50ms Preflight
application/json 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=664&sync=0&domain=www.henryherald.com&url=https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8d3a4c167dda39d2-YYZ
content-length: 0
content-type: application/json
date: Wed, 16 Oct 2024 19:01:23 GMT
debug: OPTIONS block
expires: Thu, 16 Oct 2025 19:01:23 GMT
server: cloudflare

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 10 KB
2 KB 1138ms
38ms Fetch
application/json 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 713ce628535c66ef3e3439611569fed5dbda355deca4884062f1109542c86fff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: Ywu_LJJbtO2GMm2l0tbgOcwiBaPgllWG
etag: W/"9d9b54da8961b1f0e311daa4c7c6289c"
age: 3320
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: G1IwLa6uMJC_fDU_J3dgiYPyQXQbz4kzwXDDh5D57O4rO-LF1mEDGQ==
date: Wed, 16 Oct 2024 18:06:03 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 25 Jul 2024 16:07:23 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=10800
via: 1.1 a5bdbdd1958d4d023b03427095a0a97a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 tsub-middleware.bundle.c0f5511a001f780f591f.js Show response
cdn.segment.com/analytics-next/bundles/ 18 KB
6 KB 41ms
41ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/tsub-middleware.bundle.c0f5511a001f780f591f.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 557c67c76c13a84e8b483ee1a0dfdd807399d960909266e7c6a83ddfadca9c81

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"f7b3d2021df83853b191aefa39a74b15"
x-amz-version-id: EQDrSFOFyelI4PsWTOH4DKByMTXk3P9P
age: 7025933
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: dUI1ybWt4HMDNNslo0r6WBTKB2SDLq6lGVKgOm39tFTRxbhEBb5GkA==
date: Sat, 27 Jul 2024 11:22:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 26 Jul 2024 21:05:36 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 6377b6d44129cf483b7fc47ee1f9b05c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 v3 Show response
id5-sync.com/gm/ 700 B
1 KB 140ms
139ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

9fd8ca0893346d09e7a7e4dacc00cffb9dc211698c5284affdd7534f667da7aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.henryherald.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.henryherald.com
p3p: CP="CAO PSA OUR"
date: Wed, 16 Oct 2024 19:01:23 GMT
content-type: application/json
vary: Origin

GET
H2 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 40ms
39ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id: GiR62Ux0OW4CfaeO_9tu7jJVzc8iU6.K
age: 2441112
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: Tks6zlHyH3_on-BNiGNItxzOXbpgP3jIDLDfSS43660iu9BbQEGmkw==
date: Wed, 18 Sep 2024 12:56:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2024 21:59:48 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 6377b6d44129cf483b7fc47ee1f9b05c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 42ms
42ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id: IKXrUoItkKbxZQ20ut9b8FhMghJH_Xd7
age: 7882566
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: hZ60LJs-dFvNOSWOBJZFU7HPtMw03hvbCsYOQsCqX4cIyMpgf0UBog==
date: Wed, 17 Jul 2024 13:25:18 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 16 Jul 2024 17:27:04 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 6377b6d44129cf483b7fc47ee1f9b05c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 664 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 116ms
43ms Script
application/javascript 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/664?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.henryherald.com%2F&ref=&_it=amazon&partner_id=664
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 979069acd9d6c281cbdc617e4db3e9757d2e964416d8da8b3b1d9f75a2685615

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 18
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4c17dbba3a0b-YYZ
date: Wed, 16 Oct 2024 19:01:23 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 18:58:47 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
177 B 1577ms
99ms Fetch
application/json 35.81.90.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.81.90.104 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-81-90-104.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.henryherald.com/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.henryherald.com
content-length: 21
date: Wed, 16 Oct 2024 19:01:25 GMT
content-type: application/json
vary: Origin

GET
H2 200 664 Show response
p.ad.gt/api/v1/p/ 40 KB
14 KB 536ms
42ms Script
application/javascript 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/664
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/664?_it=amazon
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c926316fe4547c8f4bf9afedc765b67293808aef2437e9c2fecb100b0cb5d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 187
cf-ray: 8d3a4c1b4d54aa9e-YYZ
date: Wed, 16 Oct 2024 19:01:24 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 18:55:20 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
143 B 1188ms
99ms Image
image/gif 52.42.22.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&halo_id=060ixe7ju6a65697ggf776kld6chgkgd7gjuom2wi0f0y062qqp320y0k0isqzrk2
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.22.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-22-207.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 19:01:24 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H2 200 ip_match
ids.ad.gt/api/v1/ 0
192 B 1188ms
99ms Image
text/html 52.42.22.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.22.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-22-207.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-length: 0
date: Wed, 16 Oct 2024 19:01:24 GMT
content-type: text/html; charset=utf-8
server: nginx/1.27.1

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&adnxs_id=$UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP%26adnxs_id%3D%24UID%26gdpr%3D0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&adnxs_id=8539633969967250559&gdpr=0

43 B
143 B

99ms
99ms

Image
image/gif

52.42.22.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&adnxs_id=8539633969967250559&gdpr=0
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Server: 52.42.22.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-22-207.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 19:01:27 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

cache-control: no-store, no-cache, private
location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&adnxs_id=8539633969967250559&gdpr=0
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 154.47.17.41; 154.47.17.41; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 9f55c947-15dc-4249-abbb-5de43bd7ccb6
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 16 Oct 2024 19:01:27 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001729105284-ZO8LXXYM-6PWP&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001729105284-ZO8LXXYM-6PWP&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=2d3729d5-b806-4067-822d-2decd7d2b6d0&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP

43 B
144 B

312ms
98ms

Image
image/gif

52.42.22.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=2d3729d5-b806-4067-822d-2decd7d2b6d0&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Server: 52.42.22.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-22-207.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 19:01:24 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

location: https://ids.ad.gt/api/v1/t_match?tdid=2d3729d5-b806-4067-822d-2decd7d2b6d0&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP
content-length: 259
date: Wed, 16 Oct 2024 19:01:24 GMT
server: Kestrel

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP
https://ids.ad.gt/api/v1/pbm_match?pbm=FB66445C-C3F3-44ED-8C0A-4EBDD069BC32&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP

43 B
143 B

106ms
106ms

Image
image/gif

52.42.22.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=FB66445C-C3F3-44ED-8C0A-4EBDD069BC32&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Server: 52.42.22.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-22-207.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 19:01:25 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

cache-control: no-store, no-cache, private
location: https://ids.ad.gt/api/v1/pbm_match?pbm=FB66445C-C3F3-44ED-8C0A-4EBDD069BC32&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 16 Oct 2024 19:01:24 GMT
server: nginx

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
1 KB 466ms
49ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001729105284-ZO8LXXYM-6PWP&gdpr=0
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 44e748b6247b033344ab4f6b8c0f8cbb
Pragma: no-cache

GET
H2

200

tapad_match
ids.ad.gt/api/v1/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001729105284...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001729...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9f4b967b-9b8a-4009-b171-1f34dcaedc2e%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2d3729d5-b806-4067-822d-2decd7d2b6d0&ttd_puid=9f4b967b-9b8a-4009-b171-1f34dcaedc2e%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&tapad_id=9f4b967b-9b8a-4009-b171-1f34dcaedc2e

43 B
143 B

101ms
100ms

Image
image/gif

52.42.22.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&tapad_id=9f4b967b-9b8a-4009-b171-1f34dcaedc2e
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Server: 52.42.22.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-22-207.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 19:01:25 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

strict-transport-security: max-age=31536000
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&tapad_id=9f4b967b-9b8a-4009-b171-1f34dcaedc2e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Wed, 16 Oct 2024 19:01:25 GMT
server: Jetty(11.0.13)

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&google_gid=CAESEBnfPwinZWwCWGcUB9z9K_0&google_cver=1&google_ula=450542624,0

43 B
143 B

99ms
98ms

Image
image/gif

52.42.22.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&google_gid=CAESEBnfPwinZWwCWGcUB9z9K_0&google_cver=1&google_ula=450542624,0
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Server: 52.42.22.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-22-207.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 19:01:26 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

cache-control: no-cache, must-revalidate
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&google_gid=CAESEBnfPwinZWwCWGcUB9z9K_0&google_cver=1&google_ula=450542624,0
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 357
date: Wed, 16 Oct 2024 19:01:26 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTEwNTI4NC1aTzhMWFhZTS02UFdQ

170 B
409 B

1177ms
64ms

Image
image/png

142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTEwNTI4NC1aTzhMWFhZTS02UFdQ

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Wed, 16 Oct 2024 19:01:26 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTEwNTI4NC1aTzhMWFhZTS02UFdQ
content-length: 453
date: Wed, 16 Oct 2024 19:01:25 GMT
content-type: text/html; charset=utf-8
server: nginx/1.27.1

GET
H2 400 ium
ssum-sec.casalemedia.com/ 0
481 B 1168ms
60ms Image
text/plain 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=060ixe7ju6a65697ggf776kld6chgkgd7gjuom2wi0f0y062qqp320y0k0isqzrk2&gdpr=0
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j4UsDX0mAAj2zwO6LItYOBZ9ywsJzLIdHojYzaqkbLOzwtz94ht%2BzC7f%2FBHvi9CGE%2F%2FCo8jbCIlgY5afxaOXrX%2FkPXLeGjmiyulG8%2Ba7ssIEpSZwEYFVAvMqspgaKOQbhCKWC4LBmi3QyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d3a4c26a894aaa2-YYZ
expires: Wed, 16 Oct 2024 19:01:26 GMT
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 16 Oct 2024 19:01:26 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 204 0
sync.1rx.io/usersync/audigent/ 0
99 B 398ms
44ms Image
text/plain 69.194.240.13
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP%26unruly_id%3D%5BRX_UUID%5D
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

expires: 0
cache-control: no-store, no-cache, must-revalidate
date: Wed, 16 Oct 2024 19:01:29 GMT
pragma: no-cache

GET getuid
sync.smartadserver.com/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 49ms
40ms Script
text/javascript 142.251.32.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/664

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.110 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: gzip
age: 3320
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 20:06:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 18:06:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
93 KB 71ms
70ms Script
application/javascript 142.250.80.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/664

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4400dcabcd7df6c3c68207d7ab6451ad5c8e6d378b53d8318cdb5f40d65e1bdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 16 Oct 2024 19:01:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 95025
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
928 B 39ms
38ms Script
text/javascript 142.251.32.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.110 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f14.1e100.net

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
age: 2361
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:22:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 18:22:03 GMT
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 630
x-xss-protection: 0
server: sffe

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 41ms
40ms Script
text/javascript 142.251.32.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.110 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f14.1e100.net

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
age: 2361
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:22:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 18:22:03 GMT
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 1129
x-xss-protection: 0
server: sffe

POST
H2 204 csi
csi.gstatic.com/ 0
532 B 144ms
58ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~m2c8n0wa&c=478677450668246&e=31088082%2C31088085%2C31087831%2C31061691%2C31061692&ctx=1&met.9=1.8jx~2.8nu&met.3=1001.8lq_2__1~164.8lv_1~165.8lo_7~166.8l1_u~112.8qc_2~1032.8rk~326.8rm_4~832.8rs~868.8rr~216.8rj_a~215.8rj_a~843.8rh_c&met.10=1_1.CMAMEMAMGICYdSCfWCgB
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

POST
H2 204 csi
csi.gstatic.com/ 0
57 B 60ms
59ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~m2c8n0z4&c=478677450668246&e=31087892%2C31087986%2C44795921%2C95341937%2C95344189%2C31061691%2C31061692&ctx=1&met.3=112.8t6_3~889.90u_1~639.91e~993.9d0_9__2~992.9db__2~994.9db__2~991.9cz_d__2~990.9cy_d__2~353.9cq_l~453.9dc_2~453.9de_1~453.9df_1~454.9dh_1~454.9di_1~454.9di_1~453.9dj_1~753.9dn~1244.9vd
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20241014/r20190131/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H2 200 syncframe
gum.criteo.com/ Frame 8A27 0
0 140ms
48ms Document
text/html 74.119.117.17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.henryherald.com&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 19:01:25 GMT
server: Kestrel
server-processing-duration-in-ticks: 428797
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H/1.1 200
OK type:300x250
gajobsource.com/places/widget/widget:1/ Frame 3253 0
0 206ms
66ms Document
text/html 50.21.179.247
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gajobsource.com/places/widget/widget:1/type:300x250
Requested by: Host: gajobsource.com
URL: https://gajobsource.com/places/widget/js:1/type:300x250
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.21.179.247 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv95.wehaaserver.com
Software: Apache / PleskLin
Resource Hash

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 public
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 3580
Content-Type: text/html
Date: Wed, 16 Oct 2024 19:01:27 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15, max=500
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-Powered-By: PleskLin

GET
H2 200 /
www.mdjonline.com/tncms/block/1649425/ Frame CDD7 0
0 222ms
41ms Document
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mdjonline.com/tncms/block/1649425/

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 543
cache-control: public, max-age=600
content-encoding: gzip
content-length: 10011
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 16 Oct 2024 18:52:24 GMT
etag: W/935d8e94021969c32e192a6239d7638d
last-modified: Wed, 16 Oct 2024 18:52:24 GMT
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/mdjonline.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/mdjonline.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/mdjonline.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/mdjonline.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/mdjonline.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.0758030105fdd3a70dff03f4da4530e2.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
vary: X-IPCountry, Accept-Encoding
x-content-type-options: nosniff
x-disable-stats-tracker: 1
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.82.0; app11; 0.16s; 2M
x-vcache: HIT
x-xss-protection: 1; mode=block

GET
H2 200 embed.html
e.issuu.com/ Frame 1C10 0
0 481ms
106ms Document
text/html 151.101.65.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://e.issuu.com/embed.html?d=comlv_&u=cobblifemagazine

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.55 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=300
content-length: 2208
content-type: text/html
date: Wed, 16 Oct 2024 19:01:27 GMT
etag: "843ff8727289d566c587f1bf91cbd105"
last-modified: Mon, 14 Oct 2024 14:37:48 GMT
server: AmazonS3
strict-transport-security: max-age=300
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-amz-id-2: sKiHjPYYdcyfJ1mBb1/2yUkNOCpVK/JIwp8tcDR0lIH2Za3aEHubnf20KIkmkZKmrtH4Dqzhs3w=
x-amz-request-id: S3Z05V0JGGX14NH1
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-yyz4552-YYZ, cache-yyz4580-YYZ
x-timer: S1729105288.859609,VS0,VE80

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 voltax_mp.js Show response
mp.mmvideocdn.com/mini-player/prod/ 2 MB
686 KB 239ms
52ms Script
application/x-javascript 18.238.80.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player2/embedcode.php?fk=NWef1XMk&cid=12404
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-124.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: ff835b66ff37ee4a4bf9de1a4446e07d37689ad2efb23f9262f01a0f9dbaa01c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
x-amz-version-id: LFl5FCQaDrF81wZ28Lu35XXKqJhPaeZ3
etag: W/"fcf8ccc7c24f0a9d9d105b38e4fbffd4"
age: 109848
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: _ll-lx4u5hH32BO6QUfxiFxT_UO6y-tlESZqF0dR6xjqxb24CQnKRg==
date: Tue, 15 Oct 2024 12:30:40 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
last-modified: Tue, 15 Oct 2024 12:30:37 GMT
cache-control: private, no-store
via: 1.1 b4aed0fc17149bbf4e91539a66d546a0.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P5
server: CloudFront
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 223 KB
78 KB 82ms
82ms Script
application/javascript 142.250.80.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RCBKLD

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c4ccc7f8fe658d39e946f8f96e0868113534d6a1d561ef2016dd6ae6cb4df4f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 16 Oct 2024 19:01:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:27 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80065
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 670e11e03a90e.preview-300.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/eedition/b/b9/bb9188c9-7935-5c99-828f-e10d7f8c327d/ 47 KB
47 KB 38ms
37ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/eedition/b/b9/bb9188c9-7935-5c99-828f-e10d7f8c327d/670e11e03a90e.preview-300.jpg?resize=300%2C600

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d956c6da2ca7e08b3509659c363fdeb4203cb04f45ab5029b2648e79a8a83e82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "6b69a25236010b0833df8e5ca40d9390"
age: 53411
cf-cache-status: HIT
expires: Thu, 16 Oct 2025 04:11:16 GMT
cf-polished: origSize=50840, status=webp_bigger
date: Wed, 16 Oct 2024 19:01:27 GMT
content-type: image/jpeg
last-modified: Tue, 15 Oct 2024 06:55:30 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4c2efc3ab408-YYZ
access-control-allow-origin: *
server: cloudflare

POST
H2 204 /
events3.bqstreamer.com/ 0
376 B 1173ms
67ms Ping
text/plain 104.26.3.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events3.bqstreamer.com/
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.henryherald.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nMIdCXkfx9PZzgnzWL8l%2FvYQZ9c7kzKunZ33m24lwyyyFVjvctSJoNtZGDaUiCw33%2FgKM5brcEI6VGg47d5wB1i7mXnJCaahtAI0Xus5NX%2FBy66xq9wTCSmiW9uZVzK%2F09o4w708yX8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d3a4c39fb1236fb-YYZ
access-control-allow-origin: *
date: Wed, 16 Oct 2024 19:01:29 GMT
content-type: text/plain
vary: Accept-Encoding
server: cloudflare

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
187 B 1178ms
43ms Ping
image/gif 18.233.80.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=k278NSMrKiRYkvsZ&instance=020149&version=production-5.0.166&age=241016&key=NWef1XMk&seq=1&order=1&vIndex=0&absoluteTime=19398.9&relativeTime=146.9&cmd=PRE_INIT&canonical=https://www.henryherald.com/&EXTREF=https://www.henryherald.com/&REF=https://www.henryherald.com/
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.80.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-80-206.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

accept-ranges: bytes
content-length: 26
date: Wed, 16 Oct 2024 19:01:29 GMT
etag: "1a-5b72883b37f80"
content-type: image/gif
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)

GET
H3 200 data_read.php Show response
embed.sendtonews.com/player4/ 37 KB
7 KB 122ms
69ms Fetch
text/html 108.138.106.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=k278NSMrKiRYkvsZ&instance=020149&version=STN-5.0.166&age=241016&type=FULL&EXTREF=https%3A%2F%2Fwww.henryherald.com%2F&REF=https%3A%2F%2Fwww.henryherald.com%2F&ogSet=1&ESG_key=NWef1XMk
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.106.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-56.jfk50.r.cloudfront.net
Software: Apache /
Resource Hash: 3fd4a89008db45e6eebd20ceb7169e4fe4ae10e29a0bfee5b9f73c96046dc18a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-cache: Miss from cloudfront
cache-control: max-age=1
content-encoding: gzip
via: 1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
expires: Wed, 16 Oct 2024 19:01:29 GMT
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
content-length: 6714
x-amz-cf-id: 7xxTu_lqbjSGSm9ksbM0KdKBEwB8Ld1fVoS1w_2aN7IornOzPvslGg==
date: Wed, 16 Oct 2024 19:01:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Apache
x-amz-cf-pop: JFK50-P3

GET
H2 200 widget-rtdx.php Show response
japfg-trending-content.appspot.com/ 5 KB
2 KB 3307ms
116ms Script
text/html 142.251.40.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://japfg-trending-content.appspot.com/widget-rtdx.php?s=10238
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.148 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s80-in-f20.1e100.net
Software: nginx /
Resource Hash: 9ff08936b71e869070240612df29c1d4e12f8ea55220ef91a163993196717b81

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
date: Wed, 16 Oct 2024 19:01:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: nginx

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/ 177 KB
37 KB 78ms
41ms Script
text/javascript 104.18.43.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RCBKLD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c25747b95d5c3241aaa1fe359079ac74307a2b00ca75b621959c4f056f1291a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "0e7a46fc10a35e289dde6320d2203957"
age: 39
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 19:01:28 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 17:55:41 GMT
vary: Accept-Encoding
x-amz-id-2: MSiZET8YMfg642uJtdyYtJ2juvYEbDAc0VVrUlFzs2mwy+dPsIZB4s3918VJgoS7OeUYpwWbnGpNJdYoMRl0Uw==
cache-control: public, max-age=900, stale-while-revalidate=3600
x-amz-request-id: 7GQ1PWYCJGV3CRMS
cf-ray: 8d3a4c33aae3aba0-YYZ
accept-ranges: bytes
content-length: 37486
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 1039ms
46ms Ping
image/gif 18.233.80.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=k278NSMrKiRYkvsZ&instance=214020149&version=production-5.0.166&age=241016&key=NWef1XMk&c_id=11413&seq=1&order=2&vIndex=0&absoluteTime=19540.5&relativeTime=288.5&cmd=GET&EXTREF=https://www.henryherald.com/&REF=https://www.henryherald.com/
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.80.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-80-206.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

accept-ranges: bytes
content-length: 26
date: Wed, 16 Oct 2024 19:01:29 GMT
etag: "1a-5b72883b37f80"
content-type: image/gif
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202410080955/ 301 KB
107 KB 34ms
34ms Script
application/javascript 104.18.43.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202410080955/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b031c3238b017ab0fd84b1d17c33de4892a4deaa5e6002a071feebdf98719c60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "60462d29cf50606cdda8d5057fd4de28"
age: 697070
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 19:01:28 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 08 Oct 2024 14:01:56 GMT
vary: Accept-Encoding
x-amz-id-2: 50ub411o2fvfNn+pAboL9Nq/B953EhJMwuR70BtKWAoxfqtRA3mzKlAjV9husakgMZ5QQwos3mx5BVDZC09OeS1+qG57UeIx
cache-control: public, max-age=31536000
x-amz-request-id: QAFYCE7JR568TJXK
cf-ray: 8d3a4c345b8daba0-YYZ
accept-ranges: bytes
content-length: 109298
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
2 KB 62ms
60ms Stylesheet
text/css 142.251.35.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed&family=Poppins:wght@200;500&family=Open+Sans:wght@300..800&display=swap

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.170 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f10.1e100.net

Software

ESF /

Resource Hash

a86ef2999a5af962f217a9a65615a898748ee2b90882ef7120a613c20bab2501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:01:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:28 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 16 Oct 2024 17:42:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 icon
fonts.googleapis.com/ 569 B
463 B 60ms
58ms Stylesheet
text/css 142.251.35.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.170 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f10.1e100.net

