www.heraldextra.com Open in urlscan Pro
54.230.228.29 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://harktheherald.com/
Effective URL:
https://www.heraldextra.com/
Submission: On November 06 via api (November 6th 2024, 4:16:12 am UTC) from US — Scanned from DE

Summary HTTP 105 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 19 domains to perform 105 HTTP transactions. The main IP is 54.230.228.29, located in United States and belongs to AMAZON-02, US. The main domain is www.heraldextra.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 3rd 2024. Valid for: a year.

This is the only time www.heraldextra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.104.182.209 192.104.182.209	10668 (LEE-ASN) (LEE-ASN)
1 1	18.210.229.227 18.210.229.227	14618 (AMAZON-AES) (AMAZON-AES)
31	54.230.228.29 54.230.228.29	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
35	16.182.98.225 16.182.98.225	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
2	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:196f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	72.44.44.12 72.44.44.12	14618 (AMAZON-AES) (AMAZON-AES)
1	216.58.206.67 216.58.206.67	15169 (GOOGLE) (GOOGLE)
1	2600:9000:216... 2600:9000:2165:9800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.71 99.86.4.71	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	108.138.8.164 108.138.8.164	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
1	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6812:186f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
105	26

1 192.104.182.209 (United States) 1 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.us-midwest-1.vip.tn-cloud.net

harktheherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.229.227 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-229-227.compute-1.amazonaws.com

heraldextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 54.230.228.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-29.muc50.r.cloudfront.net

www.heraldextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 16.182.98.225 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ogden_images.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:196f (United States)

ASN13335 (CLOUDFLARENET, US)

detectdiscovery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.44.44.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-72-44-44-12.compute-1.amazonaws.com

promos.ogdennews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2165:9800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.8.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-8-164.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:186f (United States)

ASN13335 (CLOUDFLARENET, US)

butterbulb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	amazonaws.com ogden_images.s3.amazonaws.com	1 MB
32	heraldextra.com 1 redirects heraldextra.com — Cisco Umbrella Rank: 996501 www.heraldextra.com	197 KB
7	google.com www.google.com — Cisco Umbrella Rank: 3 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 region1.analytics.google.com — Cisco Umbrella Rank: 4401	128 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	345 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 345 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 651 aax.amazon-adsystem.com — Cisco Umbrella Rank: 457	84 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	183 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412 fonts.googleapis.com — Cisco Umbrella Rank: 30	38 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	78 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	201 KB
1	butterbulb.com butterbulb.com — Cisco Umbrella Rank: 303221	775 B
1	google.de www.google.de — Cisco Umbrella Rank: 11271	63 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 684	480 B
1	ogdennews.com promos.ogdennews.com — Cisco Umbrella Rank: 147579	992 B
1	detectdiscovery.com detectdiscovery.com — Cisco Umbrella Rank: 758517	24 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	3 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 791	33 KB
1	harktheherald.com 1 redirects harktheherald.com	97 B
105	19

	Domain	Requested by
35	ogden_images.s3.amazonaws.com	www.heraldextra.com
31	www.heraldextra.com	www.heraldextra.com code.jquery.com
5	fonts.gstatic.com	fonts.googleapis.com www.heraldextra.com
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	www.heraldextra.com c.amazon-adsystem.com
2	www.facebook.com	www.heraldextra.com
2	connect.facebook.net	www.heraldextra.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	www.heraldextra.com
2	www.googletagmanager.com	www.heraldextra.com www.googletagmanager.com
2	www.google.com	www.heraldextra.com www.gstatic.com
2	securepubads.g.doubleclick.net	www.heraldextra.com securepubads.g.doubleclick.net
1	butterbulb.com	detectdiscovery.com
1	www.google.de	www.heraldextra.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	static.adsafeprotected.com	www.heraldextra.com
1	www.gstatic.com	www.google.com
1	promos.ogdennews.com	code.jquery.com
1	detectdiscovery.com	www.heraldextra.com
1	cdn.jsdelivr.net	www.heraldextra.com
1	code.jquery.com	www.heraldextra.com
1	ajax.googleapis.com	www.heraldextra.com
1	heraldextra.com	1 redirects
1	harktheherald.com	1 redirects
105	27

This site contains links to these domains. Also see Links.