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:01:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:28 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 16 Oct 2024 19:01:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 strip.png Show response
mp.mmvideocdn.com/mini-player/assets/nba/ 0
612 B 87ms
39ms Fetch
image/png 18.238.80.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.mmvideocdn.com/mini-player/assets/nba/strip.png
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-124.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

etag: "679344bacd06ae378a0dd552370a01c1"
x-amz-version-id: 2UTvG5j_65KqI.Jsk3H_OSGnQNXsUHfE
age: 709656
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: v-Jr6q3mskwWI4zv2UyUkWMkFT1qHo9Cabbdi5BmfdEaHS0pMsx_Fw==
date: Tue, 08 Oct 2024 13:53:53 GMT
content-type: image/png
last-modified: Thu, 12 Sep 2024 08:43:21 GMT
cache-control: private, no-store
via: 1.1 08c43f80b07f0023f38f7f0e417359b4.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 250
x-amz-cf-pop: JFK52-P5
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 ge3rbtjp0n2wsqcawgzscywzrldj6fju.jpg
cdnmedia.sendtonews.com/videos/video_thumb/XL/ 34 KB
35 KB 3575ms
81ms Image
image/jpeg 18.164.124.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnmedia.sendtonews.com/videos/video_thumb/XL/ge3rbtjp0n2wsqcawgzscywzrldj6fju.jpg
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-94.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 290f5ee95f8d69c6896bbc422f2aa6216a1b1d1c7c9f7cf8611b19effe3e0381

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

etag: "e78afd30db603f1d8faff86aa0c08c37"
age: 49332
x-amz-storage-class: REDUCED_REDUNDANCY
x-cache: Hit from cloudfront
x-amz-cf-id: z7z5VT2TB4q-lncMrchtXmLtknNyA6Ug6MQs3K3VoHBgref__JlUsA==
date: Wed, 16 Oct 2024 05:19:21 GMT
content-type: image/jpeg
last-modified: Wed, 16 Oct 2024 05:10:08 GMT
content-disposition: attachment
cache-control: max-age=86400
via: 1.1 fe705b44d5a5a2d7d6e73595ceeca2e2.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 35004
x-amz-cf-pop: JFK50-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 791ms
44ms Ping
image/gif 18.233.80.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=k278NSMrKiRYkvsZ&instance=214020149&version=production-5.0.166&age=241016&key=NWef1XMk&c_id=11413&seq=1&order=3&vIndex=0&absoluteTime=19787.2&relativeTime=535.2&cmd=RTP&sC_ID=4735&sm_id=3921185&status=LVFNLNOY&ac_id=2010&EXTREF=https://www.henryherald.com/&REF=https://www.henryherald.com/
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.80.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-80-206.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

accept-ranges: bytes
content-length: 26
date: Wed, 16 Oct 2024 19:01:29 GMT
etag: "1a-5b72883b37f80"
content-type: image/gif
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)

GET
H2 200 3853602785818108670f4ae787aa55.04843109playlist.m3u8 Show response
cdnmedia.sendtonews.com/videos/m3u8/ 305 B
884 B 299ms
40ms XHR
application/x-mpegurl 18.164.124.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnmedia.sendtonews.com/videos/m3u8/3853602785818108670f4ae787aa55.04843109playlist.m3u8
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-94.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a2f7e500cb8c9e0ebe4cd3d32a451a04d3099640a668658f7567de806d8aee5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
etag: "d3431856ee41063bf1c34e1083b30d79"
age: 4682
access-control-allow-methods: GET, HEAD, POST
x-amz-storage-class: REDUCED_REDUNDANCY
x-cache: Hit from cloudfront
x-amz-cf-id: PvJAZwMdFR9IiTI0eAPrU7EEZtjntYH6huA5MGU8wE1yvFdvJaYHwA==
date: Wed, 16 Oct 2024 17:43:27 GMT
content-type: application/x-mpegURL
vary: Origin
last-modified: Wed, 16 Oct 2024 05:11:47 GMT
content-disposition: attachment
cache-control: max-age=86400
via: 1.1 af81a253e57ed5b111fa0052bfc87f2e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 305
x-amz-cf-pop: JFK50-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET factors
factor-service.prod.voltaxservices.io/ 0
0

GET ssps
factor-service.prod.voltaxservices.io/ 0
0

GET
H2 200 voltax_mp_bridge.html
mp.mmvideocdn.com/mini-player/scripts/ Frame 4286 0
0 1118ms
39ms Document
text/html 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.mmvideocdn.com/mini-player/scripts/voltax_mp_bridge.html
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 3143674
alt-svc: h3=":443"; ma=86400
cache-control: private, no-store
content-encoding: br
content-type: text/html
date: Tue, 10 Sep 2024 09:46:56 GMT
etag: W/"05385d03c1a1b13348c6ae45a38c2524"
last-modified: Thu, 05 Sep 2024 07:59:30 GMT
server: CloudFront
vary: Accept-Encoding Origin
via: 1.1 922a8d3fd8f61d324f544f33d8d3a304.cloudfront.net (CloudFront)
x-amz-cf-id: YHU8a7_VVRyEgcazImb6P3dMHdR58_CbdZ-JMl-Je042DqSJnw4XPA==
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: pROuiWvBbpXDCKItMFRf3Mlg8VpOZCtc
x-cache: Hit from cloudfront

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 5EF1 324 KB
0 0ms
0ms Script
application/javascript 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fdb7c12792ebd6e785128456249178e9b508c9677a300df8fbc6e7520147baa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"907cbdd883935369790d45cc9bd9e8b7"
age: 1782
via: 1.1 e3e94284a800d30d02bd662be67e1bf2.cloudfront.net (CloudFront), 1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: ZjllOnc3vEPhUqulfKbC6-WxgAHx51ZyzLjDCCvosktYj488yDx2Gg==
date: Wed, 16 Oct 2024 18:31:38 GMT
content-type: application/javascript
last-modified: Wed, 28 Aug 2024 22:46:41 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK52-P4
x-amz-server-side-encryption: AES256

GET 2960f87904
pb-rtd-minutemedia.ccgateway.net/v1.0/realtime/ 0
0

GET
H2 200 454 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 97ms
96ms Script
application/javascript 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/454?url=https%3A%2F%2Fwww.henryherald.com%2F&ref=
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a0c0c339e20a8bdf46447c07f6ce8a9a4b58ab104a4b9d17dab462acc4cbec1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4c35fcc73a0b-YYZ
date: Wed, 16 Oct 2024 19:01:28 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 19:00:42 GMT
vary: Accept-Encoding
server: cloudflare

GET prebid
prediction.voltaxam.com/player/creatives/ 0
0

POST predict
prediction.voltaxam.com/player/ 0
0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 423 KB
145 KB 170ms
66ms Script
text/javascript 142.251.40.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.202 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f10.1e100.net

Software

sffe /

Resource Hash

75eaff1b0db3d278028ca29165d0e696ab4fe9d0ecf694b1ee84623c1f9a2d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: private, max-age=900, stale-while-revalidate=3600
content-encoding: gzip
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:01:28 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147932
date: Wed, 16 Oct 2024 19:01:28 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET dcd
factor-service.prod.voltaxservices.io/ 0
0

GET
H3 200 comScore.gt.min.js Show response
embed.sendtonews.com/library/streamsense/6.3.4.190424/ 335 KB
59 KB 53ms
50ms Script
application/javascript 108.138.106.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.106.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-56.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.henryherald.com
Referer: https://www.henryherald.com/

Response headers

x-amz-cf-id: 180WnvfIWPelaNQeDwFZIsbyWqcPcaypv8hd-awByWNOMqIOgtYncg==
content-encoding: gzip
x-amz-version-id: ..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
age: 24215
etag: W/"4a51b8991a6b67323936c2eb62e3518e"
via: 1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 12:17:54 GMT
content-type: application/javascript
last-modified: Thu, 13 Apr 2023 16:36:13 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
0 0ms
0ms Font
font/woff2 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed&family=Poppins:wght@200;500&family=Open+Sans:wght@300..800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.henryherald.com
Referer: https://fonts.googleapis.com/

Response headers

age: 44514
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 06:39:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 06:39:25 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 22 KB
22 KB 43ms
40ms Font
font/woff2 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed&family=Poppins:wght@200;500&family=Open+Sans:wght@300..800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

sffe /

Resource Hash

5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.henryherald.com
Referer: https://fonts.googleapis.com/

Response headers

age: 15858
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 14:37:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 14:37:10 GMT
last-modified: Thu, 21 Apr 2022 16:50:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22768
x-xss-protection: 0
server: sffe

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
125 KB 46ms
42ms Font
font/woff2 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.henryherald.com
Referer: https://fonts.googleapis.com/

Response headers

age: 749
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 18:48:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 18:48:59 GMT
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 128352
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 54ms
51ms Font
font/woff2 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed&family=Poppins:wght@200;500&family=Open+Sans:wght@300..800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.henryherald.com
Referer: https://fonts.googleapis.com/

Response headers

age: 95646
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 16:27:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 16:27:22 GMT
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7748
x-xss-protection: 0
server: sffe

GET
H2 200 3853602785818108670f4ae787aa55.04843109base.en.vtt
cdnmedia.sendtonews.com/videos/cc_text/ 1 KB
2 KB 129ms
41ms TextTrack
text/vtt 18.164.124.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnmedia.sendtonews.com/videos/cc_text/3853602785818108670f4ae787aa55.04843109base.en.vtt
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-94.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bbced1bb3e86cc05b4729dd4f5e8fff6289cc06882a8265a98968b625f1a267

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.henryherald.com
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
etag: "c5fa25d23320be980d08662530542e56"
age: 4681
access-control-allow-methods: GET, HEAD, POST
x-cache: Hit from cloudfront
x-amz-cf-id: SyjNVTyn-_zWmDOksL-GSWGN0IeG8RMoP-LQGA6GSjNnla3bWB4y4Q==
date: Wed, 16 Oct 2024 17:43:28 GMT
content-type: text/vtt
vary: Origin
last-modified: Wed, 16 Oct 2024 05:13:55 GMT
via: 1.1 af81a253e57ed5b111fa0052bfc87f2e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1138
x-amz-cf-pop: JFK50-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 3853602785818108670f4ae787aa55.04843109.m3u8 Show response
cdnmedia.sendtonews.com/videos/m3u8/300k/ 527 B
1 KB 42ms
41ms XHR
application/x-mpegurl 18.164.124.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnmedia.sendtonews.com/videos/m3u8/300k/3853602785818108670f4ae787aa55.04843109.m3u8
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-94.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c82e30d71078c45820b07ad50fe40af143bb2175db9c803c8004f75135f66107

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
etag: "a2a72ebd937002cfbca371f1ebdbf95b"
age: 4682
access-control-allow-methods: GET, HEAD, POST
x-amz-storage-class: REDUCED_REDUNDANCY
x-cache: Hit from cloudfront
x-amz-cf-id: wVRQFGLsgrXqeLiksQCDsiauqvv56fCjDEgamOFwWtMN9zV07pTKog==
date: Wed, 16 Oct 2024 17:43:27 GMT
content-type: application/x-mpegURL
vary: Origin
last-modified: Wed, 16 Oct 2024 05:11:47 GMT
content-disposition: attachment
cache-control: max-age=86400
via: 1.1 af81a253e57ed5b111fa0052bfc87f2e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 527
x-amz-cf-pop: JFK50-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 logo.png Show response
mp.mmvideocdn.com/mini-player/assets/nba/ 0
7 KB 41ms
40ms Fetch
image/png 18.238.80.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.mmvideocdn.com/mini-player/assets/nba/logo.png
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-124.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

etag: "f90b0851c8e0f55daa23f4088226495a"
x-amz-version-id: UDp2j.6F.JcX5PjY85_EitJMh50T1BDh
age: 709656
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: pTxQS4oe5WjynphYOAi4XUreGZMFbT46sLrr0aUchfZKYTkDkY5Zdg==
date: Tue, 08 Oct 2024 13:53:53 GMT
content-type: image/png
last-modified: Tue, 20 Aug 2024 09:16:02 GMT
cache-control: private, no-store
via: 1.1 08c43f80b07f0023f38f7f0e417359b4.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6296
x-amz-cf-pop: JFK52-P5
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5EF1 6 KB
0 0ms
0ms XHR
application/javascript 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
age: 86010
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: BJ1_i_g-FtKwnYPVOdCx3DUSWr6GoYkWwH3CL1EUwtoIRDp79AW9Jg==
date: Tue, 15 Oct 2024 19:07:52 GMT
content-type: application/javascript
vary: Accept-Encoding,Origin
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 a5ec1cc448d0ca618712f253b7a7adba.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 6c3f03cd-6fa8-4477-ac05-2c0f4f8da092 Show response
config.aps.amazon-adsystem.com/configs/ Frame 5EF1 563 B
829 B 46ms
39ms Script
application/javascript 108.138.106.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-70.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 30b03856aa4b06101fb7e96d907728241e0b9cd698732442bf350e98a21a465e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=3600
age: 1191
via: 1.1 410372c9ac35ccad4a4fd5dbf80c9f38.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 563
x-amz-cf-id: ouL_aqEZDuzOOCVdoGTvNGyXR4Qghu7Q5pJe2pycFD-2Brmxv9BQ7g==
date: Wed, 16 Oct 2024 18:41:37 GMT
content-type: application/javascript
x-amz-cf-pop: JFK50-P3
server: CloudFront

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 5EF1 2 KB
2 KB 53ms
50ms XHR
application/json 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.henryherald.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: Server /
Resource Hash: fcd544f5f46f7768e47ba49da112aa5d98404e96c786d36cb45c716f7d45a561

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
via: 1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.henryherald.com
x-cache: Miss from cloudfront
content-length: 1764
x-amz-cf-id: ePGtqvPG8_UndgxN5-X43yrSWR5HfUY3xkU_W-rEHMX5BtwbKr1a5A==
date: Wed, 16 Oct 2024 19:01:28 GMT
content-type: application/json;charset=UTF-8
x-amz-cf-pop: JFK52-P4
server: Server

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 5EF1 726 B
829 B 252ms
151ms XHR
text/javascript 108.139.48.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.henryherald.com%2F&pid=SVnXTGEfHSypq&cb=0&ws=1600x1200&v=24.827.1552&t=5000&slots=%5B%7B%22kv%22%3A%7B%22irisid%22%3A%22iris_4eb0222982f0368f%22%7D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%2C%22id%22%3A%22stn_accompanying_content%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&bb=%5B%22csngn4%22%5D&schain=1.0%2C1%21stnvideo.com%2CSTN_0004824%2C1%2C%2C%2C&sm=98ee8551-8cd2-4c39-9350-b6a9019e6259&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%22060ixe7ju6a65697ggf776kld6chgkgd7gjuom2wi0f0y062qqp320y0k0isqzrk2%22%2C%22id5%22%3A%22ID5*wlJN_S5hDSQGdMeFqFIhyailOQZa-XDEV-Bc21ilPPrPIpiK5MqdxG49qqJdOO8G%22%2C%22pubcommon%22%3A%2205f358ad-634d-43a6-8622-5e9c27e893e7%22%7D%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.48.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-48-9.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 27f86bdabcd87ad014cc6cdb2fa1f70ac7ad4eb45bcbb9277b7d614a3beb2bed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 f5b36a6d650578e8cf7b1700c37caa00.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.henryherald.com
x-cache: Miss from cloudfront
content-length: 492
x-amz-cf-id: oTRMjBS-5sHPcEQksRlHFs9KUyI966AjD_AphhT116lrlp3sZ_gEpQ==
date: Wed, 16 Oct 2024 19:01:29 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: JFK50-P1
server: Server

GET
H2 200 3853602785818108670f4ae787aa55.04843109-00001.ts Show response
cdnmedia.sendtonews.com/videos/m3u8/300k/ 436 KB
437 KB 48ms
47ms XHR
video/mp2t 18.164.124.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnmedia.sendtonews.com/videos/m3u8/300k/3853602785818108670f4ae787aa55.04843109-00001.ts
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-94.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b24acc098a212e27a78f770054e005021089da389d56f9b9b1751649d0293b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
etag: "7813d3a9aef17d74b521ec532968358e"
age: 4681
access-control-allow-methods: GET, HEAD, POST
x-amz-storage-class: REDUCED_REDUNDANCY
x-cache: Hit from cloudfront
x-amz-cf-id: 56IH_f3KHZKXo7jBHio95IB4vLYCEyK-a2VW0zlvMQkltPZnRtRUyw==
date: Wed, 16 Oct 2024 17:43:28 GMT
content-type: video/mp2t
vary: Origin
last-modified: Wed, 16 Oct 2024 05:11:40 GMT
content-disposition: attachment
cache-control: max-age=86400
via: 1.1 af81a253e57ed5b111fa0052bfc87f2e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 446312
x-amz-cf-pop: JFK50-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 454 Show response
p.ad.gt/api/v1/p/ 55 KB
19 KB 44ms
37ms Script
application/javascript 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/454
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/454?url=https%3A%2F%2Fwww.henryherald.com%2F&ref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b26646b4d9dc7719d7e504ee17c4cafcca7c7a1be96a63a7f6d370b348f2376b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 192
cf-ray: 8d3a4c381910aa9e-YYZ
date: Wed, 16 Oct 2024 19:01:28 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 18:55:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
143 B 106ms
97ms Image
image/gif 52.42.22.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&halo_id=060ixe7ju6a65697ggf776kld6chgkgd7gjuom2wi0f0y062qqp320y0k0isqzrk2
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.22.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-22-207.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 19:01:29 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H2 200 ip_match
ids.ad.gt/api/v1/ 0
192 B 107ms
98ms Image
text/html 52.42.22.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.22.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-22-207.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-length: 0
date: Wed, 16 Oct 2024 19:01:29 GMT
content-type: text/html; charset=utf-8
server: nginx/1.27.1

GET
H2

200

ppnt_match
ids.ad.gt/api/v1/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP
https://ids.ad.gt/api/v1/ppnt_match?uid=EaEUmMnk2Wkt&ev=1&pid=562316&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP

43 B
143 B

99ms
99ms

Image
image/gif

52.42.22.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ppnt_match?uid=EaEUmMnk2Wkt&ev=1&pid=562316&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Server: 52.42.22.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-22-207.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 19:01:30 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

cache-control: private, max-age=0, no-cache, no-store
location: https://ids.ad.gt/api/v1/ppnt_match?uid=EaEUmMnk2Wkt&ev=1&pid=562316&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5bdc7dc56b-k2764
expires: -1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-CA
server: Jetty(10.0.14)

GET cm
u.openx.net/w/1.0/ 0
0

GET https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP
d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/ 0
0

GET
H2

200

impr_match
ids.ad.gt/api/v1/
Redirect Chain

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP%26impr_uid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP%26impr_uid%3D%7BPUB_USER_ID%7D
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&impr_uid=cec14f94-bebb-4311-8644-c7c929151504

43 B
143 B

100ms
99ms

Image
image/gif

52.42.22.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&impr_uid=cec14f94-bebb-4311-8644-c7c929151504
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Server: 52.42.22.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-22-207.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 19:01:29 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

access-control-allow-origin: *
location: https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&impr_uid=cec14f94-bebb-4311-8644-c7c929151504
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Wed, 16 Oct 2024 19:01:29 GMT
content-type: text/plain

GET
H2

200

adb_match
ids.ad.gt/api/v1/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001729105284-ZO8LXXYM-6PWP&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001729105284-ZO8LXX...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001729105284-ZO8LXXYM-6PWP&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-01...
https://ids.ad.gt/api/v1/adb_match?adb=44798942743196665340047150774923446324&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP

43 B
143 B

99ms
99ms

Image
image/gif

52.42.22.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/adb_match?adb=44798942743196665340047150774923446324&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Server: 52.42.22.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-22-207.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 19:01:30 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://ids.ad.gt/api/v1/adb_match?adb=44798942743196665340047150774923446324&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP
dcs: dcs-prod-usw2-2-v063-09c0b18a1.edge-usw2.demdex.com 2 ms
pragma: no-cache
x-tid: /lKX1xW9TUI=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Wed, 16 Oct 2024 19:01:30 GMT

GET
H2

200

colossus
ids.ad.gt/api/v1/
Redirect Chain

https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001729105284-ZO8LXXYM-6PWP&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-...
https://ids.ad.gt/api/v1/colossus?cls_id=d81c5494-fcca-4936-a151-ff9a19b1ea8d&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP

43 B
143 B

106ms
106ms

Image
image/gif

52.42.22.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/colossus?cls_id=d81c5494-fcca-4936-a151-ff9a19b1ea8d&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Server: 52.42.22.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-22-207.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 19:01:29 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Cache-Control: no-cache, no-store, must-revalidate
Location: http://ids.ad.gt/api/v1/colossus?cls_id=d81c5494-fcca-4936-a151-ff9a19b1ea8d&id=AU1D-0100-001729105284-ZO8LXXYM-6PWP
Pragma: no-cache
Connection: keep-alive
Expires: 0
Date: Wed, 16 Oct 2024 19:01:29 GMT
Server: nginx

GET
H2

200

son_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&uid=[UID]&gdpr=0
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&uid=a4c8f263-ad69-4e9a-bb33-e6e4e276ac3a&gdpr=0

43 B
143 B

101ms
100ms

Image
image/gif

52.42.22.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&uid=a4c8f263-ad69-4e9a-bb33-e6e4e276ac3a&gdpr=0
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Server: 52.42.22.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-22-207.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 19:01:30 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

cache-control: no-cache, no-store, private
location: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729105284-ZO8LXXYM-6PWP&uid=a4c8f263-ad69-4e9a-bb33-e6e4e276ac3a&gdpr=0
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Wed, 16 Oct 2024 19:01:29 GMT
tcn: Choice
content-type: text/plain; charset=utf8
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-6-93
x-xss-protection: 0

GET
H2 200 /
onetag-sys.com/match/ 0
341 B 149ms
45ms Image
text/plain 51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=180&uid=AU1D-0100-001729105284-ZO8LXXYM-6PWP&gdpr=0

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 5EF1 54 KB
0 2ms
1ms Script
application/javascript 23.203.179.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.179.38 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-179-38.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=900
content-encoding: gzip
etag: "d734-5f2f3919e751f-gzip"
expires: Wed, 16 Oct 2024 19:16:27 GMT
accept-ranges: bytes
content-length: 17407
date: Wed, 16 Oct 2024 19:01:27 GMT
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ Frame 5EF1 16 KB
0 2ms
2ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 712369aef7db8ee613780ed94892762890345add2113c7749b2f03b819c0a4fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66ce363e-403e"
age: 69107
cf-ray: 8d3a4c01fec6a1e6-YYZ
expires: Sat, 19 Oct 2024 19:01:20 GMT
date: Wed, 16 Oct 2024 19:01:20 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2024 20:25:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ Frame 5EF1 56 KB
11 KB 42ms
35ms Script
application/javascript 104.22.53.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=about%3Ablank&ref=https%3A%2F%2Fwww.henryherald.com%2F&_it=amazon&partner_id=454
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.53.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=432000
content-encoding: br
cf-bgj: minify
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
age: 1761
cf-cache-status: HIT
x-amz-request-id: 4GNTEWM5RE8S976C
cf-ray: 8d3a4c383bb8ac58-YYZ
date: Wed, 16 Oct 2024 19:01:29 GMT
content-type: application/javascript
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: 1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE=

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 605 B
182 B 139ms
61ms XHR
application/json 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fwww.henryherald.com%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

0a9b9016eaa078cb8dfabad9d61b69ed6fdae1339ccb81c209fdf958f608e425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:01:29 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 157
date: Wed, 16 Oct 2024 19:01:29 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 44ms
43ms Ping
image/gif 18.233.80.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=k278NSMrKiRYkvsZ&instance=214020149&version=production-5.0.166&age=241016&key=NWef1XMk&c_id=11413&seq=1&order=4&vIndex=0&absoluteTime=20238.4&relativeTime=986.4&cmd=IMA&EXTREF=https://www.henryherald.com/&REF=https://www.henryherald.com/&imaVersion=3.673.0&imaAttempt=2
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.80.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-80-206.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

accept-ranges: bytes
content-length: 26
date: Wed, 16 Oct 2024 19:01:29 GMT
etag: "1a-5b72883b37f80"
content-type: image/gif
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)

GET
H3 200 envelope Show response
lexicon.33across.com/v1/ Frame 5EF1 42 B
58 B 51ms
50ms XHR
application/json 35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.13.1&us_privacy=1---
Requested by: Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.henryherald.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
date: Wed, 16 Oct 2024 19:01:26 GMT
content-type: application/json
vary: origin

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
0 0ms
0ms Script
application/javascript 142.250.80.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4400dcabcd7df6c3c68207d7ab6451ad5c8e6d378b53d8318cdb5f40d65e1bdd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 16 Oct 2024 19:01:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 95025
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame B48D
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_n-adMediaV1_rx_n-acuityads_n-Beeswax_smrt_cnv_n-smaato_n-adman-v2_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-...
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_n-adMediaV1_rx_n-acuityads_n-Beeswax_smrt_cnv_n-smaato_n-adman-v2_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-...

0
0

122ms
64ms

Document
text/html

98.82.157.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_n-adMediaV1_rx_n-acuityads_n-Beeswax_smrt_cnv_n-smaato_n-adman-v2_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

98.82.157.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-82-157-231.compute-1.amazonaws.com

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 434
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 16 Oct 2024 19:01:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 54YEE1M4E4T6DK06FQ7G

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 16 Oct 2024 19:01:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_n-adMediaV1_rx_n-acuityads_n-Beeswax_smrt_cnv_n-smaato_n-adman-v2_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 3DYCGXP7DMPG13NF31F0

GET
H2 200 3853602785818108670f4ae787aa55.04843109.m3u8 Show response
cdnmedia.sendtonews.com/videos/m3u8/1000k/ 529 B
1 KB 42ms
40ms XHR
application/x-mpegurl 18.164.124.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnmedia.sendtonews.com/videos/m3u8/1000k/3853602785818108670f4ae787aa55.04843109.m3u8
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-94.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 276423acf1aeaef39ade1c02300ad086c3a346eafa13b171686f1efe3e6b518c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
etag: "448060888391457f41e5ecfd05f14e68"
age: 4680
access-control-allow-methods: GET, HEAD, POST
x-amz-storage-class: REDUCED_REDUNDANCY
x-cache: Hit from cloudfront
x-amz-cf-id: UEwh5tu8pg4pi9TzjUm86KKL71IYt6PY4-LoxUUsqZbiW5jXbQTa2g==
date: Wed, 16 Oct 2024 17:43:30 GMT
content-type: application/x-mpegURL
vary: Origin
last-modified: Wed, 16 Oct 2024 05:11:47 GMT
content-disposition: attachment
cache-control: max-age=86400
via: 1.1 af81a253e57ed5b111fa0052bfc87f2e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 529
x-amz-cf-pop: JFK50-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 3853602785818108670f4ae787aa55.04843109-00002.ts Show response
cdnmedia.sendtonews.com/videos/m3u8/1000k/ 1 MB
1 MB 42ms
41ms XHR
video/mp2t 18.164.124.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnmedia.sendtonews.com/videos/m3u8/1000k/3853602785818108670f4ae787aa55.04843109-00002.ts
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-94.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89bc3dc894e0ed4accba396b418dc0095b15c4f9d106f4202c593064dda6aade

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
etag: "c70d27c8b343ce05b1bec5e5e5f16d7a"
age: 4679
access-control-allow-methods: GET, HEAD, POST
x-amz-storage-class: REDUCED_REDUNDANCY
x-cache: Hit from cloudfront
x-amz-cf-id: iyGmPaIV6ykd7u64ArVpbwloMigluxapORdxli46PWybmp9utwAduQ==
date: Wed, 16 Oct 2024 17:43:31 GMT
content-type: video/mp2t
vary: Origin
last-modified: Wed, 16 Oct 2024 05:11:41 GMT
content-disposition: attachment
cache-control: max-age=86400
via: 1.1 af81a253e57ed5b111fa0052bfc87f2e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1356796
x-amz-cf-pop: JFK50-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 ads Show response
selector.voltaxam.com/ 125 B
618 B 521ms
163ms Fetch
application/json 18.173.132.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://selector.voltaxam.com/ads
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-82.jfk52.r.cloudfront.net
Software: /
Resource Hash: e378b2eb4abc4575efe88ec83a18014028a3cff1025ff188ac171dc8e9b6ac17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.henryherald.com/

Response headers

x-region: us-west-2
cache-control: private,no-store
content-encoding: gzip
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 29117767a034875a8b49afd641f25d82.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 137
x-amz-cf-id: rjdoszih2oNo5GapYfPpxgIfbq4tTlhMoM8rJCaz-i419nqpebi7Vg==
date: Wed, 16 Oct 2024 19:01:30 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P2
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

GET
H2 200 a9D1bZ8IgNEdXOn_LbYjJSw5o1GMv0dyLSFFA_jfVlke4Dd3V9VDmzDnXi9B0W9QiH915lTrxCX0n5iww376ArwwLZxkfcqtd51Q-KeaSt6-n7PnFUpC=w600-h400-p-rj-l68-e365
lh3.googleusercontent.com/ 65 KB
65 KB 1204ms
42ms Image
image/jpeg 142.250.176.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a9D1bZ8IgNEdXOn_LbYjJSw5o1GMv0dyLSFFA_jfVlke4Dd3V9VDmzDnXi9B0W9QiH915lTrxCX0n5iww376ArwwLZxkfcqtd51Q-KeaSt6-n7PnFUpC=w600-h400-p-rj-l68-e365

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f1.1e100.net

Software

fife /

Resource Hash

ee4249a1f134b65f9d020d2b3d126ebf3d973f97fed472593312d366346a982f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 12877
x-content-type-options: nosniff
expires: Tue, 14 Jan 2025 15:26:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 15:26:55 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=7776000, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 66048
x-xss-protection: 0
server: fife

GET
H2 200 MJVDLANU2REGLp6XS9oqL-gQqiSrnOQwORNq3D-wHQWLJCfORiwvt9pYwrsh_HGJqdQ2UzuLgy5C1gEU3I5uYHR1SL-8u4zmNIJiVWixZfxLNP1Keymd_g=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 901 B
963 B 1263ms
101ms Image
image/jpeg 142.250.176.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/MJVDLANU2REGLp6XS9oqL-gQqiSrnOQwORNq3D-wHQWLJCfORiwvt9pYwrsh_HGJqdQ2UzuLgy5C1gEU3I5uYHR1SL-8u4zmNIJiVWixZfxLNP1Keymd_g=s42-p-rj-l68-e365

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f1.1e100.net

Software

fife /

Resource Hash

f692ec218ac434b82284dbaf6447cf24ce6b8c1bf08d8d7116ec2ba792faf355

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 12877
x-content-type-options: nosniff
expires: Tue, 14 Jan 2025 15:26:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 15:26:55 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=7776000, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 901
x-xss-protection: 0
server: fife

GET
H2 200 sprite_icons_6dc7d94.png
www.justapinch.com/images/ 22 KB
22 KB 137ms
31ms Image
image/png 130.211.10.17
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.justapinch.com/images/sprite_icons_6dc7d94.png
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.10.17 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 17.10.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-who: gcloud-web-2
cache-control: max-age=31536000,public
age: 136617
via: 1.1 google
expires: Wed, 15 Oct 2025 05:04:34 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22292
date: Tue, 15 Oct 2024 05:04:34 GMT
last-modified: Mon, 14 Oct 2024 18:06:27 GMT
content-type: image/png
server: nginx

GET
H2 200 hvvLWJ7t90sGpsp0maNxV4mlxF8NFL_QvnlKwaZvzQIQ50iRRiFP4U3ZEFZRFukJRMIHjKP6IJhg2L3S7cJWqTEh-hKoyiVtcUr6nw=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 1 KB
1 KB 1232ms
90ms Image
image/jpeg 142.250.176.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/hvvLWJ7t90sGpsp0maNxV4mlxF8NFL_QvnlKwaZvzQIQ50iRRiFP4U3ZEFZRFukJRMIHjKP6IJhg2L3S7cJWqTEh-hKoyiVtcUr6nw=s42-p-rj-l68-e365

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f1.1e100.net

Software

fife /

Resource Hash

53b94e65768d49eda59af7f8c0f1ea06cae1bca8ff2697016f463818673df700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10935
x-content-type-options: nosniff
expires: Tue, 14 Jan 2025 15:59:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 15:59:17 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=7776000, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 1113
x-xss-protection: 0
server: fife

GET
H2 200 4gffykdJl-LDj6JedsrqWqMnUtjA4ettukBlAIr1tIizpxQEFxmVGikaNUjgS0RbQxgGDH2rJEpNPKqLRGh42SMyQEm0S9BakYfmmk0=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 962 B
1 KB 1230ms
89ms Image
image/jpeg 142.250.176.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/4gffykdJl-LDj6JedsrqWqMnUtjA4ettukBlAIr1tIizpxQEFxmVGikaNUjgS0RbQxgGDH2rJEpNPKqLRGh42SMyQEm0S9BakYfmmk0=s42-p-rj-l68-e365

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f1.1e100.net

Software

fife /

Resource Hash

50c9201fab5a8a851d4a225b1fdb97338c461b2aaee7357c235f26dfa7126168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 12667
x-content-type-options: nosniff
expires: Tue, 14 Jan 2025 15:30:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 15:30:25 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=7776000, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 962
x-xss-protection: 0
server: fife

GET
H2 200 nLPwoydMoLLFHJokgSzIEFIGLyxBM3H8kif7HwK9KXEvvSLlfsPhnM6QRqiX70RpDoY5NLunpBYuKcWA7SkJ4LBKaUIAYFp-hEHut1g_vJnZJMCh2kcI=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 1001 B
1 KB 1102ms
102ms Image
image/jpeg 142.250.176.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/nLPwoydMoLLFHJokgSzIEFIGLyxBM3H8kif7HwK9KXEvvSLlfsPhnM6QRqiX70RpDoY5NLunpBYuKcWA7SkJ4LBKaUIAYFp-hEHut1g_vJnZJMCh2kcI=s42-p-rj-l68-e365

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f1.1e100.net

Software

fife /

Resource Hash

885abd095038d0b26ddf25b2d8dcb7821d1fcf71206af595bd9856b9219eaf89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 6449
x-content-type-options: nosniff
expires: Tue, 14 Jan 2025 17:14:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 17:14:03 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=7776000, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 1001
x-xss-protection: 0
server: fife

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 223 KB
0 0ms
0ms Script
application/javascript 142.250.80.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RCBKLD

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c4ccc7f8fe658d39e946f8f96e0868113534d6a1d561ef2016dd6ae6cb4df4f4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 16 Oct 2024 19:01:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:27 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80065
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 6VpTquIrZYItxMQ-3dvC2t3BeENdvi3BjBQNPbCjNsjoh5-D99PSLG3DFl6T538LWboRtpENX1IWdhCI3l-KCWt-GJ_CCQ=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 19 KB
19 KB 666ms
90ms Image
image/jpeg 142.250.176.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/6VpTquIrZYItxMQ-3dvC2t3BeENdvi3BjBQNPbCjNsjoh5-D99PSLG3DFl6T538LWboRtpENX1IWdhCI3l-KCWt-GJ_CCQ=w300-h170-p-rj-l75

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f1.1e100.net

Software

fife /

Resource Hash

4773b8181c2ae8d78001af7baa212e4e56337c9e948c4c3a5a40a73828195055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10899
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 15:59:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 15:59:53 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 19215
x-xss-protection: 0
server: fife

GET
H2 200 YZ9MH2wdlJdCYw83__WEwmWJNDdmDC-G1gxTRgzM9uRH676tU-vbYTf3Y-Rawash8vdXgAF_uHV2Z0sNg2KTbHcovY1TKpc=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 21 KB
21 KB 52ms
45ms Image
image/jpeg 142.250.176.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/YZ9MH2wdlJdCYw83__WEwmWJNDdmDC-G1gxTRgzM9uRH676tU-vbYTf3Y-Rawash8vdXgAF_uHV2Z0sNg2KTbHcovY1TKpc=w300-h170-p-rj-l75

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f1.1e100.net

Software

fife /

Resource Hash

9db6f324c86b5c457a945e167955af382aaaf32a61f9cca92386a06c3e1e95be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 11773
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 15:45:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 15:45:19 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 21179
x-xss-protection: 0
server: fife

GET
H2 200 tzeJn0FsUUbQ0l-mcDy5RfyNDsxk-sTAZ1lNF3v6uwyevHyG5p-eEJUMUDLz0fWsq_tjoyjFlrh-aoCrk03o2xQhBKXZ=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 19 KB
19 KB 43ms
38ms Image
image/jpeg 142.250.176.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/tzeJn0FsUUbQ0l-mcDy5RfyNDsxk-sTAZ1lNF3v6uwyevHyG5p-eEJUMUDLz0fWsq_tjoyjFlrh-aoCrk03o2xQhBKXZ=w300-h170-p-rj-l75

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f1.1e100.net

Software

fife /

Resource Hash

26dd7e9b07a8f0d0622bb594a9af1f9ba33d65999bec26bc573e1f4c27c9a4a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 6445
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 17:14:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 17:14:07 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 19846
x-xss-protection: 0
server: fife

GET 10578.jsx
cdn-p.cityspark.com/wid/ 0
0

GET
H2 200 member Show response
henrycounty.chambermaster.com/public/widgets/ 291 B
600 B 145ms
145ms Script
application/javascript 216.17.94.178
USINTERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://henrycounty.chambermaster.com/public/widgets/member?jsonpcallback=MNI.Callbacks.Ajax1729105291631&secure=true&referrer=www.henryherald.com&memId=424

Requested by

Host: henrycounty.chambermaster.com
URL: https://henrycounty.chambermaster.com/Content/Script/Member.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.17.94.178 , United States, ASN10242 (USINTERNET, US),

Reverse DNS

216.17.94.178.ip.usinternet.com

Software

/ ASP.NET, ARR/3.0

Resource Hash

580924d319b7c6a1bad56bbba2c472b93c7cac7f6c37106b97abbc3f7b41e3f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: ASP.NET, ARR/3.0
cache-control: private
x-aspnet-version: 4.0.30319
content-encoding: gzip
x-source: MNWS010
x-content-type-options: nosniff
content-length: 334
date: Wed, 16 Oct 2024 19:00:56 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-aspnetmvc-version: 5.1
x-frame-options: SAMEORIGIN

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 222 KB
67 KB 3477ms
77ms Script
application/javascript 23.45.193.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.193.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-193-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: max-age=75374
content-encoding: gzip
expires: Thu, 17 Oct 2024 15:57:50 GMT
accept-ranges: bytes
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 68444
date: Wed, 16 Oct 2024 19:01:36 GMT
last-modified: Sat, 29 Apr 2023 00:25:40 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 bridge3.673.0_en.html
imasdk.googleapis.com/js/core/ Frame DFC2 0
0 377ms
41ms Document
text/html 142.250.65.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.673.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.170 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f10.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 169171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257403
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:02:01 GMT
expires: Tue, 14 Oct 2025 20:02:01 GMT
last-modified: Mon, 14 Oct 2024 19:57:21 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET client.js
s0.2mdn.net/instream/video/ 0
0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4F38 40 KB
14 KB 57ms
51ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 1453
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:37:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 18:37:18 GMT
last-modified: Thu, 11 Apr 2024 19:10:13 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 13943
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET

5.gif
id5-sync.com/c/914/434/4/
Redirect Chain

https://id5-sync.com/i/914/8.gif?o=api&id5id=ID5*wlJN_S5hDSQGdMeFqFIhyailOQZa-XDEV-Bc21ilPPrPIpiK5MqdxG49qqJdOO8G&gdpr_consent=undefined&gdpr=false
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=2d3729d5-b806-4067-822d-2decd7d2b6d0&ttl=%%TTL%%
https://ib.adnxs.com/getuid?https://id5-sync.com/c/914/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/914/2/6/3.gif?puid=8539633969967250559&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F914%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
https://id5-sync.com/c/914/108/5/4.gif?puid=9f4b967b-9b8a-4009-b171-1f34dcaedc2e&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F914%2F434%2F4%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
https://id5-sync.com/c/914/434/4/5.gif?puid=a4c8f263-ad69-4e9a-bb33-e6e4e276ac3a&gdpr=0&gdpr_consent=

0
0

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
34 B 134ms
130ms XHR
text/plain 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://www.henryherald.com/

Response headers

cf-ray: 8d3a4c49aa963a0b-YYZ
access-control-allow-origin: https://www.henryherald.com
cf-cache-status: DYNAMIC
date: Wed, 16 Oct 2024 19:01:31 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

GET getpixels
pixels.ad.gt/api/v1/ 0
0

POST
H2 200 match Show response
seg.ad.gt/api/v2/ 2 B
82 B 137ms
135ms XHR
application/json 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: *
cf-cache-status: DYNAMIC
cf-ray: 8d3a4c4b386736c7-YYZ
access-control-allow-origin: *
content-length: 2
date: Wed, 16 Oct 2024 19:01:32 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: cloudflare

GET
H2 200 segments Show response
seg.ad.gt/api/v1/ 16 B
139 B 264ms
135ms XHR
application/json 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v1/segments?url=https%253A%252F%252Fwww.henryherald.com%252F&partner_id=454&tagger_id=8e4e358b8150f2c2401743eff9deaa33&au_id=AU1D-0100-001729105284-ZO8LXXYM-6PWP
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c70c297b1a729f965a6aca60b7b3bb7a3b06bd13efe07698516fa98ac8b9f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8d3a4c4a7f7c36c7-YYZ
access-control-allow-origin: https://www.henryherald.com
content-length: 16
date: Wed, 16 Oct 2024 19:01:32 GMT
content-type: application/json
vary: Origin
server: cloudflare

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
119 B 120ms
118ms XHR
text/plain 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/664
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://www.henryherald.com/

Response headers

cf-ray: 8d3a4c49bab13a0b-YYZ
access-control-allow-origin: https://www.henryherald.com
cf-cache-status: DYNAMIC
date: Wed, 16 Oct 2024 19:01:31 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

GET getpixels
pixels.ad.gt/api/v1/ 0
0

POST
H2 200 match Show response
seg.ad.gt/api/v2/ 2 B
80 B 2017ms
2015ms XHR
application/json 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/664
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: *
cf-cache-status: DYNAMIC
cf-ray: 8d3a4c4b386f36c7-YYZ
access-control-allow-origin: *
content-length: 2
date: Wed, 16 Oct 2024 19:01:34 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: cloudflare

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
34 B 126ms
121ms XHR
text/plain 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://www.henryherald.com/

Response headers

cf-ray: 8d3a4c49bab23a0b-YYZ
access-control-allow-origin: https://www.henryherald.com
cf-cache-status: DYNAMIC
date: Wed, 16 Oct 2024 19:01:31 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

POST
H2 200 match Show response
seg.ad.gt/api/v2/ 1 KB
270 B 3630ms
3628ms XHR
application/json 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b374eb7048cad29b9a21bf05ca7a21543ff7468cc784d31e54eb137d4f6faf64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 8d3a4c4b487b36c7-YYZ
access-control-allow-origin: *
date: Wed, 16 Oct 2024 19:01:35 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers, accept-encoding
server: cloudflare

GET
H2 200 segments Show response
seg.ad.gt/api/v1/ 16 B
70 B 382ms
128ms XHR
application/json 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v1/segments?url=https%253A%252F%252Fwww.henryherald.com%252F&partner_id=454&tagger_id=8e4e358b8150f2c2401743eff9deaa33&au_id=AU1D-0100-001729105284-ZO8LXXYM-6PWP
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c70c297b1a729f965a6aca60b7b3bb7a3b06bd13efe07698516fa98ac8b9f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8d3a4c4b487a36c7-YYZ
access-control-allow-origin: https://www.henryherald.com
content-length: 16
date: Wed, 16 Oct 2024 19:01:32 GMT
content-type: application/json
vary: Origin
server: cloudflare

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
34 B 126ms
123ms XHR
text/plain 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/664
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://www.henryherald.com/

Response headers

cf-ray: 8d3a4c49bac53a0b-YYZ
access-control-allow-origin: https://www.henryherald.com
cf-cache-status: DYNAMIC
date: Wed, 16 Oct 2024 19:01:31 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

POST
H2 200 match Show response
seg.ad.gt/api/v2/ 262 B
203 B 6922ms
6921ms XHR
application/json 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/664
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0e9bd147bed9f59a5805d289af14709afe48af737aa0eb145d4847d7481ea7c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.henryherald.com/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 8d3a4c4b588436c7-YYZ
access-control-allow-origin: *
date: Wed, 16 Oct 2024 19:01:38 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers, accept-encoding
server: cloudflare

GET
H2 200 /
www.henryherald.com/tncms/csrf/token/ 0
0 600ms
79ms Fetch
text/html 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.henryherald.com/tncms/csrf/token/

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/shared-content/art/tncms/api/csrf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
age: 0
x-content-type-options: nosniff
date: Wed, 16 Oct 2024 19:01:32 GMT
content-type: text/html; charset=UTF-8
vary: X-IPCountry, Accept-Encoding
x-frame-options: SAMEORIGIN
x-vcache: MISS
strict-transport-security: max-age=31536000
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
x-tncms: 1.82.1; app1; 0.01s; 1M
content-security-policy: upgrade-insecure-requests
cache-control: private, no-cache, no-store, max-age=0
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
content-length: 20
x-xss-protection: 1; mode=block