Domain
www.mynewsonthego.com
www.facebook.com
www.twitter.com
www.pinterest.com
www.instagram.com
jobs.heraldextra.com
www.utahlegals.com
heraldextra.column.us
twitter.com

Subject Issuer	Validity	Valid
*.ogdennews.com Amazon RSA 2048 M03	`2024-11-03` - `2025-12-03`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
detectdiscovery.com WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-15` - `2024-11-13`	3 months	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.google.de WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
butterbulb.com WE1	`2024-09-18` - `2024-12-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.heraldextra.com/
Frame ID: 1D43BA1EE55211DF444C439888D763A4
Requests: 104 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeeAEcqAAAAAK5XIkpu68jcWoQdS6g3oG9oH2j1&co=aHR0cHM6Ly93d3cuaGVyYWxkZXh0cmEuY29tOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=14al25uz602
Frame ID: FF48D0D73A05ED557EC383CC3D4D0966
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

News, Sports, Jobs - Daily Herald

Page URL History Show full URLs

http://harktheherald.com/ HTTP 307
https://harktheherald.com/ HTTP 301
http://heraldextra.com/ HTTP 307
https://heraldextra.com/ HTTP 302
https://www.heraldextra.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

105
Requests

100 %
HTTPS

50 %
IPv6

19
Domains

27
Subdomains

26
IPs

3
Countries

2834 kB
Transfer

6217 kB
Size

6
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.mynewsonthego.com/provo/free/getpubfront.aspx?freeid=990ff282-8e70-4476-bd8a-da63641757ab
Title: Today’s Paper

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UtahValleyDailyHerald/
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.twitter.com/heraldextra
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/dailyherald
Title: Pinterest

Search URL Search Domain Scan URL

URL: http://www.instagram.com/dailyheraldutah
Title: Instagram

Search URL Search Domain Scan URL

URL: https://jobs.heraldextra.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.utahlegals.com/
Title: Browse Notices

Search URL Search Domain Scan URL

URL: http://heraldextra.column.us/place
Title: Place Notice

Search URL Search Domain Scan URL

URL: https://twitter.com/heraldextra
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://harktheherald.com/ HTTP 307
https://harktheherald.com/ HTTP 301
http://heraldextra.com/ HTTP 307
https://heraldextra.com/ HTTP 302
https://www.heraldextra.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

105 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heraldextra.com/
Redirect Chain

http://harktheherald.com/
https://harktheherald.com/
http://heraldextra.com/
https://heraldextra.com/
https://www.heraldextra.com/

119 KB
26 KB

175ms
57ms

Document
text/html

54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 / PHP/7.4.33
Resource Hash: 782e94834eac92382e269b11dbee1cec9f911fe671c7c687aa21aebdb61706b5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 1831
cache-control: max-age=60, s-maxage=86400
content-encoding: gzip
content-length: 26436
content-type: text/html; charset=UTF-8
date: Wed, 06 Nov 2024 03:45:34 GMT
expires: Wed, 06 Nov 2024 03:46:24 GMT
link: <https://www.heraldextra.com/wp-json/>; rel="https://api.w.org/"
server: Apache/2.4.59 () PHP/7.4.33
vary: Accept-Encoding
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
x-amz-cf-id: 8Mw0oKSg9zEUZQBIxrXWcXTxNvBqiCWeXqWWOu0FEdCg6i6K4F3RcQ==
x-amz-cf-pop: MUC50-P5
x-cache: Hit from cloudfront
x-powered-by: PHP/7.4.33

Redirect headers

content-length: 212
content-type: text/html; charset=iso-8859-1
date: Wed, 06 Nov 2024 04:16:05 GMT
location: https://www.heraldextra.com/
server: Apache/2.4.59 () PHP/7.4.33

GET
H2 200 layout.css
www.heraldextra.com/wp-content/themes/oni_2021_daily/css/ 63 KB
11 KB 45ms
44ms Stylesheet
text/css 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/themes/oni_2021_daily/css/layout.css?v=2
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 5ce969b2d4f9239506f0210d2d48a549f1155cc04e082c8942b434d808f3bc08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "fd25-5ef2b126d0b05-gzip"
age: 267785
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 10976
x-amz-cf-id: aARvLjtchI46is-UxglBo6rDbUqliOuGVYA4MlvjFO7_dZ_YYKlrzg==
date: Sun, 03 Nov 2024 01:53:01 GMT
content-type: text/css
last-modified: Tue, 06 Dec 2022 16:12:35 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 134ms
41ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.heraldextra.com
URL: https://www.heraldextra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