GET
H2 200 diberp-tcx-v7.13.0.js Show response
www.americanhometownmedia.com/static/ 328 KB
103 KB 1155ms
28ms Script
text/javascript 34.120.58.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.58.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 62.58.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=qwVX7w==, md5=8IXHYJ+3xH+3L9do1yE3Pg==
etag: "f085c7609fb7c47fb72fd768d721373e"
age: 4580
x-goog-stored-content-encoding: gzip
expires: Thu, 16 Oct 2025 17:45:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 104504
date: Wed, 16 Oct 2024 17:45:13 GMT
last-modified: Mon, 29 Aug 2022 14:20:21 GMT
content-type: text/javascript
vary: Accept-Encoding,Origin
x-guploader-uploadid: AHmUCY3Ge9iGPQLl1W0t34ccqvjrp1fY2QDom62Pz9H4kSTOYu6ARsJZZXbs_l_VoIrAvhq9NOo
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1661782821233427
content-length: 104504
server: UploadServer

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 108 KB
0 0ms
0ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

8961f5c4bd305e75618ec23aebca6c4e4c3ad93ade20f6673a58172be4568d6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
etag: 823 / 20012 / m202410100101 / config-hash: 999708810307259352
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:01:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 16 Oct 2024 19:01:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33834
x-xss-protection: 0
server: cafe

OPTIONS
H2 200 match
seg.ad.gt/api/v2/ Frame 0
0 249ms
120ms Preflight 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 8d3a4c4a7f8036c7-YYZ
date: Wed, 16 Oct 2024 19:01:32 GMT
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers

OPTIONS
H2 200 match
seg.ad.gt/api/v2/ Frame 0
0 245ms
126ms Preflight 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 8d3a4c4a7f8236c7-YYZ
date: Wed, 16 Oct 2024 19:01:32 GMT
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers

OPTIONS
H2 200 match
seg.ad.gt/api/v2/ Frame 0
0 254ms
137ms Preflight 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 8d3a4c4a7f8336c7-YYZ
date: Wed, 16 Oct 2024 19:01:32 GMT
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers

OPTIONS
H2 200 match
seg.ad.gt/api/v2/ Frame 0
0 258ms
143ms Preflight 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 8d3a4c4a7f7e36c7-YYZ
date: Wed, 16 Oct 2024 19:01:32 GMT
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 337 B
612 B 125ms
122ms XHR
text/javascript 108.139.48.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.henryherald.com%2F&pid=NUaS3pvtkRlQ6&cb=0&ws=1600x1200&v=24.827.1552&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1564783%22%2C%22s%22%3A%5B%222x1%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F132916964%2C53302672%2Fhenryherald.com%2Fhomepage%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gpp_sid=%5B-1%5D&sm=68a6b4a4-cb28-450d-896e-375a99e796ad&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%22060ixe7ju6a65697ggf776kld6chgkgd7gjuom2wi0f0y062qqp320y0k0isqzrk2%22%2C%22id5%22%3A%22ID5*wlJN_S5hDSQGdMeFqFIhyailOQZa-XDEV-Bc21ilPPrPIpiK5MqdxG49qqJdOO8G%22%2C%22pubcommon%22%3A%2205f358ad-634d-43a6-8622-5e9c27e893e7%22%7D%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.48.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-48-9.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 7df60506c5f3ffefc8d5e37ee094f4f6dd236ddf086b5a10093326daf7110da3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 f5b36a6d650578e8cf7b1700c37caa00.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.henryherald.com
x-cache: Miss from cloudfront
content-length: 275
x-amz-cf-id: wVET3E3JY6xddXsXCHG60zYV0zL_F17IGx9p9rRIAVxU_7rdTYBCHA==
date: Wed, 16 Oct 2024 19:01:31 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: JFK50-P1
server: Server

GET Chamber-Logo2-(Converted)---Vertical-PMS-541.jpg
chambermaster.blob.core.windows.net/images/chambers/1272/ChamberImages/logo/200x200/ 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
18 KB 107ms
105ms Fetch
text/plain 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=478677450668246&correlator=2320392252578417&eid=31088082%2C31088085%2C31087831%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202410100101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=132916964%3A53302672%2Chenryherald.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x1%7C1x1&ifi=2&didk=2670446997&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1729105292057&lmt=1729105268&adxs=799&adys=53&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.henryherald.com%2F&rumc=478677450668246&rume=1&vis=1&psz=1600x1&msz=1600x1&fws=4&ohw=1600&td=1&egid=52893&tan=a3e01b37-0d1a-4b1f-bf43-c3cdb7a6b882&tdf=2&topics=1&tps=1&htps=10&a3p=EhkKCnB1YmNpZC5vcmcY4_vStakySABSAghkEhoKDWNyd2RjbnRybC5uZXQSABi8ltO1qTJIABIdCg5lc3AuY3JpdGVvLmNvbRjj-9K1qTJIAFICCGQSGQoKdWlkYXBpLmNvbRji-9K1qTJIAFICCGQSGwoMaWQ1LXN5bmMuY29tGIyE07WpMkgAUgIIahIUCgVvcGVueBiFidO1qTJIAFICCG8SGwoMMzNhY3Jvc3MuY29tGOP70rWpMkgAUgIIZBIXCghydGJob3VzZRizhNO1qTJIAFICCGo.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729105272197&idt=7787&prev_scp=pos%3Dimpact-top%26amznbid%3D2%26amznp%3D2&cust_params=browser%3DChrome%26k%3DMcDonough%252CLocust%2520Grove%252CStockbridge%252CGeorgia%252CHenry%2520County%252Cnews%252Csports%252Cgovernment%252Cevents%252Ccommunity%26page%3Dhomepage%252Capp-editorial&adks=2624688925&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

1db92894e91902a539a934ca0eea6e0a231aac1bfad83aaae60c6a7a74b46f40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
google-lineitem-id: 6794438357
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 16 Oct 2024 19:01:32 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138491019714
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.henryherald.com
content-length: 18663
x-xss-protection: 0
server: cafe

GET container.html
8650ff432ddd309d15a15e415a062d46.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 38C1 0
0

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 899A
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-minuteMedia_n-adMediaV1_n-Azerion_n-acuityads_n-MediaNet_n-Beeswax_smrt_cnv_n-smaato_n-adman-v2_n-sharethrough...
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-minuteMedia_n-adMediaV1_n-Azerion_n-acuityads_n-MediaNet_n-Beeswax_smrt_cnv_n-smaato_n-adman-v2_n-sharethrough...

0
0

138ms
70ms

Document
text/html

98.82.157.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-minuteMedia_n-adMediaV1_n-Azerion_n-acuityads_n-MediaNet_n-Beeswax_smrt_cnv_n-smaato_n-adman-v2_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

98.82.157.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-82-157-231.compute-1.amazonaws.com

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 466
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 16 Oct 2024 19:01:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: RN5MANVTMZPQF5WGP6NG

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 16 Oct 2024 19:01:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-minuteMedia_n-adMediaV1_n-Azerion_n-acuityads_n-MediaNet_n-Beeswax_smrt_cnv_n-smaato_n-adman-v2_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 8878E7KEB62FE7F79X3F

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F9FB 0
0 105ms
104ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssviFfen7bbbtxNdqI6cyz_f-fRA3Koso-v0OgH16p8nw32QGDxls6z7D9kyWuOZaBYOiC24SUPtM6ER9nm2_0_2UuX-703V75WndkLLNlLkcNjGGR34aKKOgB3vfSL2T_pQm3zVWejGTGrL8RLN1mc5roClu5J5oSFtIqbooTQtnNiYoZPv_KxKPpwB4tY1RxGQPtLXo0IQjAURimjvjcxlBpLxz33xEchMUK_4UdBJ3sA0rUkV8ZvYIKk56CCpNhsza0lkvIHJT8QCGWIOOdILsof4tXT_-bx8OiCfPuxwQ1ELbk2-xF9WjvvHPvBPjFiELLSPpwcIv7hZxDhYco-NLGs-juAvlP7wKleXYz7qpApx1yeCRD3GtySzVdlTW2EYFZYsdAJHvioAbk2C4ft0ADiHfYrjerImM9PUV8&sai=AMfl-YQAjgBKxfYMvqjnh1FQaLeJz3Uq7g7K3IipwQOfceSVEY6g25vI-AuQ2gcITW9XFJ1XuduJ8mpSB-PWw4f9y2vgOgOAX6tb8z2-3vpvU3TwLH_tiAG4uz2Dc54&sig=Cg0ArKJSzGhT5xe6HXpzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 16 Oct 2024 19:01:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241014/r20110914/ Frame F9FB 23 KB
10 KB 1169ms
43ms Script
text/javascript 142.250.65.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241014/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.193 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f1.1e100.net

Software

cafe /

Resource Hash

1614281ea3ceb097071b78b590af2c261515d1454ce40d35d256fc6399a95ba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
etag: 15243461546475837925
age: 407
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 18:54:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 16 Oct 2024 18:54:50 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9338
x-xss-protection: 0
server: cafe

GET
H2 200 reveal.e5d561a6b71aa2730a07fa90f5f4f6d6.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/templates/ Frame F9FB 8 KB
3 KB 50ms
48ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/templates/reveal.e5d561a6b71aa2730a07fa90f5f4f6d6.js

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d036d654e0622364d1afd83a7d7f4badf6c0efd242e3bd1476b225f1d4971581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66e19e30-1e66"
age: 368030
expires: Sun, 28 Sep 2025 20:27:21 GMT
date: Wed, 16 Oct 2024 19:01:32 GMT
content-type: application/x-javascript
last-modified: Wed, 11 Sep 2024 13:42:08 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4c4c9bcbb408-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2641
server: cloudflare

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F9FB 207 KB
64 KB 41ms
40ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

5ef1ee376d130228c011db5d64084f454c6e82acd78bf95afd4ad512b0fee9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
etag: 6298422545858495708
age: 302
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:56:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 16 Oct 2024 18:56:30 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 65271
x-xss-protection: 0
server: cafe

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 403ms
66ms Script
text/javascript 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/templates/reveal.e5d561a6b71aa2730a07fa90f5f4f6d6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f14.1e100.net

Software

ESF /

Resource Hash

7e372f27f6b86fb32edac34704eff12cf8bb051f98510c450ee94f0af9aaa45a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
x-content-type-options: nosniff
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
expires: Wed, 16 Oct 2024 19:01:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:37 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script'
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 52 KB
4 KB 73ms
43ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03d2a-ce35"
age: 525977
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bfqf%2F%2FU55EvYNQlO9dvuT%2BO3YutPCVjLcG9dORNlJcL55lUbUye%2BZ93%2Bshn%2BFV38CoT2pNAoSnYPbWmkMGF18WoWYQmnPghiuiOvmEmUD1ryCFPlZ6X5EeSiCar952nUbpWYu%2BbP"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 06 Oct 2025 19:01:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 19:01:32 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:04:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d3a4c4d3f31aab3-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3279
server: cloudflare

GET
H2 200 Oa0VkxUIAPQ
www.youtube.com/embed/ Frame 67D8 0
0 296ms
142ms Document
text/html 142.250.72.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Oa0VkxUIAPQ?enablejsapi=1&autoplay=1&loop=1&playlist=Oa0VkxUIAPQ&modestbranding=1&controls=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 19:01:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

5723088144446316408
tpc.googlesyndication.com/simgad/
Redirect Chain

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgOCX1o7qQhABGAEyCFonFL5Le1nV
https://tpc.googlesyndication.com/simgad/5723088144446316408

119 KB
119 KB

42ms
41ms

Image
image/jpeg

142.250.65.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5723088144446316408

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Server

142.250.65.193 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f1.1e100.net

Software

sffe /

Resource Hash

e06554613d105432fae1aa412844b832fcd21896daedceb895bfd375d3a8fbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

age: 15231
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 14:47:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Wed, 16 Oct 2024 14:47:46 GMT
last-modified: Mon, 30 Sep 2024 21:29:21 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 121345
x-xss-protection: 0
server: sffe

Redirect headers

cache-control: public, max-age=2592000
location: https://tpc.googlesyndication.com/simgad/5723088144446316408
timing-allow-origin: *
age: 69070
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 23:50:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
x-xss-protection: 0
date: Tue, 15 Oct 2024 23:50:27 GMT
content-type: text/html; charset=UTF-8
server: cafe

GET
H2

200

8233330427528090527
tpc.googlesyndication.com/simgad/
Redirect Chain

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgOCX1qbDIRABGAEyCD79Tb4DWM35
https://tpc.googlesyndication.com/simgad/8233330427528090527

83 KB
83 KB

85ms
83ms

Image
image/jpeg

142.250.65.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8233330427528090527

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Server

142.250.65.193 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f1.1e100.net

Software

sffe /

Resource Hash

e201a5f8db27d17609e8087baf94a1aadd54189d3ed71c6e90962dd47a466ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

age: 80848
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 20:34:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 15 Oct 2024 20:34:09 GMT
last-modified: Mon, 30 Sep 2024 21:29:11 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 84580
x-xss-protection: 0
server: sffe

Redirect headers

cache-control: public, max-age=2592000
location: https://tpc.googlesyndication.com/simgad/8233330427528090527
timing-allow-origin: *
age: 61047
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 02:04:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
x-xss-protection: 0
date: Wed, 16 Oct 2024 02:04:10 GMT
content-type: text/html; charset=UTF-8
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F9FB 0
0 101ms
101ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 16 Oct 2024 19:01:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET /
trends.revcontent.com/api/demand/ 0
0

OPTIONS
H2 200 api-errors
yeet.revcontent.com/yeet/events/ Frame 0
0 3555ms
95ms Preflight 3.209.42.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/api-errors
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.209.42.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-42-86.compute-1.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.henryherald.com
content-length: 0
date: Wed, 16 Oct 2024 19:01:36 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 7
x-rc-region: us-east-1a

POST
H2 204 api-errors
yeet.revcontent.com/yeet/events/ 0
0 50ms
48ms Fetch 3.209.42.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/api-errors
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.209.42.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-42-86.compute-1.amazonaws.com
Software: envoy /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.henryherald.com/

Response headers

x-rc-region: us-east-1a
access-control-allow-origin: https://www.henryherald.com
date: Wed, 16 Oct 2024 19:01:36 GMT
x-envoy-upstream-service-time: 3
vary: Origin
server: envoy
access-control-allow-credentials: true

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 11 KB
7 KB 3169ms
112ms Fetch
application/json 54.158.203.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=280821&width=1600&us_privacy=1---&rev_allow_cookies=undefined&site_url=https%3A%2F%2Fwww.henryherald.com%2F&icr_url=&va=0&user_uuid=undefined&time=1729105292836&up=pc&bn=chrome&bv=129&widget_width=1336&style_id=0&an=false&mr=false

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.158.203.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-158-203-65.compute-1.amazonaws.com

Software

envoy /

Resource Hash

ea78abfeabbec1a8524cf9ceef6e94d80fd76efc4a6af55ad019108c1d0d6a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

strict-transport-security: max-age=931536000; includeSubDomains
x-rc-region: us-east-1a
content-encoding: gzip
x-envoy-upstream-service-time: 24
access-control-allow-credentials: true
access-control-allow-origin: https://www.henryherald.com
date: Wed, 16 Oct 2024 19:01:35 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: envoy

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 100ms
99ms Fetch
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s32-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.henryherald.com/

Response headers

GET
H2 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 4A23 56 KB
20 KB 50ms
48ms Script
text/javascript 142.251.40.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.202 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f10.1e100.net

Software

sffe /

Resource Hash

95f5f0b3107249d432e553b9118a5d35d9966cf81d7d2137ed0e297f1d4401ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: gzip
age: 745
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:04:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 18:49:08 GMT
last-modified: Wed, 16 Oct 2024 15:37:35 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=900
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 20247
x-xss-protection: 0
server: sffe

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1729105289202&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns...
https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1729105289202&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&n...

43 B
298 B

47ms
47ms

Image
image/gif

108.139.47.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1729105289202&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=15000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=2&ns_st_ad=1&ns_st_ci=3921185&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1729105293390&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=4188&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_an=1&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.henryherald.com%2F&c8=henryherald.com&c9=
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/
Protocol: H2
Server: 108.139.47.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-33.jfk50.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 43
x-amz-cf-id: xupcUHlsBysoCpdj6e9IFObq18N-A36smVxnV5s4_RUROVSmfTdXJQ==
date: Wed, 16 Oct 2024 19:01:38 GMT
content-type: image/gif
x-amz-cf-pop: JFK50-P1

Redirect headers

location: /p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1729105289202&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=15000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=2&ns_st_ad=1&ns_st_ci=3921185&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1729105293390&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=4188&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_an=1&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.henryherald.com%2F&c8=henryherald.com&c9=
accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: q6n_X3HgepS7L8Tb1-g_0SXdiQiXNAfeMBRg6HUxqPqCk7eydF51JA==
date: Wed, 16 Oct 2024 19:01:38 GMT
x-amz-cf-pop: JFK50-P1

GET
H3 200 vpaid-transformer.js Show response
video.doubleverify.com/js/vpaid-transformer/0.26.1/ Frame 4A23 196 KB
61 KB 76ms
42ms Script
application/javascript 104.18.166.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.doubleverify.com/js/vpaid-transformer/0.26.1/vpaid-transformer.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.166.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b97ca5d361c5dd6f340271a3503f46faf9511c5df2729af1cc07b14299a19fef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-goog-metageneration: 2
x-goog-hash: crc32c=yYqqig==, md5=BSViQ8eWowmrwwR/S3Sx3Q==
cf-cache-status: HIT
etag: W/"05256243c796a309abc3047f4b74b1dd"
age: 1391
content-encoding: br
x-goog-stored-content-encoding: identity
expires: Wed, 16 Oct 2024 19:32:13 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 200234
server-timing: cfExtPri
date: Wed, 16 Oct 2024 19:01:38 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2024 11:12:08 GMT
vary: Accept-Encoding
x-guploader-uploadid: AD-8lju1WUMKnZHeBmRXba_6z5r5E9VpCqvULfi9ihyFA35FveObQ05diADH52qSXhzNzKgOics
x-goog-meta-cachecontrol: public, max-age=86400
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
cf-ray: 8d3a4c71ad74ac66-YYZ
x-goog-generation: 1724152327980423
server: cloudflare

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 140 KB
36 KB 559ms
558ms Fetch
text/plain 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=478677450668246&correlator=1603573758925247&eid=31088082%2C31088085%2C31087831%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202410100101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=281191609%3A53302672%2Ctrx_southerncomm%2Chenryherald.com&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x250&fluid=height%2Cheight&ifi=3&didk=564184614~488648735&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D573db825ea19bcd2%3AT%3D1729105292%3ART%3D1729105292%3AS%3DALNI_MYSVVQY-ODbXW9Cw0-OyTNwD4_Kzg&gpic=UID%3D00000f2ab9501a88%3AT%3D1729105292%3ART%3D1729105292%3AS%3DALNI_MbQ4__I-oyC1EEOSVQW4AbQ8KnTxg&abxe=1&dt=1729105293685&lmt=1729105268&adxs=1168%2C662&adys=5125%2C5217&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.henryherald.com%2F&rumc=478677450668246&rume=1&vis=1&psz=300x250%7C300x-1&msz=300x-1%7C300x-1&fws=4%2C4&ohw=1600%2C1600&td=1&egid=52893&tan=a3e01b37-0d1a-4b1f-bf43-c3cdb7a6b883%2Ca3e01b37-0d1a-4b1f-bf43-c3cdb7a6b884&tdf=2&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729105272197&idt=7787&prev_scp=slotName%3Dldgr1%26pubDom%3Dhenryherald.com%26atab%3Dtrue%26frstlk%3Dtrue%7CslotName%3Dldgr8%26pubDom%3Dhenryherald.com%26atab%3Dtrue%26frstlk%3Dtrue&cust_params=browser%3DChrome%26k%3DMcDonough%252CLocust%2520Grove%252CStockbridge%252CGeorgia%252CHenry%2520County%252Cnews%252Csports%252Cgovernment%252Cevents%252Ccommunity%26page%3Dhomepage%252Capp-editorial%26AU_SEG%3D&adks=431521264%2C616931983&frm=20&eo_id_str=ID%3D18a7672fb49fbd27%3AT%3D1729105292%3ART%3D1729105292%3AS%3DAA-Afjat1vqdZq3HvaNNKvZwW0NE

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

190ad2ed715fa6405d9b9452ab8cf3af8e5128f7f44fc3c9a9ef6fa6c87c49e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
google-lineitem-id: -1,-1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 16 Oct 2024 19:01:34 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1,-1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.henryherald.com
content-length: 36386
x-xss-protection: 0
server: cafe

POST
H2 200 ads Show response
selector.voltaxam.com/ 125 B
619 B 103ms
97ms Fetch
application/json 18.173.132.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://selector.voltaxam.com/ads
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-82.jfk52.r.cloudfront.net
Software: /
Resource Hash: e378b2eb4abc4575efe88ec83a18014028a3cff1025ff188ac171dc8e9b6ac17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.henryherald.com/

Response headers

x-region: us-west-2
cache-control: private,no-store
content-encoding: gzip
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 29117767a034875a8b49afd641f25d82.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 137
x-amz-cf-id: UuInu-6XzFsW94c5FgHyAIZeGvRGkoYIS8M8cKhbZ4gNn5u6KREt8g==
date: Wed, 16 Oct 2024 19:01:33 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P2
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 5EF1 691 B
810 B 172ms
171ms XHR
text/javascript 108.139.48.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.henryherald.com%2F&pid=SVnXTGEfHSypq&cb=1&ws=1600x1200&v=24.827.1552&t=5000&slots=%5B%7B%22kv%22%3A%7B%22irisid%22%3A%22iris_4eb0222982f0368f%22%7D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%2C%22id%22%3A%22stn_accompanying_content%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&bb=%5B%22csngn4%22%5D&schain=1.0%2C1%21stnvideo.com%2CSTN_0004824%2C1%2C%2C%2C&sm=98ee8551-8cd2-4c39-9350-b6a9019e6259&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%22060ixe7ju6a65697ggf776kld6chgkgd7gjuom2wi0f0y062qqp320y0k0isqzrk2%22%2C%22id5%22%3A%22ID5*wlJN_S5hDSQGdMeFqFIhyailOQZa-XDEV-Bc21ilPPrPIpiK5MqdxG49qqJdOO8G%22%2C%22pubcommon%22%3A%2205f358ad-634d-43a6-8622-5e9c27e893e7%22%7D%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.48.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-48-9.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: e0aa3db7640fa6fd2d1895d614fc86109a2a26f85e1510de7e36873af1c584b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 f5b36a6d650578e8cf7b1700c37caa00.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.henryherald.com
x-cache: Miss from cloudfront
content-length: 474
x-amz-cf-id: t1JE7MmH3tkzn4cDschItB_PYOU9jIWeDoMAya09gxGwQPVTK1A3qQ==
date: Wed, 16 Oct 2024 19:01:33 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: JFK50-P1
server: Server

GET
H2 200 arj Show response
justapinch-com-d.openx.net/w/1.0/ 190 B
596 B 392ms
114ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://justapinch-com-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.henryherald.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=420&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=86b4f324-5d51-444f-b392-1b447e49f3a0%2C73bf5834-d092-4d33-a0e6-8a587de190f0&nocache=1729105294087&gdpr_consent=&gdpr=0&us_privacy=1---&schain=1.0%2C1!americanhometownmedia.com%2C00116%2C1%2C%2C%2C&aus=300x250%7C300x250&divids=ahm_widg_id_3%2Cahm_widg_id_12&aucs=%2C&auid=544092592%2C544092592
Requested by: Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: fe9cc49cba7eededd4e951b66e366551b2c5b9f930bdf69c42a3ff9fc137fd60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.henryherald.com/

Response headers

cache-control: private, max-age=0, no-cache
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://www.henryherald.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 176
date: Wed, 16 Oct 2024 19:01:33 GMT
content-type: application/json
vary: Accept, Accept-Encoding
server: OXGW/0.0.0

POST bid
ap.lijit.com/rtb/ 0
0

GET container.html
8650ff432ddd309d15a15e415a062d46.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1CD9 0
0

GET container.html
8650ff432ddd309d15a15e415a062d46.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E2B3 0
0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 100ms
98ms Fetch
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s32-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.henryherald.com/

Response headers

GET
H2 200 join-ad-interest-groups.html
proton.ad.gt/ Frame 5A2A 0
0 3195ms
74ms Document
text/html 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://proton.ad.gt/join-ad-interest-groups.html
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
ad-auction-allowed: true
age: 3096
apigw-requestid: fwMfEgrPvHcEPTw=
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 8d3a4c75df6caaee-YYZ
content-encoding: br
content-type: text/html
date: Wed, 16 Oct 2024 19:01:38 GMT
last-modified: Wed, 16 Oct 2024 17:14:08 GMT
server: cloudflare
supports-loading-mode: fenced-frame
vary: Accept-Encoding

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 344ms
90ms Fetch 3.209.42.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.209.42.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-209-42-86.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://www.henryherald.com/

Response headers

strict-transport-security: max-age=931536000; includeSubDomains
x-rc-region: us-east-1a
x-envoy-upstream-service-time: 4
access-control-allow-credentials: true
access-control-allow-origin: https://www.henryherald.com
date: Wed, 16 Oct 2024 19:01:36 GMT
vary: Origin
server: envoy

GET
H3 200 defaultWidget~feedWidget.fc0759b5.delivery.js Show response
assets.revcontent.com/master/ 30 KB
8 KB 90ms
42ms Script
text/javascript 13.35.93.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.fc0759b5.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.35.93.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-31.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c42fe8b25d562fb8a997b6b46e32c6d95d0c8d541e5a801b630b2f846fabf38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

vary: Accept-Encoding
cache-control: public,max-age=60
content-encoding: br
etag: W/"fd80945f9733ec4f10d317a3124a1d4e"
age: 57062
via: 1.1 e14852d4795a20bca94d54bc63e09250.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: muBu3UeDEzwjASLUy3atUmXl-NtJmSH7vMhpgTezwHxSzw4zNvfoOg==
date: Wed, 16 Oct 2024 03:10:35 GMT
content-type: text/javascript
last-modified: Fri, 13 Sep 2024 16:40:01 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
x-amz-server-side-encryption: AES256

GET
H3 200 defaultWidget.fc0759b5.delivery.js Show response
assets.revcontent.com/master/ 18 KB
6 KB 87ms
44ms Script
text/javascript 13.35.93.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget.fc0759b5.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.35.93.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-31.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8fa5deb87fcd2378185227321ae20ce283f190455da484428fe964250e7bce59

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

vary: Accept-Encoding
cache-control: public,max-age=60
content-encoding: br
etag: W/"73256e1256a6260b764c62fe4a204400"
age: 22345
via: 1.1 e14852d4795a20bca94d54bc63e09250.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Z4-DujXH2Is0tdhHZYuicv9WfPeX77jvy7rvlK06ibaREc0GjvxMsg==
date: Wed, 16 Oct 2024 12:49:11 GMT
content-type: text/javascript
last-modified: Fri, 13 Sep 2024 16:40:01 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
x-amz-server-side-encryption: AES256

GET
H2 200 6222277f8fb1b1-64651274.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 16 KB
17 KB 3240ms
82ms Image
image/jpeg 18.238.55.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/6222277f8fb1b1-64651274.jpg

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.55.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-120.jfk52.r.cloudfront.net

Software

Cloudinary /

Resource Hash

8f508ba3c552f04a5beba665d54025714c4da518fe98a00cd2f6655301f896b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-request-id: d3802dcc555b7522af0436caa6e8d76d
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag: "8b922fa139faeb8aab884b61f50fdff7"
age: 32820
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ywpOqmWn3Umwr3OQvOLs0uUYGxeuw8EyRazT7pHaFmmAlolbaxOvrg==
date: Wed, 16 Oct 2024 09:54:41 GMT
content-type: image/jpeg
last-modified: Wed, 18 Sep 2024 19:14:41 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=604800
timing-allow-origin: *
via: 1.1 a5ec1cc448d0ca618712f253b7a7adba.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16432
x-amz-cf-pop: JFK52-P4
server: Cloudinary

GET
H2 200 66fa861c185fb4-76088965.JPG
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 16 KB
16 KB 45ms
43ms Image
image/jpeg 18.238.55.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/66fa861c185fb4-76088965.JPG

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.55.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-120.jfk52.r.cloudfront.net

Software

cloudflare /

Resource Hash

1b4345ca589a04a4012a06e6a6efc02622fee36a7879f2863628d79947b11b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-request-id: 6dc0671f9d57dd706f78d357bfeca340
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
etag: "2cda2810027a9bbb49f0f94f8255e1d9"
age: 28516
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 4e6l4UsGQ0h2qYGkdBp8Px24pCI1NEV8QXtkJstNk3lupb7lf7UrzQ==
date: Wed, 16 Oct 2024 11:06:25 GMT
content-type: image/jpeg
last-modified: Wed, 16 Oct 2024 11:05:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=604800
timing-allow-origin: *
via: 1.1 a5ec1cc448d0ca618712f253b7a7adba.cloudfront.net (CloudFront)
cf-ray: 8d3794533ff238a6-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16059
x-amz-cf-pop: JFK52-P4
server: cloudflare

GET
H2 200 6703b7a732efc0-29507495.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 18 KB
19 KB 53ms
52ms Image
image/jpeg 18.238.55.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/6703b7a732efc0-29507495.jpg

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.55.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-120.jfk52.r.cloudfront.net

Software

cloudflare /

Resource Hash

1ff2f991d150ca93a6be3e3683014d7aaf00ddbfb15d4093bb72aacc466a8464

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-request-id: c5b824ba7b64e95c0b998b52848e4416
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
etag: "9607b2f49108ae0aed6276a70feb5fec"
age: 194680
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ZOXF27gBRDiDxbkcYOJAs_UUwXiDZVX672nR9lbtYvD0uqRiWSGGKw==
date: Mon, 14 Oct 2024 12:57:01 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2024 13:08:36 GMT
vary: Accept-Encoding
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=604800
timing-allow-origin: *
via: 1.1 a5ec1cc448d0ca618712f253b7a7adba.cloudfront.net (CloudFront)
cf-ray: 8d27bb953f18242d-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18737
x-amz-cf-pop: JFK52-P4
server: cloudflare

GET
H2 200 664c43b2098614-82550188.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 28 KB
29 KB 55ms
54ms Image
image/jpeg 18.238.55.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/664c43b2098614-82550188.png

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.55.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-120.jfk52.r.cloudfront.net

Software

cloudflare /

Resource Hash

e0cfc835ee6b1f05681c7719f2e5a89ddd2e2c8448cc59ff7c63c954563b200b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

x-request-id: 6c9d4fbdbdb7862c9e572f9c1ef84342
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
etag: "9dd81e7be26bc20017e78eed38989f88"
age: 118262
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: qJR84yg-dH6QKSJhC-GBMMeA4d47eKzrH2pz_qmgBv9c5agKOKgkHw==
date: Tue, 15 Oct 2024 11:42:29 GMT
content-type: image/jpeg
last-modified: Mon, 09 Sep 2024 19:53:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=604800
timing-allow-origin: *
via: 1.1 a5ec1cc448d0ca618712f253b7a7adba.cloudfront.net (CloudFront)
cf-ray: 8cf511296e751fe0-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29150
x-amz-cf-pop: JFK52-P4
server: cloudflare

OPTIONS
H2 200 page-view
yeet.revcontent.com/yeet/events/ Frame 0
0 48ms
48ms Preflight 3.209.42.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.209.42.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-42-86.compute-1.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.henryherald.com
content-length: 0
date: Wed, 16 Oct 2024 19:01:36 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 3
x-rc-region: us-east-1a

OPTIONS
H2 200 widget-loaded
yeet.revcontent.com/yeet/events/ Frame 0
0 48ms
48ms Preflight 3.209.42.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.209.42.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-42-86.compute-1.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.henryherald.com
content-length: 0
date: Wed, 16 Oct 2024 19:01:36 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 3
x-rc-region: us-east-1a

POST
H2 204 page-view
yeet.revcontent.com/yeet/events/ 0
0 52ms
50ms Fetch 3.209.42.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.209.42.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-42-86.compute-1.amazonaws.com
Software: envoy /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.henryherald.com/

Response headers

x-rc-region: us-east-1a
access-control-allow-origin: https://www.henryherald.com
date: Wed, 16 Oct 2024 19:01:36 GMT
x-envoy-upstream-service-time: 4
vary: Origin
server: envoy
access-control-allow-credentials: true

POST
H2 204 widget-loaded
yeet.revcontent.com/yeet/events/ 0
0 49ms
48ms Fetch 3.209.42.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.209.42.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-42-86.compute-1.amazonaws.com
Software: envoy /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.henryherald.com/

Response headers

x-rc-region: us-east-1a
access-control-allow-origin: https://www.henryherald.com
date: Wed, 16 Oct 2024 19:01:36 GMT
x-envoy-upstream-service-time: 2
vary: Origin
server: envoy
access-control-allow-credentials: true

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/Oa0VkxUIAPQ/ 9 KB
9 KB 406ms
62ms Other
image/jpeg 142.250.80.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://i.ytimg.com/vi/Oa0VkxUIAPQ/mqdefault.jpg?sqp=-oaymwEmCMACELQB8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGBMgWih_MA8=&rs=AOn4CLDnkdpcFGU27BAsLLHirZDjxJUoAA

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.54 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f22.1e100.net

Software

sffe /

Resource Hash

aa01293a36ab10fde336d52729e5095a11a412119e91f041bd8adfbca97c6cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

etag: "1708704551"
age: 0
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 21:01:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:37 GMT
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 8805
x-xss-protection: 0
server: sffe

POST
H2 204 collect
analytics.google.com/g/ 0
0 51ms
48ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je4ae0v887101457z8880052357za200zb861227858&_p=1729105279580&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101686685&cid=1023424955.1729105281&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&dt=henryherald.com&dl=https%3A%2F%2Fwww.henryherald.com%2F&sid=1729105281&sct=1&seg=1&_s=2&tfd=28512
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.henryherald.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:37 GMT
content-type: text/plain
server: Golfe2

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 57ms
55ms Fetch
text/plain 142.251.32.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YV9PEL9JN5&gtm=45je4ae0v880052357za200zb867863675&_p=1729105279580&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101529666~101533422~101686685&cid=1023424955.1729105281&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&dt=henryherald.com&sid=1729105281&sct=1&seg=1&dl=https%3A%2F%2Fwww.henryherald.com%2F&_s=2&tfd=28517
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YV9PEL9JN5&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.32.110 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s77-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.henryherald.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:37 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F9FB 0
0 107ms
104ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdC8m01zayt3vikOiBlFcVIanVKkLb0vauiw-Kn5HIbO3ZiCZDxQfPXZZ7GaIvCSPQ3Vxk7RYA2RvgPSxmL520PH0zAzaAq9Vnn0hvTa4Z_S8u6PD7aUih0inrnhDsGlswq5cu35Xplar8vl4ckZ3awmDxGxW1aoZB2n06hl-hPyuJiMcRq-nT9eR_PBYR9JVJDLS0GKxQ5R1zFVGvYT_EqJphe8cIP2PubMa9Sw-yBLqH-WeRish8-p2u-n6A4MI8TK9I6S8QPcFxJubEkPQRFDaoR4XIOwSWppWqh-LrpYkvImOqRG4PXrImeZWhyCYUWrg0jPZWqcV6e9OMoj1hSImd_5T5QC-Jj7C6yjdo7W17Jc0lINcMZIB7RJPV0dHazC_tKjVitvWHfiBy8laLkFfDsb00_3Cn9FW7SkjQyQ&sai=AMfl-YSZzZXGEnO8vznBVvRTqy26a__qfxEpzXa0C_W3xoUGSOUsJn4spkyQRWEIn9nFR3L5m3b5HZGQZQeaVPoaTHrCknFi598HfzwK8QlFYqR9A72IUfmQDifRZO8&sig=Cg0ArKJSzLHfIr4SJqXOEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:01:37 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 16 Oct 2024 19:01:37 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame F9FB 71 KB
26 KB 45ms
44ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

c925dcece063e452d7e8788f413dffe90f60e5a66b9e0ada72e03a801934d7a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
etag: 9678319810274944302
age: 523
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 19:52:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 16 Oct 2024 18:52:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 26657
x-xss-protection: 0
server: cafe

POST
H3 204 csi
csi.gstatic.com/ Frame F9FB 0
20 B 58ms
58ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~m2c8nef7&chm=1&c=478677450668246&ctx=2&qqid=CP-S3ZXLk4kDFU-UywEdQ_0PDQ&met.4=fb.b~lb.4q~ol.43n~idt.5vl~dt.-4q&met.1=1.m2c8na9v~14.8~15.0~16.8~17.8~18.8~19.8~20.8~21.8&met.7=CBsQCDgK~CCIQBBgBIA4oDjB-OG9oD3B3eKwCsAEBuAED~CAkQChgBIA8oDzC3KTioKWiKKXCzKXimS4AB-kiIAcy7AbABAbgBAw~CBsQCiAQODM~CBwQChgBIBEoETBIODdoEXA4eKOABIAB9_0DiAGA9AywAQG4AQM~CBwQBBgBILkBKLkBMJ8COGZougFwngJ4rAKwAQG4AQM~CCgQChgBIMUpKMUpMPwpODdoxylw8yl4zdIBgAGh0AGIAYC5BLABAbgBAw&met.3=113.45f_4~112.45e_6
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 19:01:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/b7240855/www-widgetapi.vflset/ 31 KB
10 KB 39ms
39ms Script
text/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b7240855/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

sffe /

Resource Hash

8f2c4bcb919e31182646d5e52650914f15a9cc8ff0847d30c4dc4adcd4c2653c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
age: 3622
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 18:01:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 18:01:15 GMT
last-modified: Tue, 15 Oct 2024 04:17:17 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10288
x-xss-protection: 0
server: sffe

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4A23 50 KB
8 KB 394ms
304ms XHR
text/xml 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=640x360&iu=/7326,22597733940/en.sendtonews.web&impl=s&gdfp_req=1&env=vp&output=vast&unviewed_position_start=1&url=https%3A%2F%2Fwww.henryherald.com%2F&description_url=https://www.sendtonews.com/&cust_params=stn_sport%3Dbaseball%26stn_site%3Dhenryherald.com&correlator=1811303728

Requested by

Host: video.doubleverify.com
URL: https://video.doubleverify.com/js/vpaid-transformer/0.26.1/vpaid-transformer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

baf0ae5ed80d87b570214d1aa301100af50803abaa721e6c4adcece78eed7a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

content-encoding: br
google-lineitem-id: 6794325274,6770703314
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 16 Oct 2024 19:01:38 GMT
content-type: text/xml; charset=UTF-8
google-creative-id: 138491682560,138491173126
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.henryherald.com
content-length: 8018
x-xss-protection: 0
server: cafe

POST
H2 200 ads Show response
selector.voltaxam.com/ 125 B
621 B 175ms
96ms Fetch
application/json 18.173.132.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://selector.voltaxam.com/ads
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-82.jfk52.r.cloudfront.net
Software: /
Resource Hash: e378b2eb4abc4575efe88ec83a18014028a3cff1025ff188ac171dc8e9b6ac17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.henryherald.com/

Response headers

x-region: us-west-2
cache-control: private,no-store
content-encoding: gzip
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 dd0e76eb9b3ff90ab87e33f1490318e8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 137
x-amz-cf-id: PPY4U8FWLQphw4NpFaRT6owFWzVbAcPZV0xmRMFUKJo1lOiuXgNolw==
date: Wed, 16 Oct 2024 19:01:38 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P2
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 4A23 8 KB
4 KB 143ms
40ms Script
application/javascript 23.55.235.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: video.doubleverify.com
URL: https://video.doubleverify.com/js/vpaid-transformer/0.26.1/vpaid-transformer.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.235.217 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-235-217.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bcdf71159c60a2ba21daf09ed46567df006d49c01be6285a9949ce50ef4d82da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

Access-Control-Expose-Headers: *
Cache-Control: max-age=900
Content-Encoding: gzip
ETag: "70d0eb93f685672321fb96207d8abb01"
Connection: keep-alive
Expires: Wed, 16 Oct 2024 19:16:41 GMT
Access-Control-Allow-Origin: *
Content-Length: 3629
Date: Wed, 16 Oct 2024 19:01:41 GMT
Last-Modified: Mon, 14 Oct 2024 09:38:05 GMT
Content-Type: application/javascript
Vary: Accept-Encoding

POST /
vtrk.doubleverify.com/ Frame 4A23 0
0

GET file.mp4
gcdn.2mdn.net/videoplayback/id/e5adc88ac5b9e7c5/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3872243313/sparams/id,itag,source,xpc,ctier,acao,ip,ip... 0
0

GET
H3 200 /
pubads.g.doubleclick.net/pagead/interaction/ 42 B
64 B 67ms
66ms Image
image/gif 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BVVvvkg0QZ5KPG8KSj-8PkouIoQeY4er0RgAAABABIJDEwRY4AViAvv31gwRg_YiUgegDsgETd3d3LmhlbnJ5aGVyYWxkLmNvbboBCzY0MHgzNjBfeG1syAEF2gEcaHR0cHM6Ly93d3cuaGVucnloZXJhbGQuY29tL5gC6P4CqQK5YAIw8lioPsACAuACAOoCFy83MzI2L2VuLnNlbmR0b25ld3Mud2Vi-AKC0h6QA-ADmAPgA6gDAeAEAdIFBhCa2uSnGZAGAaAGJKgHuL6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7ECqAf4wrECqAf7wrEC2AcA4AcB0ggmCIBhEAEYHTICigI6C4BAgMCAgICgqIACSL39wTpYk-vemMuTiQPYCAKACgWYCwGADAGqDQJDQdoNEwiNzeCYy5OJAxVCyeMHHZIFInTqDRMImO7fmMuTiQMVQsnjBx2SBSJ00BUB-BYBgBcB&sigh=DRsXtnga56Y&label=vast_creativeview&ad_mt=%5BAD_MT%5D

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Wed, 16 Oct 2024 19:01:38 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 pd
us-u.openx.net/w/1.0/ Frame F93B 0
0 138ms
80ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Requested by: Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 736
content-type: text/html
date: Wed, 16 Oct 2024 19:01:38 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H2 204 event Show response
p.ad.gt/api/v1/ 0
34 B 127ms
126ms XHR
text/plain 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.henryherald.com/

Response headers

cf-ray: 8d3a4c7768baab12-YYZ
access-control-allow-origin: https://www.henryherald.com
cf-cache-status: DYNAMIC
date: Wed, 16 Oct 2024 19:01:39 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

POST
H2 204 event Show response
p.ad.gt/api/v1/ 0
34 B 126ms
125ms XHR
text/plain 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/664
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.henryherald.com/

Response headers

cf-ray: 8d3a4c7778c1ab12-YYZ
access-control-allow-origin: https://www.henryherald.com
cf-cache-status: DYNAMIC
date: Wed, 16 Oct 2024 19:01:39 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

OPTIONS
H2 200 event
p.ad.gt/api/v1/ Frame 0
0 178ms
124ms Preflight
text/html 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.henryherald.com
allow: OPTIONS, POST
cf-cache-status: DYNAMIC
cf-ray: 8d3a4c76afc9ab12-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 16 Oct 2024 19:01:39 GMT
server: cloudflare
vary: Origin

OPTIONS
H2 200 event
p.ad.gt/api/v1/ Frame 0
0 181ms
128ms Preflight
text/html 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.henryherald.com
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8d3a4c76afccab12-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 16 Oct 2024 19:01:39 GMT
server: cloudflare
vary: Origin

GET
H2 200 join-ad-interest-groups.html
proton.ad.gt/ Frame 79EA 0
0 0ms
0ms Document
text/html 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://proton.ad.gt/join-ad-interest-groups.html
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/664
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
ad-auction-allowed: true
age: 3096
apigw-requestid: fwMfEgrPvHcEPTw=
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 8d3a4c75df6caaee-YYZ
content-encoding: br
content-type: text/html
date: Wed, 16 Oct 2024 19:01:38 GMT
last-modified: Wed, 16 Oct 2024 17:14:08 GMT
server: cloudflare
supports-loading-mode: fenced-frame
vary: Accept-Encoding

POST
H2 204 event Show response
p.ad.gt/api/v1/ 0
34 B 145ms
140ms XHR
text/plain 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.henryherald.com/

Response headers

cf-ray: 8d3a4c7788e4ab12-YYZ
access-control-allow-origin: https://www.henryherald.com
cf-cache-status: DYNAMIC
date: Wed, 16 Oct 2024 19:01:39 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

POST
H2 204 event Show response
p.ad.gt/api/v1/ 0
34 B 126ms
124ms XHR
text/plain 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/664
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.henryherald.com/

Response headers

cf-ray: 8d3a4c7798eaab12-YYZ
access-control-allow-origin: https://www.henryherald.com
cf-cache-status: DYNAMIC
date: Wed, 16 Oct 2024 19:01:39 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

OPTIONS
H2 200 event
p.ad.gt/api/v1/ Frame 0
0 126ms
125ms Preflight
text/html 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.henryherald.com
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8d3a4c76cfe7ab12-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 16 Oct 2024 19:01:39 GMT
server: cloudflare
vary: Origin