content-encoding: gzip
age: 135153
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 14:43:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 14:43:33 GMT
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31021
x-xss-protection: 0
server: sffe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 105 KB
33 KB 208ms
62ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.heraldextra.com
URL: https://www.heraldextra.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

d49ff0336aaa35bb4a1194b9461cc84ff15609d948892d3e5afc887ed18d04ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

content-encoding: br
etag: 642 / 20033 / m202410280101 / config-hash: 10257544082128673461
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 04:16:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 06 Nov 2024 04:16:06 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33683
x-xss-protection: 0
server: cafe

GET
H2 200 style.min.css
www.heraldextra.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 46ms
46ms Stylesheet
text/css 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "15b26-5ec82acc53449-gzip"
age: 267785
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 11674
x-amz-cf-id: joSq1PwdJXrLki4lvJ1DB6JbtGh6PChBZABsMZrg1bapa0xVzZFm9A==
date: Sun, 03 Nov 2024 01:53:01 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 20:27:52 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
www.heraldextra.com/wp-includes/js/jquery/ 87 KB
31 KB 53ms
53ms Script
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "15db1-5ec82acc70908-gzip"
age: 267785
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 30908
x-amz-cf-id: ByKgwj1p90e-maZlenst3GTsYYmm-qthBRRIUtj9aw1VH7TtVLPyQw==
date: Sun, 03 Nov 2024 01:53:01 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 20:27:52 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 jquery-migrate.min.js Show response
www.heraldextra.com/wp-includes/js/jquery/ 11 KB
4 KB 76ms
75ms Script
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "2bd8-5dabb75e16ac0-gzip"
age: 493116
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 4169
x-amz-cf-id: yQr54POLkEI67PSJZh88Rv3TONEztuXBEFoJg1t-mq0YGVsmAAznfA==
date: Thu, 31 Oct 2024 11:17:30 GMT
content-type: application/javascript
last-modified: Mon, 21 Mar 2022 14:39:15 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 daily_herald_logo.svg
www.heraldextra.com/wp-content/themes/oni_2021_daily/images/ 5 KB
3 KB 76ms
76ms Image
image/svg+xml 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldextra.com/wp-content/themes/oni_2021_daily/images/daily_herald_logo.svg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 6d57f608a733bc3af253e3b75bda92c747c351b01cbcbb4ee3ce18f4a04df155

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

content-encoding: gzip
etag: "142f-5dabb690184c0-gzip"
age: 8820
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 2262
x-amz-cf-id: CVfEqdi_odY_KaGjh9Lz-XhVyvQrEeOzslkP3grk30ssKAtrQEUeVA==
date: Wed, 06 Nov 2024 02:18:56 GMT
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 14:35:39 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H/1.1 200
OK AP24311106471307-1200x799.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05204258/ 166 KB
166 KB 405ms
144ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05204258/AP24311106471307-1200x799.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 36f52d6a6ce83e65c786ac282183e3a3e846dd6d4bbacfe85ba2d5cef976f79a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: NHyoQqeOubG9PGP+4bo49L5Nz1qH8FKLMlaIqIYwOYM9/BBXEHiRJiLWjdaj1EkfXI1IV05a96I=
Cache-Control: max-age=31536000
ETag: "ad4589743d415a2ea625ebbc6bc2e3ec"
x-amz-request-id: THNGJW4G7F6K5D97
Accept-Ranges: bytes
Content-Length: 169652
Date: Wed, 06 Nov 2024 04:16:07 GMT
Last-Modified: Wed, 06 Nov 2024 03:42:59 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK IMG_9698-1200x900.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05141126/ 201 KB
201 KB 415ms
136ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05141126/IMG_9698-1200x900.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c6b78f4fcdbb784b73ca87a2ebc2b5a0b609eaacfe577b66297c70c818d41b7f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: FKWOO5IWXWUPgfbqb1up0h/Vw55SwtOTmGH8CFw/iiU8fH/KkZ53JY86Xrap3TCYGMN57VmOAfo=
Cache-Control: max-age=31536000
ETag: "405e33c6df05334a973b11862b98a619"
x-amz-request-id: THNJ5PNRWRBFQD9Q
Accept-Ranges: bytes
Content-Length: 205891
Date: Wed, 06 Nov 2024 04:16:07 GMT
Last-Modified: Tue, 05 Nov 2024 21:11:27 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK IMG_9684-1200x900.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04172042/ 251 KB
252 KB 435ms
169ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04172042/IMG_9684-1200x900.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7c5775430a3bf26e088aee6474fc3df297debf4aa014a46c56258428c23e17b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: 1qIt2cA39q05scaPxVFqBqh1h/eOYYvf94/1pPubkD8wq6lL35VGY/080eqY9KyMbZEq/fxC2BQ=
Cache-Control: max-age=31536000
ETag: "9ba910b613e86f774c73d3d0d46884fe"
x-amz-request-id: THNNS0DDY9EQ8TBD
Accept-Ranges: bytes
Content-Length: 257365
Date: Wed, 06 Nov 2024 04:16:07 GMT
Last-Modified: Tue, 05 Nov 2024 00:20:44 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK 206cd70bcd442537afc4f801c0a30a5b-1200x791.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2020/09/23052737/ 174 KB
175 KB 413ms
148ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2020/09/23052737/206cd70bcd442537afc4f801c0a30a5b-1200x791.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4f5ea35260b7266427ca6fe13e0374d5fdd8584faba2af05480246bf79b78193

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

Cache-Control: max-age=31536000
ETag: "1a2ad052a85ea873f00a13dff2c9c5d8"
x-amz-request-id: THNPGNW0Z935YDS3
Expires: Tue, 23 Aug 2022 12:10:26 GMT
Accept-Ranges: bytes
Content-Length: 178450
Date: Wed, 06 Nov 2024 04:16:07 GMT
Last-Modified: Mon, 23 Aug 2021 12:10:27 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-id-2: gwu5IM9XbjHZbL6eVVYKjbbKSwBGCckgMBvqHQqwW1zRoh9AN4Y7TOpzcu+RYiC7RjDSAq8Hvps=

GET
H2 200 jquery-1.11.0.min.js Show response
code.jquery.com/ 94 KB
33 KB 210ms
49ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-1787d"
age: 848827
x-cache: HIT, HIT
date: Wed, 06 Nov 2024 04:16:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 7289, 6314
x-served-by: cache-lga21931-LGA, cache-mxp6953-MXP
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1730866567.580618,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33357
server: nginx

GET
H2 200 slick.js Show response
www.heraldextra.com/wp-content/themes/oni_2021_daily/js/ 87 KB
15 KB 44ms
44ms Script
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/themes/oni_2021_daily/js/slick.js
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: d398d44ee07aa24f2903c61cf3510d7245896e7e0098bdc380f5562c8e51b04b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "15b7e-5dabb6910c700-gzip"
age: 267578
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 15078
x-amz-cf-id: 3_2QfDoRe_eEoa5n6JrMu-f-s1lWHRhu-l0MlSy5dtPOv0JfWiDGOw==
date: Sun, 03 Nov 2024 01:56:27 GMT
content-type: application/javascript
last-modified: Mon, 21 Mar 2022 14:35:40 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 slick.css
www.heraldextra.com/wp-content/themes/oni_2021_daily/css/ 2 KB
956 B 99ms
99ms Stylesheet
text/css 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/themes/oni_2021_daily/css/slick.css
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: e94e7f9dc17a393590c8cad01a7380d50e669cc767ae8c132b45a6c61cf9aee7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "73e-5dabb68f24280-gzip"
age: 232232
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 565
x-amz-cf-id: bWoWnN9HuXN00xrdH9ldWI6I8GgavMM1tRNdbD5gdivmSErpuz6s9A==
date: Wed, 06 Nov 2024 04:16:06 GMT
content-type: text/css
last-modified: Mon, 21 Mar 2022 14:35:38 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H/1.1 200
OK AP24310709882999-411x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05134302/ 32 KB
33 KB 391ms
132ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05134302/AP24310709882999-411x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3863ac02cb1e27847d312d0475826106b918dcbc97166a135aebd75ad3944802