OPTIONS
H2 200 event
p.ad.gt/api/v1/ Frame 0
0 133ms
132ms Preflight
text/html 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.henryherald.com
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8d3a4c76cfebab12-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 16 Oct 2024 19:01:39 GMT
server: cloudflare
vary: Origin

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 5EF1 678 B
801 B 231ms
230ms XHR
text/javascript 108.139.48.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.henryherald.com%2F&pid=SVnXTGEfHSypq&cb=2&ws=1600x1200&v=24.827.1552&t=5000&slots=%5B%7B%22kv%22%3A%7B%22irisid%22%3A%22iris_4eb0222982f0368f%22%7D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A13%2C%22id%22%3A%22stn_accompanying_content%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&bb=%5B%22csngn4%22%5D&schain=1.0%2C1%21stnvideo.com%2CSTN_0004824%2C1%2C%2C%2C&sm=98ee8551-8cd2-4c39-9350-b6a9019e6259&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%22060ixe7ju6a65697ggf776kld6chgkgd7gjuom2wi0f0y062qqp320y0k0isqzrk2%22%2C%22id5%22%3A%22ID5*wlJN_S5hDSQGdMeFqFIhyailOQZa-XDEV-Bc21ilPPrPIpiK5MqdxG49qqJdOO8G%22%2C%22pubcommon%22%3A%2205f358ad-634d-43a6-8622-5e9c27e893e7%22%7D%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.48.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-48-9.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 0fd63aadd0d80e084e1a8621b4e385947e8353f02390e07b485823af11074591

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 f5b36a6d650578e8cf7b1700c37caa00.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.henryherald.com
x-cache: Miss from cloudfront
content-length: 464
x-amz-cf-id: h95KeuAhPl4F1fjUQddXqsNHt1Dnz8CVYQmdzFYW6FE0jw3ZXUnONg==
date: Wed, 16 Oct 2024 19:01:39 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: JFK50-P1
server: Server

GET dv-measurements6813.js
cdn.doubleverify.com/ Frame DA91 0
0

POST page_load
pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/ 0
0

OPTIONS page_load
pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/ Frame 0
0

POST unruly_prebid
targeting.unrulymedia.com/ 0
0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 170ms
48ms Fetch 207.65.37.179

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.37.179 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: https://www.henryherald.com
date: Wed, 16 Oct 2024 19:01:42 GMT
access-control-allow-credentials: true

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
685 B 106ms
59ms Fetch
application/json 104.18.36.155

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=1107412
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.36.155 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 86705d0284fc691f529ee35e72b753b97e0a1f3765963cb24d62cfa5e7b07fad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.henryherald.com/

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WNPkoDG%2BMlHHlH2m2TgKTNGqSqHdyXYLmqr7rTSyl1KKHM5bwk5Kqglue2AuzkudRct2U9RRKgOd%2Fl5Wp9nfpK%2BQEaWAYVG0sC38OPYwNVCZj93W%2Bq3UXN1Tf2Z0dejrmIRidhWI"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics: ?1
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 19:01:42 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8d3a4c8c7bdd36c3-YYZ
access-control-allow-origin: https://www.henryherald.com
content-length: 36
server: cloudflare

POST auction
prebid-server.rubiconproject.com/openrtb2/ 0
0

POST v1
prg.smartadserver.com/prebid/ 0
0

POST hb
hb.undertone.com/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

GET swfIndex.php
ads.stickyadstv.com/www/delivery/ 0
0

POST
H2 400 auction Show response
pbs.nextmillmedia.com/openrtb2/ 43 B
290 B 722ms
144ms Fetch
text/plain 51.81.244.170

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.244.170 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90f64d1cc38ddf1f87072fda4949f973a898ea9a0d93a4ce2d0304a8bb02298c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
x-trace-id: e37411df-1fe1-428c-9a30-195892ddbdb2
expires: 0
access-control-allow-origin: https://www.henryherald.com
content-length: 43
date: Wed, 16 Oct 2024 19:01:43 GMT
x-prebid: pbs-go/43.31.0
content-type: text/plain; charset=utf-8
vary: Origin

POST auction
tlx.3lift.com/header/ 0
0

POST v1
btlr.sharethrough.com/universal/ 0
0

POST prebidvideo
ads.yieldmo.com/exchange/ 0
0

GET metric
report2.hb.brainlyads.com/statistics/ 0
0

GET dc_oe=ChMIkqDfmMuTiQMVQsnjBx2SBSJ0EAEYACC-m9ZqSABQOljOdWDJ8sIPaLuus8EB;dc_eps=AHas8cB8LLO9Q0Sq5E3jiBsltfqXI0XLHuJfUYtD8y2FoWPdA0w8L76D0a7bGUZ2lLA1Ktnyp9e-FmWG0iyRjYxNmS8;met=1;ecn1=1;etm1=0;eid1=20...
ade.googlesyndication.com/ddm/activity/ 0
0

GET
H3 200 /
pubads.g.doubleclick.net/pagead/interaction/ 42 B
64 B 69ms
69ms Image
image/gif 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Wed, 16 Oct 2024 19:01:42 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST /
vtrk.doubleverify.com/ Frame 4A23 0
0

OPTIONS unruly_prebid
targeting.unrulymedia.com/ Frame 0
0

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
497 B 1395ms
47ms Image
image/gif 108.139.47.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1729105289202&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=9061&ns_st_cl=15000&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=2&ns_st_ad=1&ns_st_ci=3921185&ns_st_pt=9061&ns_st_dpt=9061&ns_st_ipt=9061&ns_st_ap=9061&ns_st_dap=9061&ns_st_et=9061&ns_st_det=9061&ns_st_upc=9061&ns_st_dupc=9061&ns_st_iupc=9061&ns_st_upa=9061&ns_st_dupa=9061&ns_st_iupa=9061&ns_st_lpc=9061&ns_st_dlpc=9061&ns_st_lpa=9061&ns_st_dlpa=9061&ns_st_pa=9061&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1729105302451&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_an=1&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.henryherald.com%2F&c8=henryherald.com&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-33.jfk50.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 43
x-amz-cf-id: G25T3HKjw5hUY6rcCHVwnXcUVusd00o_1vemPllQuByuxFswTvFHTg==
date: Wed, 16 Oct 2024 19:01:43 GMT
content-type: image/gif
x-amz-cf-pop: JFK50-P1

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
187 B 1139ms
44ms Ping
image/gif 18.233.80.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=k278NSMrKiRYkvsZ&instance=214020149&version=production-5.0.166&age=241016&key=NWef1XMk&c_id=11413&seq=1&order=5&vIndex=0&absoluteTime=33768.4&relativeTime=14516.4&cmd=PLAY&sC_ID=4735&sm_id=3921185&status=LVFNLNOY&ac_id=2010&EXTREF=https://www.henryherald.com/&REF=https://www.henryherald.com/&CO_ID=1848&sCO_ID=1239
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.80.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-80-206.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

accept-ranges: bytes
content-length: 26
date: Wed, 16 Oct 2024 19:01:43 GMT
etag: "1a-5b72883b37f80"
content-type: image/gif
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
496 B 1322ms
49ms Image
image/gif 108.139.47.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1729105289202&ns_st_ec=3&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=end&ns_st_po=9061&ns_st_cl=15000&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=2&ns_st_ad=1&ns_st_ci=3921185&ns_st_pt=9061&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=9061&ns_st_dap=0&ns_st_et=9139&ns_st_det=78&ns_st_upc=9061&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=9061&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=9061&ns_st_dlpc=0&ns_st_lpa=9061&ns_st_dlpa=0&ns_st_pa=9061&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1729105302529&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=0&ns_st_pp=1&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_an=1&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.henryherald.com%2F&c8=henryherald.com&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-33.jfk50.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 43
x-amz-cf-id: u2_BegmK1ySf_UryZmEHSvYEx74RGwJNIr_1Qm3giuOiqfAhMzzhOA==
date: Wed, 16 Oct 2024 19:01:43 GMT
content-type: image/gif
x-amz-cf-pop: JFK50-P1

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
496 B 1321ms
48ms Image
image/gif 108.139.47.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1729105289202&ns_st_ec=4&ns_st_sp=1&ns_st_sc=1&ns_st_psq=2&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=2&ns_st_ev=play&ns_st_po=0&ns_st_cl=57000&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=2&ns_st_ci=3921185&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=9061&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1729105302530&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=1&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=MLB&ns_st_ti=*null&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.henryherald.com%2F&c8=henryherald.com&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-33.jfk50.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.henryherald.com/

Response headers

accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 43
x-amz-cf-id: fZgMgSqHimszyBkuGHT9MVHrHUlHdis2geTDhxinFc80krh5HdoHHA==
date: Wed, 16 Oct 2024 19:01:43 GMT
content-type: image/gif
x-amz-cf-pop: JFK50-P1

POST
H2 200 ads Show response
selector.voltaxam.com/ 125 B
618 B 176ms
96ms Fetch
application/json 18.173.132.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://selector.voltaxam.com/ads
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-82.jfk52.r.cloudfront.net
Software: /
Resource Hash: e378b2eb4abc4575efe88ec83a18014028a3cff1025ff188ac171dc8e9b6ac17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.henryherald.com/

Response headers

x-region: us-west-2
cache-control: private,no-store
content-encoding: gzip
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 43504ac56caa49011c8a16d1cb156142.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 137
x-amz-cf-id: sfiQQ9zhz-XQt5vV13yWccVTn31Ii9PF84vWp2gF6Gy8HthLwK6aNA==
date: Wed, 16 Oct 2024 19:01:44 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P2
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d3uvwl4wtkgzo1.cloudfront.net
URL: https://d3uvwl4wtkgzo1.cloudfront.net/8a9003e0-58e0-4430-ad2d-f4cfb40e4f89.js

Domain: www.legacy.com
URL: https://www.legacy.com/widgetloader/widgetLoader.js?type=ROV1&ld=true&ot=7&cnt=3&sw=1&rc=0&aid=4653

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Domain: sync.smartadserver.com
URL: https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP%26sas_uid%3D%5bsas_uid%5d&gdpr=0

Domain: factor-service.prod.voltaxservices.io
URL: https://factor-service.prod.voltaxservices.io/factors?mmPlayerLvl1=ca:desktop:www.henryherald.com:chrome:linux:%2f92056281%2fessentiallysports-premium:01j6f2kbrf30ac87ee

Domain: factor-service.prod.voltaxservices.io
URL: https://factor-service.prod.voltaxservices.io/ssps?mmPlayerLvl1=FLOOR:ca:desktop:www.henryherald.com:chrome:linux:%2f92056281%2fessentiallysports-premium:01j6f2kbrf30ac87ee

Domain: pb-rtd-minutemedia.ccgateway.net
URL: https://pb-rtd-minutemedia.ccgateway.net/v1.0/realtime/2960f87904?profile_id=7b110aeb-6305-4001-9bdd-d4460bf07f05&url=https%253A%252F%252Fwww.henryherald.com%252F&eid=audigent.com%3A060ixe7ju6a65697ggf776kld6chgkgd7gjuom2wi0f0y062qqp320y0k0isqzrk2&context=true&audience=true&deal_ids=true&custom_taxonomy=true

Domain: prediction.voltaxam.com
URL: https://prediction.voltaxam.com/player/creatives/prebid

Domain: prediction.voltaxam.com
URL: https://prediction.voltaxam.com/player/predict

Domain: factor-service.prod.voltaxservices.io
URL: https://factor-service.prod.voltaxservices.io/dcd?au=/92056281,53302672/henryherald-premium

Domain: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP%26auid%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP

Domain: d.turn.com
URL: https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001729105284-ZO8LXXYM-6PWP

Domain: cdn-p.cityspark.com
URL: https://cdn-p.cityspark.com/wid/10578.jsx?b=1729105291627&on=aHR0cHM6Ly93d3cuaGVucnloZXJhbGQuY29tLw==&callback=jsonp10578

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/instream/video/client.js

Domain: id5-sync.com
URL: https://id5-sync.com/c/914/434/4/5.gif?puid=a4c8f263-ad69-4e9a-bb33-e6e4e276ac3a&gdpr=0&gdpr_consent=

Domain: pixels.ad.gt
URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=8e4e358b8150f2c2401743eff9deaa33&url=https%3A%2F%2Fwww.henryherald.com%2F&code=%27none%27

Domain: pixels.ad.gt
URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=45a9cc5cc7318a4acdcbf13539e08aa1&url=https%3A%2F%2Fwww.henryherald.com%2F&code=%27none%27

Domain: chambermaster.blob.core.windows.net
URL: https://chambermaster.blob.core.windows.net/images/chambers/1272/ChamberImages/logo/200x200/Chamber-Logo2-(Converted)---Vertical-PMS-541.jpg

Domain: 8650ff432ddd309d15a15e415a062d46.safeframe.googlesyndication.com
URL: https://8650ff432ddd309d15a15e415a062d46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Domain: trends.revcontent.com
URL: https://trends.revcontent.com/api/demand/?w=280821&us_privacy=1---

Domain: ap.lijit.com
URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.13.0-pre

Domain: 8650ff432ddd309d15a15e415a062d46.safeframe.googlesyndication.com
URL: https://8650ff432ddd309d15a15e415a062d46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Domain: 8650ff432ddd309d15a15e415a062d46.safeframe.googlesyndication.com
URL: https://8650ff432ddd309d15a15e415a062d46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Domain: vtrk.doubleverify.com
URL: https://vtrk.doubleverify.com/?v=1&t=event&ctx=22922297&cmp=DV764542&cid=1bd8f5f2-9726-4800-b448-ef6226fe7647&ec=vpaid&ea=dv-res-allow&el=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D640x360%26iu%3D%2F7326%2C22597733940%2Fen.sendtonews.web%26impl%3Ds%26gdfp_req%3D1%26env%3Dvp%26output%3Dvast%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fwww.henryherald.com%252F%26description_url%3Dhttps%3A%2F%2Fwww.sendtonews.com%2F%26cust_params%3Dstn_sport%253Dbaseball%2526stn_site%253Dhenryherald.com%26correlator%3D1811303728&cd100=normal&cd101=vast&cd102=src&cd103=https%3A%2F%2Fgcdn.2mdn.net%2Fvideoplayback%2Fid%2Fe5adc88ac5b9e7c5%2Fitag%2F347%2Fsource%2Fweb_video_ads%2Fxpc%2FEgVovf3BOg%253D%253D%2Fctier%2FL%2Facao%2Fyes%2Fip%2F0.0.0.0%2Fipbits%2F0%2Fexpire%2F3872243313%2Fsparams%2Fid%2Citag%2Csource%2Cxpc%2Cctier%2Cacao%2Cip%2Cipbits%2Cexpire%2Fsignature%2F6447FA0285E3786799A5B9E48111A24636D5EFCC.579630877379824490B135167A679D52094DE031%2Fkey%2Fck2%2Ffile%2Ffile.mp4&cd104=video%2Fmp4&cd105=vpaid-transformer%400.26.1%2Bjs&cd107=complete&cd109=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D640x360%26iu%3D%2F7326%2C22597733940%2Fen.sendtonews.web%26impl%3Ds%26gdfp_req%3D1%26env%3Dvp%26output%3Dvast%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fwww.henryherald.com%252F%26description_url%3Dhttps%3A%2F%2Fwww.sendtonews.com%2F%26cust_params%3Dstn_sport%253Dbaseball%2526stn_site%253Dhenryherald.com%26correlator%3D1811303728&cd111=wrapper&cd112=VastError%3A303&cd116=vast%3Adoubleclick.net%3A-1%3A1%3A0%2Cvast%3Apubads.g.doubleclick.net%3A400%3A0%3A1&cd117=-1&cd119=100&cd120=1&cd121=1&cd137=YNNY&cd138=1&cd139=1&cd140=NNNNN&cd160=41764721&cd161=2493080555&cd162=6697536658&cd163=138469832834&cd164=%2F92056281%2Fhenryherald-premium&cd165=22329899714&cd166=480x270&cd169=1&cd170=166&cd171=www.henryherald.com&cd182=vpaid-transformer%400.26.1&cd183=dvps_2024-10-16_84491518f_noconf&cd187=84491518f&cd188=YYZ&cd189=cloudflare&cd197=decision&cm100=1005&cm101=565&cm104=-2&cm105=1024&cm106=576&cm107=2098&cm108=-1&cm109=10240&cm110=415&cm111=415&cm112=1005&cm113=565&cm114=0&cm115=106&cm116=417&cm117=418&cm119=419&cm120=420&cm167=15&cm180=2&cm181=2&z=17291052987177522649

Domain: vtrk.doubleverify.com
URL: https://vtrk.doubleverify.com/?v=1&t=event&ctx=22922297&cmp=DV764542&cid=1bd8f5f2-9726-4800-b448-ef6226fe7647&ec=vpaid&ea=AdLoaded&el=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D640x360%26iu%3D%2F7326%2C22597733940%2Fen.sendtonews.web%26impl%3Ds%26gdfp_req%3D1%26env%3Dvp%26output%3Dvast%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fwww.henryherald.com%252F%26description_url%3Dhttps%3A%2F%2Fwww.sendtonews.com%2F%26cust_params%3Dstn_sport%253Dbaseball%2526stn_site%253Dhenryherald.com%26correlator%3D1811303728&cd100=normal&cd101=vast&cd102=src&cd103=https%3A%2F%2Fgcdn.2mdn.net%2Fvideoplayback%2Fid%2Fe5adc88ac5b9e7c5%2Fitag%2F347%2Fsource%2Fweb_video_ads%2Fxpc%2FEgVovf3BOg%253D%253D%2Fctier%2FL%2Facao%2Fyes%2Fip%2F0.0.0.0%2Fipbits%2F0%2Fexpire%2F3872243313%2Fsparams%2Fid%2Citag%2Csource%2Cxpc%2Cctier%2Cacao%2Cip%2Cipbits%2Cexpire%2Fsignature%2F6447FA0285E3786799A5B9E48111A24636D5EFCC.579630877379824490B135167A679D52094DE031%2Fkey%2Fck2%2Ffile%2Ffile.mp4&cd104=video%2Fmp4&cd105=vpaid-transformer%400.26.1%2Bjs&cd107=complete&cd109=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D640x360%26iu%3D%2F7326%2C22597733940%2Fen.sendtonews.web%26impl%3Ds%26gdfp_req%3D1%26env%3Dvp%26output%3Dvast%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fwww.henryherald.com%252F%26description_url%3Dhttps%3A%2F%2Fwww.sendtonews.com%2F%26cust_params%3Dstn_sport%253Dbaseball%2526stn_site%253Dhenryherald.com%26correlator%3D1811303728&cd111=wrapper&cd112=VastError%3A303&cd116=vast%3Adoubleclick.net%3A-1%3A1%3A0%2Cvast%3Apubads.g.doubleclick.net%3A400%3A0%3A1&cd117=-1&cd119=100&cd120=1&cd121=1&cd137=YNNY&cd138=1&cd139=1&cd140=NNNNN&cd160=41764721&cd161=2493080555&cd162=6697536658&cd163=138469832834&cd164=%2F92056281%2Fhenryherald-premium&cd165=22329899714&cd166=480x270&cd169=1&cd170=166&cd171=www.henryherald.com&cd182=vpaid-transformer%400.26.1&cd183=dvps_2024-10-16_84491518f_noconf&cd187=84491518f&cd188=YYZ&cd189=cloudflare&cm100=1005&cm101=565&cm104=-2&cm105=1024&cm106=576&cm107=2098&cm108=-1&cm109=10240&cm110=418&cm111=3&cm112=1005&cm113=565&cm114=0&cm115=106&cm116=417&cm117=418&cm119=419&cm120=420&cm167=15&cm180=2&cm181=2&cm182=414&z=17291052987199603474

Domain: gcdn.2mdn.net
URL: https://gcdn.2mdn.net/videoplayback/id/e5adc88ac5b9e7c5/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3872243313/sparams/id,itag,source,xpc,ctier,acao,ip,ipbits,expire/signature/6447FA0285E3786799A5B9E48111A24636D5EFCC.579630877379824490B135167A679D52094DE031/key/ck2/file/file.mp4

Domain: gcdn.2mdn.net
URL: https://gcdn.2mdn.net/videoplayback/id/e5adc88ac5b9e7c5/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3872243313/sparams/id,itag,source,xpc,ctier,acao,ip,ipbits,expire/signature/6447FA0285E3786799A5B9E48111A24636D5EFCC.579630877379824490B135167A679D52094DE031/key/ck2/file/file.mp4

Domain: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements6813.js

Domain: pb-ing-minutemedia.ccgateway.net
URL: https://pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/page_load

Domain: pb-ing-minutemedia.ccgateway.net
URL: https://pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/page_load

Domain: targeting.unrulymedia.com
URL: https://targeting.unrulymedia.com/unruly_prebid

Domain: prebid-server.rubiconproject.com
URL: https://prebid-server.rubiconproject.com/openrtb2/auction

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: hb.undertone.com
URL: https://hb.undertone.com/hb?pid=3590&domain=henryherald.com&gdpr=0&gdprstr=&ccpa=1---&gpp=&gpp_sid=-1

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=33860057&componentId=prebid&componentSubId=mustang&timestamp=1729105302386&_fw_bidfloor=0&_fw_bidfloorcur=&pbjs_version=9.9.0&pKey=-1744102651&_fw_gdpr_consent=undefined&_fw_gdpr=false&_fw_us_privacy=1---&gpp=&gpp_sid=-1&schain=%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22stnvideo.com%22%2C%22sid%22%3A%22STN_0004824%22%2C%22hp%22%3A1%7D%5D%7D&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22060ixe7ju6a65697ggf776kld6chgkgd7gjuom2wi0f0y062qqp320y0k0isqzrk2%22%2C%22atype%22%3A1%7D%5D%7D%5D&loc=https%3A%2F%2Fwww.henryherald.com%2F&playerSize=1005x565&video_context=instream&video_placement=3&video_plcmt=2

Domain: tlx.3lift.com
URL: https://tlx.3lift.com/header/auction?lib=prebid&v=9.9.0&referrer=https%3A%2F%2Fwww.henryherald.com%2F&tmax=5000&gdpr=false&us_privacy=1---

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/exchange/prebidvideo

Domain: report2.hb.brainlyads.com
URL: https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&groups=1273

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkqDfmMuTiQMVQsnjBx2SBSJ0EAEYACC-m9ZqSABQOljOdWDJ8sIPaLuus8EB;dc_eps=AHas8cB8LLO9Q0Sq5E3jiBsltfqXI0XLHuJfUYtD8y2FoWPdA0w8L76D0a7bGUZ2lLA1Ktnyp9e-FmWG0iyRjYxNmS8;met=1;ecn1=1;etm1=0;eid1=200015;errorcode=900