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: AmqXYNEiSEuWwYE+2DLLELXuW/pdbo4651EZrbUmKP/lke7vhDa05hUr3ka+XsEWDFsqFfFEJUo=
Cache-Control: max-age=31536000
ETag: "3f2882ba7beecb65a9052c2f02e498cc"
x-amz-request-id: THNJT0RJENDYKXA3
Accept-Ranges: bytes
Content-Length: 32978
Date: Wed, 06 Nov 2024 04:16:07 GMT
Last-Modified: Tue, 05 Nov 2024 20:43:04 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24310198627263-411x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05133625/ 30 KB
30 KB 398ms
138ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05133625/AP24310198627263-411x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 187b896cbdd2f419582d794e25ee47a92a21f0ca8eb23c584c8f2982912aa201

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: zkzw40H8OMAk7idtaZhr5OY9S8MRGUET0d6EqzT+B/zD1k23KTkUNqCgLbxaCCZqu6zwuoiDAgI=
Cache-Control: max-age=31536000
ETag: "3edd7a30ca959c949bae5d665528423e"
x-amz-request-id: THNHBHN7MTX72HA4
Accept-Ranges: bytes
Content-Length: 30771
Date: Wed, 06 Nov 2024 04:16:07 GMT
Last-Modified: Tue, 05 Nov 2024 20:36:27 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24310412958878-440x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05102313/ 47 KB
48 KB 315ms
138ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05102313/AP24310412958878-440x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b40ab30e2cf23e1b4f462e32e084566e4d7f7a6eba9a85d641e645dc01980d7a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: UWjdkz4k3M+pjwGG5GUbJE3kRRxUqVBKO3PM73+9qHEsWc7gS/jQFDnGGh3LKJdwtoDHejjzbug=
Cache-Control: max-age=31536000
ETag: "e6354c351535bcd9ff2b500d2c060caf"
x-amz-request-id: THNTDRPX7T4EMYS7
Accept-Ranges: bytes
Content-Length: 48371
Date: Wed, 06 Nov 2024 04:16:07 GMT
Last-Modified: Tue, 05 Nov 2024 17:23:14 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24310441008589-411x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05100739/ 34 KB
35 KB 323ms
135ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05100739/AP24310441008589-411x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 23906409b3eb7a818df5a56c9741865f224424e54f1ec2d0559f0b615de84ae5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: Ua9pATPMlk3Sw6qmH0zIQxI1HSybtjKjiTmO0uzAlqe8w4nNxXKtoCPiKJVaB5d5Sfg3oRcHkAM=
Cache-Control: max-age=31536000
ETag: "81d9896ad722cd6eb8e6eeeb7bcdf3b6"
x-amz-request-id: THNM3ZWVTHDXYMBC
Accept-Ranges: bytes
Content-Length: 34916
Date: Wed, 06 Nov 2024 04:16:07 GMT
Last-Modified: Tue, 05 Nov 2024 17:07:40 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24306676995973-411x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04131738/ 24 KB
24 KB 139ms
138ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04131738/AP24306676995973-411x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6f0894af3ffa15f5a3f58a4126b29f9c46661c0d93e1ff5f1a2cffc416b43a27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: QAvsYz3ZdVTz4D4AHprLvWdGVQQbY98TNbf+5OBodWQeVgNrTxsPF/DdL7zPkeQohbj828VqrZ4=
Cache-Control: max-age=31536000
ETag: "8cd8ae705de1a4f2c1eada7baaf3b1be"
x-amz-request-id: J9PR6QY7PQ2C4J0J
Accept-Ranges: bytes
Content-Length: 24629
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Mon, 04 Nov 2024 20:17:40 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24301839404380-410x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04111720/ 34 KB
35 KB 136ms
136ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04111720/AP24301839404380-410x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: af5459702687bcef4d8491c8707ab12115aba5ef4062eb32b0a4907c63c7d52a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: v7z+RHmAjVROi5+AoL9aAX27erEoXx6gs3TOHtj+SyIZu76MiI74XOOiLqDNaiAMhhZ7E9j2uMw=
Cache-Control: max-age=31536000
ETag: "911eaf60e5d1cf1686c7d2eeadebdfc2"
x-amz-request-id: J9PP4Q7W4H9EX764
Accept-Ranges: bytes
Content-Length: 35303
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Mon, 04 Nov 2024 18:17:22 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24306580008870-411x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04111112/ 39 KB
40 KB 136ms
136ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04111112/AP24306580008870-411x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0748270e68f4b3defdd18247b35edbbb3e29c5600b643ae85467f19a40bb0cce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: bJLZHxae+UC67c4HQpuySVJbM4KlY4g3yXBm2LNm6yXt6Xs4CqGLIoWN+Rq3GgPy1bUDo77wLQY=
Cache-Control: max-age=31536000
ETag: "437ee4675541d116107a926a00be1499"
x-amz-request-id: J9PS99MPKDYHWYNJ
Accept-Ranges: bytes
Content-Length: 40218
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Mon, 04 Nov 2024 18:11:13 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24309285878154-411x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04110820/ 29 KB
29 KB 135ms
134ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04110820/AP24309285878154-411x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4492b66a0536317b7d4733328a3a37c60313b798f090ab7ea8c47a670cbdf2bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: 4MbfcXRESbGZmEFQbViGW8VlQWHm3eWj1ge6BHvF3Fdo4aYPBgLTNX9hXvD7UF55Rdrdq8rYUwI=
Cache-Control: max-age=31536000
ETag: "b539abcf01c4c147ed446202670a9e2c"
x-amz-request-id: J9PKPPDYTWF2XKBM
Accept-Ranges: bytes
Content-Length: 29328
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Mon, 04 Nov 2024 18:08:21 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24290656620202-411x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/01152505/ 22 KB
22 KB 151ms
150ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/01152505/AP24290656620202-411x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ae444a65fcd024ad0b5fbbc30020a04df273e784f48d6086f2b5a328cbdf1520