Domain: vtrk.doubleverify.com
URL: https://vtrk.doubleverify.com/?v=1&t=event&ctx=22922297&cmp=DV764542&cid=1bd8f5f2-9726-4800-b448-ef6226fe7647&ec=vpaid&ea=AdError&el=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D640x360%26iu%3D%2F7326%2C22597733940%2Fen.sendtonews.web%26impl%3Ds%26gdfp_req%3D1%26env%3Dvp%26output%3Dvast%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fwww.henryherald.com%252F%26description_url%3Dhttps%3A%2F%2Fwww.sendtonews.com%2F%26cust_params%3Dstn_sport%253Dbaseball%2526stn_site%253Dhenryherald.com%26correlator%3D1811303728&cd10=405&cd100=normal&cd101=vast&cd102=src&cd103=https%3A%2F%2Fgcdn.2mdn.net%2Fvideoplayback%2Fid%2Fe5adc88ac5b9e7c5%2Fitag%2F347%2Fsource%2Fweb_video_ads%2Fxpc%2FEgVovf3BOg%253D%253D%2Fctier%2FL%2Facao%2Fyes%2Fip%2F0.0.0.0%2Fipbits%2F0%2Fexpire%2F3872243313%2Fsparams%2Fid%2Citag%2Csource%2Cxpc%2Cctier%2Cacao%2Cip%2Cipbits%2Cexpire%2Fsignature%2F6447FA0285E3786799A5B9E48111A24636D5EFCC.579630877379824490B135167A679D52094DE031%2Fkey%2Fck2%2Ffile%2Ffile.mp4&cd104=video%2Fmp4&cd105=vpaid-transformer%400.26.1%2Bjs&cd107=complete&cd109=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D640x360%26iu%3D%2F7326%2C22597733940%2Fen.sendtonews.web%26impl%3Ds%26gdfp_req%3D1%26env%3Dvp%26output%3Dvast%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fwww.henryherald.com%252F%26description_url%3Dhttps%3A%2F%2Fwww.sendtonews.com%2F%26cust_params%3Dstn_sport%253Dbaseball%2526stn_site%253Dhenryherald.com%26correlator%3D1811303728&cd110=VAST%20error%20405%3A%20Video%20Playback%20Error%3A%20MEDIA_ERR_SRC_NOT_SUPPORTED%20-%20MEDIA_ELEMENT_ERROR%3A%20Format%20error&cd111=wrapper&cd112=VastError%3A303&cd116=vast%3Adoubleclick.net%3A-1%3A1%3A0%2Cvast%3Apubads.g.doubleclick.net%3A400%3A0%3A1&cd117=-1&cd119=100&cd120=1&cd121=1&cd137=YNNY&cd138=1&cd139=1&cd140=NYNNN&cd160=41764721&cd161=2493080555&cd162=6697536658&cd163=138469832834&cd164=%2F92056281%2Fhenryherald-premium&cd165=22329899714&cd166=480x270&cd169=1&cd170=166&cd171=www.henryherald.com&cd182=vpaid-transformer%400.26.1&cd183=dvps_2024-10-16_84491518f_noconf&cd187=84491518f&cd188=YYZ&cd189=cloudflare&cm100=1005&cm101=565&cm104=-2&cm105=1024&cm106=576&cm107=2098&cm108=-1&cm109=10240&cm110=4114&cm111=3696&cm112=1005&cm113=565&cm114=0&cm115=106&cm116=417&cm117=418&cm119=419&cm120=420&cm167=15&cm180=2&cm181=2&cm182=414&cm183=7&cm184=2&z=17291053024159160715

Domain: targeting.unrulymedia.com
URL: https://targeting.unrulymedia.com/unruly_prebid

Verdicts & Comments Add Verdict or Comment

478 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

119 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.smartadserver.com/api	1970-01-21 09:48:39	Name: pid Value: 8916077529882178875
.henryherald.com/	1970-01-21 09:04:01	Name: FCNEC Value: %5B%5B%22AKsRol-aWb9bzuxj4b8BB-xNIFfa0SAl0pIgFmTyJNyEgY0q6Bc_nRiJBcWFy42flZZ0FOZUtO7tfLW6Lxb-LBUIrnifIzPlgllOrSvyMH0_K_nASHDY94kmV7CJyawlehirSMa_88GS4c00P29hSugSeEJx0Ky0GQ%3D%3D%22%5D%5D
.henryherald.com/	1970-01-21 09:04:01	Name: ajs_anonymous_id Value: e8060002-2677-44ab-965a-0c16d386c2ec
.33across.com/	1970-01-21 09:04:01	Name: check Value: true
.ad.gt/	1969-12-31 23:59:59	Name: au_3p_check Value: 1
.henryherald.com/	1970-01-21 09:04:01	Name: _au_1d Value: AU1D-0100-001729105284-ZO8LXXYM-6PWP
.crwdcntrl.net/	1970-01-21 06:47:13	Name: _cc_id Value: 9a6b89caf370a0eb3b6ccf23c309e493
.henryherald.com/	1970-01-21 06:47:13	Name: _cc_id Value: 9a6b89caf370a0eb3b6ccf23c309e493
.henryherald.com/	1970-01-21 00:19:51	Name: panoramaId_expiry Value: 1729191683902
.henryherald.com/	1970-01-21 09:54:25	Name: _ga Value: GA1.2.1023424955.1729105281
.henryherald.com/	1970-01-21 00:19:51	Name: _gid Value: GA1.2.691512822.1729105284
.adsrvr.org/	1970-01-21 09:04:01	Name: TDID Value: 2d3729d5-b806-4067-822d-2decd7d2b6d0
.pubmatic.com/	1970-01-21 02:28:01	Name: KTPCACOOKIE Value: true
.pubmatic.com/	1970-01-21 09:04:01	Name: KADUSERCOOKIE Value: FB66445C-C3F3-44ED-8C0A-4EBDD069BC32
.doubleclick.net/	1970-01-21 09:54:25	Name: IDE Value: AHWqTUla93G4Bj7Mw79pCwA-DZpoylr64BsSLGJU_YJQ1lNFwjOWhoT5S68MaIsb
.ad.gt/	1970-01-21 09:04:01	Name: au_id Value: AU1D-0100-001729105284-ZO8LXXYM-6PWP
.tapad.com/	1970-01-21 01:44:49	Name: TapAd_TS Value: 1729105285159
.tapad.com/	1970-01-21 01:44:49	Name: TapAd_DID Value: 9f4b967b-9b8a-4009-b171-1f34dcaedc2e
.tapad.com/	1970-01-21 01:44:49	Name: TapAd_3WAY_SYNCS Value: 1!6979
.rubiconproject.com/	1970-01-21 09:04:01	Name: khaos Value: M2C8N52L-8-IANZ
.rubiconproject.com/	1970-01-21 09:04:01	Name: khaos_p Value: M2C8N52L-8-IANZ
.criteo.com/	1970-01-21 09:40:01	Name: uid Value: 221552d3-2ac5-4577-b0f3-a94aeea54cf6
.criteo.com/	1970-01-21 09:40:01	Name: receive-cookie-deprecation Value: 1
.henryherald.com/	1970-01-21 09:40:01	Name: cto_bundle Value: dWjKsF9pMUJ1azV4QkZSeG5OT0RLdE5ENERHVzdvSUZaaXdsUkZuN1BFSjNjUFhtREdFQXdYOURUSUZjc1BoSjVkeSUyQklUcGhUcDNtd1pGaXNKYUt1aWJrSTdhWVpjeWNhUU11QkRaUVByNzBBRFRndDYlMkZJblFIQkhRcVNtWGxSOWtFTEZ2ZGp3NGpNVlZ2VlZYYUI1VWtsUFd2QUpta05HM0ZPNDNuMUNYc2E4ZXFVJTNE
.adnxs.com/	1970-01-21 02:28:01	Name: XANDR_PANID Value: wqd2sdtqWqLLGwPRxKGj674HbVHMCUnM0iEyi778TiStIUoaR5V8gT0ZgO51OFBCRpxjCGTUwFMYQQ5vLPxnfWoOehJ4bc8_BRKpCXv4Fzw.
.adnxs.com/	1970-01-21 09:54:25	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 02:28:01	Name: uuid2 Value: 8539633969967250559
.issuu.com/	1970-01-21 04:37:37	Name: iutk Value: 42229f7a-de73-408d-ba34-2633396cf274
.360yield.com/	1970-01-21 02:28:01	Name: tuuid Value: cec14f94-bebb-4311-8644-c7c929151504
.360yield.com/	1970-01-21 02:28:01	Name: tuuid_lu Value: 1729105289
.colossusssp.com/	1970-01-21 09:04:01	Name: gtm_usr Value: d81c5494-fcca-4936-a151-ff9a19b1ea8d
.colossusssp.com/	1970-01-21 09:04:01	Name: lmg_r Value: 66
.onetag-sys.com/	1970-01-21 09:48:11	Name: OTP Value: 9xZAXoNM7vWFWavm1ajZHavxB5U7UPIhWKELyuZEofY
.go.sonobi.com/	1970-01-21 09:04:01	Name: __uis Value: a4c8f263-ad69-4e9a-bb33-e6e4e276ac3a
.demdex.net/	1970-01-21 04:37:37	Name: demdex Value: 44798942743196665340047150774923446324
.contextweb.com/	1970-01-21 08:56:49	Name: V Value: EaEUmMnk2Wkt
.contextweb.com/	1970-01-21 08:56:49	Name: VP Value: part_EaEUmMnk2Wkt
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: feb17ed6a3090df4
.dpm.demdex.net/	1970-01-21 04:37:37	Name: dpm Value: 44798942743196665340047150774923446324
.henryherald.com/	1970-01-21 09:40:01	Name: __gpi Value: UID=00000f2ab9501a88:T=1729105292:RT=1729105292:S=ALNI_MbQ4__I-oyC1EEOSVQW4AbQ8KnTxg
.henryherald.com/	1970-01-21 04:37:37	Name: __eoi Value: ID=18a7672fb49fbd27:T=1729105292:RT=1729105292:S=AA-Afjat1vqdZq3HvaNNKvZwW0NE
.henryherald.com/	1969-12-31 23:59:59	Name: tncms_csrf_token Value: 9c2b210a5dc642d6ef268ce20f36978640553bb29045be72c9f44ff5235834f9.f657ddd2fb0f1187d24a
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: xZICuW_yPeo
.youtube.com/	1970-01-21 04:37:37	Name: VISITOR_INFO1_LIVE Value: LdLV8O6NDoY
.youtube.com/	1970-01-21 04:37:37	Name: VISITOR_PRIVACY_METADATA Value: CgJDQRIEGgAgWg%3D%3D
.amazon-adsystem.com/	1970-01-21 09:54:25	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-21 06:29:56	Name: ad-id Value: A3AQfZYu50SFodzSrwKhDQU
.henryherald.com/	1970-01-21 09:40:01	Name: __gads Value: ID=573db825ea19bcd2:T=1729105292:RT=1729105292:S=ALNI_MYSVVQY-ODbXW9Cw0-OyTNwD4_Kzg
.id5-sync.com/	1970-01-21 02:28:01	Name: id5 Value: 1ce11447-f0e5-7148-83d3-2748a4b6255b#1729105283154#3
.yieldmo.com/	1970-01-21 09:04:01	Name: yieldmo_id Value: Vey5VMM6r5MxlaXKrLzn%7C1729036800000%7C0
.ads.yieldmo.com/	1970-01-21 09:04:01	Name: re_sync Value: rc%3D1201607%7Cunl%3D1201607%7Ct%3D1201607%7Ctapad%3D1201607%7Can%3D1201607
.yellowblue.io/	1970-01-21 01:01:37	Name: wrvUserID Value: uH48jFHrC
.quantserve.com/	1970-01-21 09:48:39	Name: mc Value: 67100d8d-9356f-e7559-ef35a
.sharethrough.com/	1970-01-21 01:01:37	Name: stx_user_id Value: dca82aa5-7c95-448a-945b-2bd48b9e4cad
.bidr.io/	1970-01-21 09:46:58	Name: bitoIsSecure Value: ok
.bidr.io/	1970-01-21 09:46:58	Name: bito Value: AACzZE7OIBsAABSIBuci2A
.smaato.net/	1970-01-21 00:48:39	Name: SCMaps Value: 1f779dbb57
.smaato.net/	1970-01-21 00:48:39	Name: SCM Value: e222c3afc4
.smaato.net/	1970-01-21 00:48:39	Name: SCMrise Value: e222c3afc4
.id5-sync.com/	1970-01-21 02:28:01	Name: 3pi Value: 2#1729105293523#-1744232515#8539633969967250559\|264#1729105293275#-2059849676#2d3729d5-b806-4067-822d-2decd7d2b6d0\|108#1729105293820#-1474384072
.33across.com/	1970-01-21 09:04:01	Name: 33x_ps Value: u%3D212840013777464%3As1%3D1729105293956%3Ats%3D1729105293956
.openx.net/	1970-01-21 09:04:01	Name: i Value: e82ba2f2-0f5e-088a-3cf1-2d2b24d6768c\|1729105294
.henryherald.com/	1970-01-21 09:54:25	Name: _ga_4T2EB147B8 Value: GS1.1.1729105281.1.1.1729105294.47.0.0
.henryherald.com/	1970-01-21 09:54:25	Name: _ga_YV9PEL9JN5 Value: GS1.1.1729105281.1.1.1729105294.0.0.0
.gumgum.com/	1970-01-21 09:04:01	Name: vst Value: u_50ff9827-207c-4a04-abf6-19b9c27b98b5
.ads.yieldmo.com/	1970-01-21 09:04:01	Name: ptrunl Value: OPTOUT
sync.srv.stackadapt.com/	1970-01-21 09:04:01	Name: sa-user-id Value: s%3A0-bf02db40-4ee5-5757-5e71-752155e32311.nuVdo5K3ZhoZYC4QEht3N01N9FY%2BQK8uPoDQJMsK0jQ
.srv.stackadapt.com/	1970-01-21 09:04:01	Name: sa-user-id Value: s%3A0-bf02db40-4ee5-5757-5e71-752155e32311.nuVdo5K3ZhoZYC4QEht3N01N9FY%2BQK8uPoDQJMsK0jQ
sync.srv.stackadapt.com/	1970-01-21 09:04:01	Name: sa-user-id-v2 Value: s%3AvwLbQE7lV1decXUhVeMjEZovESk.wjDU0S37jE%2FDQbEiy8KNicZ7kk8uFbXen57J35sI%2BOw
.srv.stackadapt.com/	1970-01-21 09:04:01	Name: sa-user-id-v2 Value: s%3AvwLbQE7lV1decXUhVeMjEZovESk.wjDU0S37jE%2FDQbEiy8KNicZ7kk8uFbXen57J35sI%2BOw
sync.srv.stackadapt.com/	1970-01-21 09:04:01	Name: sa-user-id-v3 Value: s%3AAQAKINb80PEcZzyaSHd3zGAs06Qw7WfU5EZ22vRgwef3UnHfEGcYBCCOm8C4BjABOgS9RxseQgQQkYUv.yqeK1%2BSQ8OI9%2FHgaF4KhrMxmVH6hKyumk8nUFXGhtpI
.srv.stackadapt.com/	1970-01-21 09:04:01	Name: sa-user-id-v3 Value: s%3AAQAKINb80PEcZzyaSHd3zGAs06Qw7WfU5EZ22vRgwef3UnHfEGcYBCCOm8C4BjABOgS9RxseQgQQkYUv.yqeK1%2BSQ8OI9%2FHgaF4KhrMxmVH6hKyumk8nUFXGhtpI
.socdm.com/	1970-01-21 09:54:25	Name: SOC Value: ZxANj8Co8GwAAIvDSy8AAAAA
.bidswitch.net/	1970-01-21 09:04:01	Name: tuuid Value: ec3aacfd-c2be-4624-8433-6c1b52ebeab5
.bidswitch.net/	1970-01-21 09:04:01	Name: c Value: 1729105296
.bidswitch.net/	1970-01-21 09:04:01	Name: tuuid_lu Value: 1729105296
www.henryherald.com/	1970-01-21 01:01:37	Name: _pbjs_userid_consent_data Value: 6683316680106290
.rubiconproject.com/	1970-01-21 02:28:01	Name: receive-cookie-deprecation Value: 1
.ads.yieldmo.com/	1970-01-21 09:04:01	Name: ptrrc Value: M2C8N52L-8-IANZ
.yahoo.com/	1970-01-21 09:04:22	Name: A3 Value: d=AQABBJENEGcCEEH_s4wuxFABwJ-2bs8sSeIFEgEBAQFfEWcZZwAAAAAA_eMAAA&S=AQAAAh0ACVxhHQxgq0esLzMGuiQ
.lijit.com/	1970-01-21 09:04:01	Name: ljt_reader Value: Jge1APZHwHKHJwthSkWO1Mxv
.creativecdn.com/	1970-01-21 09:04:01	Name: ts Value: 1729105297
.creativecdn.com/	1970-01-21 09:04:01	Name: g Value: u7cysi5o11wltBX3z1r7_1729105297889
.lijit.com/	1970-01-21 09:04:01	Name: ljtrtbexp Value: eJyrVjI0U7IyNDc2MDY0sbA011GyMEDjm6LyjcxBfCNLc0MDAxDf0ghZvhYAm2gQZg%3D%3D
.smaato.net/	1970-01-21 00:48:39	Name: SCMsovrn Value: e222c3afc4
.scorecardresearch.com/	1970-01-21 09:40:01	Name: UID Value: 171849aac2dde2ea67118e41729105298
.scorecardresearch.com/	1970-01-21 09:40:01	Name: XID Value: 171849aac2dde2ea67118e41729105298
.lijit.com/	1970-01-21 09:04:01	Name: _ljtrtb_108 Value: e222c3afc4
.lijit.com/	1970-01-21 09:04:01	Name: _ljtrtb_85 Value: AACzZE7OIBsAABSIBuci2A
.lijit.com/	1970-01-21 09:04:01	Name: _ljtrtb_80 Value: M2C8N52L-8-IANZ
.lijit.com/	1970-01-21 09:04:01	Name: _ljtrtb_27 Value: 2d3729d5-b806-4067-822d-2decd7d2b6d0
.openx.net/	1970-01-21 00:40:01	Name: pd Value: v2\|1729105298\|vMbwuYgag2hEvPkWgyiK
.ads.yieldmo.com/	1970-01-21 09:04:01	Name: ptrt Value: 2d3729d5-b806-4067-822d-2decd7d2b6d0
.adsrvr.org/	1970-01-21 09:04:01	Name: TDCPM Value: CAESFAoFdGFwYWQSCwj6tb3x3oe3PRAFEhsKDHNoYXJldGhyb3VnaBILCNCow_Xfh7c9EAUYASABKAIyCwjMnsai9oe3PRAFOAFaDHNoYXJldGhyb3VnaGAC
.rlcdn.com/	1970-01-21 09:04:01	Name: rlas3 Value: 68CmtfWv2k54vjdNRRRKKiCT1LY+ud/XoSeBnulO8Yo=
.rubiconproject.com/	1970-01-21 09:04:01	Name: audit_p Value: 1\|EPmDcO/Ah0w1T9DNuN4MaFvJjV5kxXpsYw5T3zSZ/EC6DKtRtV0yeyne1jUxv6TzyrfrghfMM6HyUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnXeoZdd251EpF4HkUNZeCZCjD8f6N4+BrGBh1bPo7S4OYPDxny9O7hNPVHjylZIeXA8g3IVFsQqk
.rubiconproject.com/	1970-01-21 09:04:01	Name: audit Value: 1\|EPmDcO/Ah0w1T9DNuN4MaFvJjV5kxXpsYw5T3zSZ/EC6DKtRtV0yeyne1jUxv6TzyrfrghfMM6HyUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnXeoZdd251EpF4HkUNZeCZCjD8f6N4+BrGBh1bPo7S4OYPDxny9O7hNPVHjylZIeXA8g3IVFsQqk
.rlcdn.com/	1970-01-21 01:44:49	Name: pxrc Value: CJObwLgGEgUI6AcQABIFCOhHEAA=
.sitescout.com/	1970-01-21 09:04:01	Name: ssi Value: 1dc04380-615c-4bad-b693-ac293b07db0c#1729105299361
.linkedin.com/	1970-01-21 09:04:01	Name: bcookie Value: "v=2&d6aa7d74-4b3d-4e4a-8b78-2853886a185c"
.linkedin.com/	1970-01-21 00:19:51	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2958:u=1:x=1:i=1729105299:t=1729191699:v=2:sig=AQG9qyZbMgl5jfYax7IADzHr_aQG1gpU"
.deepintent.com/	1970-01-21 09:54:25	Name: CDIPARTNERS Value: %7B%221%22%3A%2220241016%22%7D
.deepintent.com/	1970-01-21 09:54:25	Name: CDIUSER Value: di_e36ade1b28a74463b6a2e
.pippio.com/	1970-01-21 09:04:01	Name: did Value: JiGbgKasGTxRK-UU
.pippio.com/	1970-01-21 09:04:01	Name: didts Value: 1729105300
.pippio.com/	1970-01-21 01:44:49	Name: nnls Value:
.pippio.com/	1970-01-21 01:44:49	Name: pxrc Value: CAA=
.ads.yieldmo.com/	1970-01-21 09:04:01	Name: ptrpp Value: EaEUmMnk2Wkt
.sitescout.com/	1970-01-21 01:01:37	Name: _ssuma Value: eyI0OCI6MTcyOTEwNTI5OTQxNCwiMTUiOjE3MjkxMDUyOTk0OTksIjI3IjoxNzI5MTA1MzAxNTM0LCIzOSI6MTcyOTEwNTI5OTQxNCwiNyI6MTcyOTEwNTI5OTQxNH0
.lijit.com/	1970-01-21 09:04:01	Name: ljtrtb Value: eJwVyjEOwjAMBdC7eMZS%2BG1iw%2BZUHSJBGdi60bhInRELiLs3rE%2FvSxA6E7wTnDzyoiFxH5KwAs7wtbo4luSBDqSh3SsGnSIurFxsmhsfgzZfAdTu8az9f8YmZsNnHuVW8sss30t%2B1w1Gvx1vVB0G
.lijit.com/	1970-01-21 09:04:01	Name: _ljtrtb_49 Value: EaEUmMnk2Wkt
.lijit.com/	1970-01-21 09:04:01	Name: _ljtrtb_84 Value: c:20dc7c841294dd916848c34b2b1ada7e
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8693\|ZxANm
.adform.net/	1970-01-21 01:03:03	Name: C Value: 1
.adform.net/	1970-01-21 01:44:49	Name: uid Value: 8168626276491927021
www.henryherald.com/	1970-01-21 02:26:06	Name: ccuid Value: 61fa16a6-d81b-497c-bfb6-c7cca2ffbef6
.dotomi.com/	1970-01-21 00:18:25	Name: DotomiTest Value: 7d42fd46b00f107d
.contextweb.com/	1970-01-21 09:04:01	Name: pb_rtb_ev Value: 3-1u8e\|4is.0.CAESEFF6AAmL9QtsVIom47XZcDU\|7TZ.0.1\|7dW.0.1\|2N.0.AQAEv9jkP3PWIAI0f4e7AQEBAQEBAQCTl7QSEAEBAJOXtBIQ\|3oy.0.1dc04380-615c-4bad-b693-ac293b07db0c-67100d93-5553\|7bq.0.1\|8i8.0.1
.contextweb.com/	1970-01-21 09:04:01	Name: pb_rtb_ev_part Value: 3-1u8e\|4is.0.CAESEFF6AAmL9QtsVIom47XZcDU\|7TZ.0.1\|7dW.0.1\|2N.0.AQAEv9jkP3PWIAI0f4e7AQEBAQEBAQCTl7QSEAEBAJOXtBIQ\|3oy.0.1dc04380-615c-4bad-b693-ac293b07db0c-67100d93-5553\|7bq.0.1\|8i8.0.1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.legacy.com/widgetloader/widgetLoader.js?type=ROV1&ld=true&ot=7&cnt=3&sw=1&rc=0&aid=4653 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=060ixe7ju6a65697ggf776kld6chgkgd7gjuom2wi0f0y062qqp320y0k0isqzrk2&gdpr=0 Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/templates/reveal.e5d561a6b71aa2730a07fa90f5f4f6d6.js Message: Unrecognized feature: 'web-share'.
network	error	URL: https://pbs.nextmillmedia.com/openrtb2/auction Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8650ff432ddd309d15a15e415a062d46.safeframe.googlesyndication.com
a.ad.gt
aax.amazon-adsystem.com
ad.360yield.com
ade.googlesyndication.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
analytics.google.com
ap.lijit.com
api.segment.io
assets.revcontent.com
bcp.crwdcntrl.net
bh.contextweb.com
bloximages.newyork1.vip.townnews.com
btlr.sharethrough.com
c.amazon-adsystem.com
cdn-ima.33across.com
cdn-p.cityspark.com
cdn.cityspark.com
cdn.confiant-integrations.net
cdn.doubleverify.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.segment.com
cdnjs.cloudflare.com
cdnmedia.sendtonews.com
chambermaster.blob.core.windows.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
csi.gstatic.com
d.turn.com
d3uvwl4wtkgzo1.cloudfront.net
dpm.demdex.net
e.issuu.com
embed.sendtonews.com
events3.bqstreamer.com
factor-service.prod.voltaxservices.io
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gajobsource.com
gcdn.2mdn.net
googleads.g.doubleclick.net
gum.criteo.com
hb.undertone.com
hbopenbid.pubmatic.com
henrycounty.chambermaster.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
image2.pubmatic.com
images.revcontent.com
imasdk.googleapis.com
invstatic101.creativecdn.com
japfg-trending-content.appspot.com
justapinch-com-d.openx.net
lb.eu-1-id5-sync.com
lexicon.33across.com
lh3.googleusercontent.com
match.adsrvr.org
mp.mmvideocdn.com
oa.openxcdn.net
onetag-sys.com
p.ad.gt
pagead2.googlesyndication.com
pb-ing-minutemedia.ccgateway.net
pb-rtd-minutemedia.ccgateway.net
pbs.nextmillmedia.com
pixel.tapad.com
pixels.ad.gt
prebid-server.rubiconproject.com
prediction.voltaxam.com
prg.smartadserver.com
proton.ad.gt
pubads.g.doubleclick.net
report2.hb.brainlyads.com
s.amazon-adsystem.com
s0.2mdn.net
s2l.sendtonews.com
s3.amazonaws.com
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
seg.ad.gt
selector.voltaxam.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.colossusssp.com
sync.go.sonobi.com
sync.smartadserver.com
tags.crwdcntrl.net
targeting.unrulymedia.com
td.doubleclick.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trends.revcontent.com
u.openx.net
us-u.openx.net
video.doubleverify.com
vtrk.doubleverify.com
www.americanhometownmedia.com
www.google-analytics.com
www.google.ca
www.googletagmanager.com
www.gstatic.com
www.henryherald.com
www.justapinch.com
www.legacy.com
www.mdjonline.com
www.youtube.com
yeet.revcontent.com
8650ff432ddd309d15a15e415a062d46.safeframe.googlesyndication.com
ade.googlesyndication.com
ads.stickyadstv.com
ads.yieldmo.com
ap.lijit.com
btlr.sharethrough.com
cdn-p.cityspark.com
cdn.doubleverify.com
cdn.jsdelivr.net
chambermaster.blob.core.windows.net
d.turn.com
d3uvwl4wtkgzo1.cloudfront.net
factor-service.prod.voltaxservices.io
gcdn.2mdn.net
hb.undertone.com
ib.adnxs.com
id5-sync.com
pb-ing-minutemedia.ccgateway.net
pb-rtd-minutemedia.ccgateway.net
pixels.ad.gt
prebid-server.rubiconproject.com
prediction.voltaxam.com
prg.smartadserver.com
report2.hb.brainlyads.com
s0.2mdn.net
sync.smartadserver.com
targeting.unrulymedia.com
tlx.3lift.com
trends.revcontent.com
u.openx.net
vtrk.doubleverify.com
www.legacy.com
104.16.133.24
104.17.25.14
104.18.166.97
104.18.35.167
104.18.36.155
104.18.43.90
104.22.4.69
104.22.53.173
104.22.53.86
104.26.3.103
108.138.106.56
108.138.106.70
108.138.128.46
108.139.47.33
108.139.48.9
13.226.38.199
13.35.93.31
130.211.10.17
141.95.33.120
141.95.98.65
142.250.176.193
142.250.31.155
142.250.64.98
142.250.65.170
142.250.65.193
142.250.65.194
142.250.65.206
142.250.65.227
142.250.72.110
142.250.72.98
142.250.80.104
142.250.80.34
142.250.80.54
142.250.80.67
142.251.32.110
142.251.35.170
142.251.40.142
142.251.40.148
142.251.40.194
142.251.40.195
142.251.40.202
142.251.40.98
151.101.65.55
152.195.19.97
172.240.155.116
172.64.151.101
172.67.23.234
18.164.111.42
18.164.124.94
18.173.132.82
18.233.80.206
18.238.55.120
18.238.63.215
18.238.80.114
18.238.80.124
192.104.183.109
192.104.183.209
207.65.37.179
216.17.94.178
216.239.32.3
216.239.36.181
23.203.179.38
23.45.193.13
23.55.235.217
3.209.42.86
3.222.126.88
3.232.0.61
3.33.220.150
34.102.146.192
34.111.113.62
34.120.58.62
34.96.70.87
34.98.64.218
35.166.70.59
35.244.159.8
35.244.193.51
35.81.90.104
50.21.179.247
51.222.39.187
51.81.244.170
52.216.145.69
52.42.22.207
54.158.203.65
68.67.161.182
69.166.1.67
69.173.151.100
69.194.240.13
74.119.117.17
74.119.117.4
74.214.194.131
8.28.7.83
98.82.157.231
01508050cebd845124748ef50cf6d83076278ef1bdace1fab62da9f3b9f12b73
017dd0aa14a990abfa92d4aee07a2b0f478c589e43dbd21ee7cf25d41fecf072
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
083c58ad495e46056f83cab3c7704eeb7c7f780ccdfe25522c35cadd9d401a0b
0a9b9016eaa078cb8dfabad9d61b69ed6fdae1339ccb81c209fdf958f608e425
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cb306b593b894cf55795f58dfc6582e18e2cec83da332a36394c5efce56d3fe
0fd63aadd0d80e084e1a8621b4e385947e8353f02390e07b485823af11074591
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
137320c2305b2aca3dc620bfa157928e9010ece0056668e9a7ad5436a808b7b2
1614281ea3ceb097071b78b590af2c261515d1454ce40d35d256fc6399a95ba6
1760bb9355d5a32c6b3d48ecf53dcfedeca08516b0b921682e9d0ce55ce74b26
1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8
190ad2ed715fa6405d9b9452ab8cf3af8e5128f7f44fc3c9a9ef6fa6c87c49e3
1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec
1b4345ca589a04a4012a06e6a6efc02622fee36a7879f2863628d79947b11b4f
1b53cc35f15a6e6c3e31df71e326e646d6989aec3917c656962a9736a5586297
1c42fe8b25d562fb8a997b6b46e32c6d95d0c8d541e5a801b630b2f846fabf38
1db92894e91902a539a934ca0eea6e0a231aac1bfad83aaae60c6a7a74b46f40
1dd93cf8910d7c7a5815b85c0d5b3ec80f062d5802567090fd79e31a1583c51e
1ff2f991d150ca93a6be3e3683014d7aaf00ddbfb15d4093bb72aacc466a8464
20655dabdcba99b9944db241c23280db3e0a7fe0045648e9f079dc227e56e29f
225bae0e307129c867c2d2fc3a9826581d797b1e7abd35a202cf47e0983991b0
252904bb838e1fb52a44c23792b4f5395783fae0ce1e9fa1d02f307c7657d1b6
25d8156ac83ab2c9d4dc8c43c296272815f1e3a1defcabc8392c8f44246418a2
26dd7e9b07a8f0d0622bb594a9af1f9ba33d65999bec26bc573e1f4c27c9a4a6
276423acf1aeaef39ade1c02300ad086c3a346eafa13b171686f1efe3e6b518c
27f86bdabcd87ad014cc6cdb2fa1f70ac7ad4eb45bcbb9277b7d614a3beb2bed
290f5ee95f8d69c6896bbc422f2aa6216a1b1d1c7c9f7cf8611b19effe3e0381
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
2a6189f8ee4035f048eaedb4744ef6300f362a90a1f7aa6906edeac2e8e49eb4
2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724
2ab706225cbeeddc1125e9da8aa4ac1cb924fb4e44635591a451fcef25df1dce
2b706e515af46421d813f90c1e8d495811050607254bc3b032df8a1c88256b92
2e4346aa7f0340066dfb5aa361ff449a438a172d5432719cd405e876a0d7b439
2e8e4844ad1bd1b013d7e4e95587851d3cb0473ccffa908bf5ed37e3c921cd49
30b03856aa4b06101fb7e96d907728241e0b9cd698732442bf350e98a21a465e
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
33c70c297b1a729f965a6aca60b7b3bb7a3b06bd13efe07698516fa98ac8b9f9
3446800d89c735843e2da095bdff24d4f72821848ea065954f404df635b4b7c9
3636b95d15f61f445c9454c7e75a8cd46c8d549a80d0595868280967bfc02d41
369b0c21906fdd75d4370af92e7f46c9b494a3f7b8c0bde8ef47aaf480a73145
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
376fae77a966c94c71a1b6766b901bc2728156af98bc9884594407fedda0b9a8
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
37e6cc263346b4e690fae589c112933ce06b190c953dede3bdca4f6f0c2d9f2b
3a0c0c339e20a8bdf46447c07f6ce8a9a4b58ab104a4b9d17dab462acc4cbec1
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bbced1bb3e86cc05b4729dd4f5e8fff6289cc06882a8265a98968b625f1a267
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f8039c88a4450c752cbe93c9917893aba2b4fa991fa092184ff6347eb7828fe
3fd4a89008db45e6eebd20ceb7169e4fe4ae10e29a0bfee5b9f73c96046dc18a
41ee6ab909674f99c6f3a489925bc056ae7f387da0c67b639975ae33807a6828
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
4400dcabcd7df6c3c68207d7ab6451ad5c8e6d378b53d8318cdb5f40d65e1bdd
448e1a4179ffa476609ed1e8909867082486239c06fb2e277f7843e3269d427b
47301f282e8305d2fad65561ab614d591b38f523a688c4dd4e6db97b62a6148d
47313660cd0b1b4de6e9ddbdfd085ed67664a06bdf4a368ea96e764121dfa86e
4773b8181c2ae8d78001af7baa212e4e56337c9e948c4c3a5a40a73828195055
47b458d178d59aaf310eae0f2f5193a333ae9594a3339ca656e61f21b9493a10
48d35e8f6e4acdc47ecbc0561060dbd83f34c7c268ed49dad0a57ec5337fa587
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4a2f7e500cb8c9e0ebe4cd3d32a451a04d3099640a668658f7567de806d8aee5
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50c9201fab5a8a851d4a225b1fdb97338c461b2aaee7357c235f26dfa7126168
52318e97b26ae1450bbc70c80465ba7152b6dfea531ac6e657f3801a885e1644
53b94e65768d49eda59af7f8c0f1ea06cae1bca8ff2697016f463818673df700
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
557c67c76c13a84e8b483ee1a0dfdd807399d960909266e7c6a83ddfadca9c81
580924d319b7c6a1bad56bbba2c472b93c7cac7f6c37106b97abbc3f7b41e3f4
58fa2158df0d62fb6cd500195fc63b30e2ade951a0eb047571b516f6baf4a8b0
5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07
5b24acc098a212e27a78f770054e005021089da389d56f9b9b1751649d0293b1
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
5e3718c850c94db1e3daa959e53737254c607f52f2d672182df6ac3a91386885
5e8020e3d61bfee03a48ca66498521053b0bdcc1a3d8791250ac9bf0f768cbf2
5ef1ee376d130228c011db5d64084f454c6e82acd78bf95afd4ad512b0fee9c2
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
6552854c2a01e5f87acad2eb623a57a04889c39f16093ab44476da562bb8710d
68a6a1251605dd76925b15e3581c1f1477e3d69d142ba4a98932c2732a210c2e
68e8f43c950afadfbb7ed37ddf551f2467c1513959cbdcbd918a9ff55fb5aa65
69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6ef7af6825dab9fc17277af764c79d2910919165ec48254a03eacde1d13aa9d0
6fdb7c12792ebd6e785128456249178e9b508c9677a300df8fbc6e7520147baa
712369aef7db8ee613780ed94892762890345add2113c7749b2f03b819c0a4fc
713ce628535c66ef3e3439611569fed5dbda355deca4884062f1109542c86fff
73fedefec9a793510e7041b5e6275ba26c135ef44682c504bd2a0b940fbed0ed
7458edd9b7b53f7b32c80f4856a8a0d1c4b7557c589f7c6b860c30a43829ac3a
74f839c03bf60e8fdb077ac9fd821352ef2c5990fdc8587e77ca27093f2831bb
75419e603e249b257a21cf0544fcc352060a539b8141f53d9139facc034f8446
75eaff1b0db3d278028ca29165d0e696ab4fe9d0ecf694b1ee84623c1f9a2d73
770dcaf045c045c66d6903b436c5b8c6f5d5a466fb3f17b3ba8f778f756b7621
778ddd4dd74db059c0b76267e415e95fca61d5396f6d485e3d7a75028f371fbd
7df60506c5f3ffefc8d5e37ee094f4f6dd236ddf086b5a10093326daf7110da3
7e372f27f6b86fb32edac34704eff12cf8bb051f98510c450ee94f0af9aaa45a
7ea384b3204c81b1b6ab4bf34284717ddd10d0577ad0fd336231ab24041f39f3
7f4049e8923ddb3b759697aebae3d69181b42fa677abba4d875f4a1ba7beff89
802d116e3f80c856dfef325dc70c70afcf573bbd807378c3dd74493c61aff5e2
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
85f533abe3b5a38641f74df6b67d9af53dd013d060ab52becd0b41dddce6c757
86705d0284fc691f529ee35e72b753b97e0a1f3765963cb24d62cfa5e7b07fad
87767252cdad9bc33f0b331cd2cee841459fdb852f523511d3d6e6b7d043aac8
885abd095038d0b26ddf25b2d8dcb7821d1fcf71206af595bd9856b9219eaf89
8961f5c4bd305e75618ec23aebca6c4e4c3ad93ade20f6673a58172be4568d6e
89bc3dc894e0ed4accba396b418dc0095b15c4f9d106f4202c593064dda6aade
8a2ab36c83d5d55e311fbf787dbc7de0a17b89eb0b30b1772f518a79db334001
8b8506928501a437418ca18498b5fcbd474b0c4bfc96b438bc9e09baa53adce5
8c25747b95d5c3241aaa1fe359079ac74307a2b00ca75b621959c4f056f1291a
8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8f2c4bcb919e31182646d5e52650914f15a9cc8ff0847d30c4dc4adcd4c2653c
8f508ba3c552f04a5beba665d54025714c4da518fe98a00cd2f6655301f896b1
8fa5deb87fcd2378185227321ae20ce283f190455da484428fe964250e7bce59
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
90f64d1cc38ddf1f87072fda4949f973a898ea9a0d93a4ce2d0304a8bb02298c
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
95f5f0b3107249d432e553b9118a5d35d9966cf81d7d2137ed0e297f1d4401ac
979069acd9d6c281cbdc617e4db3e9757d2e964416d8da8b3b1d9f75a2685615
9db6f324c86b5c457a945e167955af382aaaf32a61f9cca92386a06c3e1e95be
9fd8ca0893346d09e7a7e4dacc00cffb9dc211698c5284affdd7534f667da7aa
9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4
9ff08936b71e869070240612df29c1d4e12f8ea55220ef91a163993196717b81
a36d75a092267e94b639bd52ac85868d9d7149b4df582fd7baa6bbcc53345ee2
a69ce83f86f2e80772d4e867c6d46d9aac905c7554a9300222eefa80e34c24bf
a86ef2999a5af962f217a9a65615a898748ee2b90882ef7120a613c20bab2501
a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f
aa01293a36ab10fde336d52729e5095a11a412119e91f041bd8adfbca97c6cc2
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
ae33c40aa889646f2c2b3383d8be2cb2a29f4c84e27cc856536bf576dcd82f33
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b031c3238b017ab0fd84b1d17c33de4892a4deaa5e6002a071feebdf98719c60
b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba
b0e9bd147bed9f59a5805d289af14709afe48af737aa0eb145d4847d7481ea7c
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24ed8b1a61c8b66adb57fcbc6be9463cc6e7b690940185afd42ef3b5067e46c
b26646b4d9dc7719d7e504ee17c4cafcca7c7a1be96a63a7f6d370b348f2376b
b2e5617805285f642b4986623c1706002e470ab76e767d3e0d1bf9a5a3a904a2
b374eb7048cad29b9a21bf05ca7a21543ff7468cc784d31e54eb137d4f6faf64
b3c926316fe4547c8f4bf9afedc765b67293808aef2437e9c2fecb100b0cb5d0
b93b4001b605115857887db3ff32d98e81c11a70d6528512e19cd3685297d781
b97ca5d361c5dd6f340271a3503f46faf9511c5df2729af1cc07b14299a19fef
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
baf0ae5ed80d87b570214d1aa301100af50803abaa721e6c4adcece78eed7a10
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bcdf71159c60a2ba21daf09ed46567df006d49c01be6285a9949ce50ef4d82da
bd10a172a92c6a0bc4bfd33f8b079b995d18ae5435a146d6a348180d5b7caa01
be4d73d8f5bd72ddf86ff4bfa39757dc308a209432fdcbca401eaa28c7cac0a4
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d
c3156c72751bbc6fdb263e79e4b1ab637da0c099441565aeb7f3ed24f08481b3
c4ccc7f8fe658d39e946f8f96e0868113534d6a1d561ef2016dd6ae6cb4df4f4
c82e30d71078c45820b07ad50fe40af143bb2175db9c803c8004f75135f66107
c925dcece063e452d7e8788f413dffe90f60e5a66b9e0ada72e03a801934d7a4
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
d036d654e0622364d1afd83a7d7f4badf6c0efd242e3bd1476b225f1d4971581
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d8816ae743135a5a65b7bf136e9baff4dcacf733c93d147b363a9a6ad26e17e8
d956c6da2ca7e08b3509659c363fdeb4203cb04f45ab5029b2648e79a8a83e82
dab85214b33f45bd9b39ca662039d3683a7c23ad51a54e6ebeca54e3c69cc544
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e06554613d105432fae1aa412844b832fcd21896daedceb895bfd375d3a8fbe4
e0aa3db7640fa6fd2d1895d614fc86109a2a26f85e1510de7e36873af1c584b7
e0cfc835ee6b1f05681c7719f2e5a89ddd2e2c8448cc59ff7c63c954563b200b
e201a5f8db27d17609e8087baf94a1aadd54189d3ed71c6e90962dd47a466ead
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e378b2eb4abc4575efe88ec83a18014028a3cff1025ff188ac171dc8e9b6ac17
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea78abfeabbec1a8524cf9ceef6e94d80fd76efc4a6af55ad019108c1d0d6a1b
ee4249a1f134b65f9d020d2b3d126ebf3d973f97fed472593312d366346a982f
ee5dfacd4dc98aa1154615d6453fe327433e0bf3e9c4b18b38e3b9894fae8756
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b272d7585f0f978a4b5331e7aeba23c529519d553bcead9bc1901896c448c2
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f692ec218ac434b82284dbaf6447cf24ce6b8c1bf08d8d7116ec2ba792faf355
f98d5fca3c93eb8086952c200e59dc21fc7b2ad893b5680cec00f4b7f2a38215
fcd544f5f46f7768e47ba49da112aa5d98404e96c786d36cb45c716f7d45a561
fd209725d48d96bfbd362312870bc81e38928bdde4ac3d25871b68a9e9b15d6e
fe9cc49cba7eededd4e951b66e366551b2c5b9f930bdf69c42a3ff9fc137fd60
fe9d3c399cfab2beae377ccb7ebd0e90cc65bd98aa0172e82e21e4cdb57ef597
ff835b66ff37ee4a4bf9de1a4446e07d37689ad2efb23f9262f01a0f9dbaa01c

www.henryherald.com Open in urlscan Pro 192.104.183.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

346 Requests

83 %HTTPS

0 %IPv6

78 Domains

121 Subdomains

84 IPs

6 Countries

6381 kBTransfer

15459 kBSize

119 Cookies

29 Outgoing links

Redirected requests

346 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.henryherald.com Open in urlscan Pro
192.104.183.109 Public Scan

Screenshot
Live screenshot

Full Image

346
Requests

83 %
HTTPS

0 %
IPv6

78
Domains

121
Subdomains

84
IPs

6
Countries

6381 kB
Transfer

15459 kB
Size

119
Cookies

346 HTTP transactions
5 data transactions