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: oZVohw3z8pGJAJZHbjIyZlvj88rrYWgef8PrasVSOyWtpIs15oen7S5NdXkG3QIthBHsdM7H8Ks=
Cache-Control: max-age=31536000
ETag: "7201ab67aba4fe5410d2c0dab9186e4c"
x-amz-request-id: J9PHKJKBS6TSP8ME
Accept-Ranges: bytes
Content-Length: 22150
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Fri, 01 Nov 2024 21:25:07 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24304779782739-410x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/01152044/ 45 KB
0 1ms
1ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/01152044/AP24304779782739-410x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: df739fc671fb672ec8056d59aad345e15fb32b1f6417db2ec30de96d4af5065d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: 3qRz7p3qIBOy37lLDS4JH03pPLpsrL0VUp2WmlSXDzoe/9Hl475tGrvNywSMS7xN25BXD4mBEdo=
Cache-Control: max-age=31536000
ETag: "e20d2e4652980f0f0198f38278959e02"
x-amz-request-id: J9PY2YW9BXB1HJ6Y
Accept-Ranges: bytes
Content-Length: 46536
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Fri, 01 Nov 2024 21:20:45 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK A50I2316-750x500.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2022/09/16100929/ 60 KB
60 KB 137ms
136ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2022/09/16100929/A50I2316-750x500.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 62ff57476716465e15cf67ba66392e3c57d70aece0a5dd849f0a70a5327590c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

Cache-Control: max-age=31536000
ETag: "d58adacf031c2be4e99309902a7ca246"
x-amz-request-id: J9PYETRZYDN3AZ96
Accept-Ranges: bytes
Content-Length: 60962
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Fri, 16 Sep 2022 16:09:31 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-id-2: LBpNAE5SKylaO61FnuNy0TOIPWg51zYeZqgJzEUaT2anDDOMmuJ4/CoTV625phJdC1ZKQh+K1Gg=

GET
H/1.1 200
OK Aegis-Headshots-Day-1-4348-scaled-1-333x500.jpeg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/03/01113411/ 57 KB
57 KB 135ms
134ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/03/01113411/Aegis-Headshots-Day-1-4348-scaled-1-333x500.jpeg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7178cc3e76decbf8b2438933443acdc43a1239bcf726fc8da1fd12570f61be96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: mZqmDe2xULsdUl4l/MPACBSipC10UEZBbJvE/6Ac0sk0TJ6L4yB64VbJKixkhz8AlhFHsXXNhMk=
Cache-Control: max-age=31536000
ETag: "f742ee6af8c69c5aa61e320e985b11ee"
x-amz-request-id: J9PQHRMYNY3DRPX8
Accept-Ranges: bytes
Content-Length: 57969
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Fri, 01 Mar 2024 18:34:12 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK Sandra-Joyce-Park-Dahl-374x500.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05150014/ 23 KB
23 KB 153ms
153ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05150014/Sandra-Joyce-Park-Dahl-374x500.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: eb4cf654ef3f5cb2d6a5665deaa36a48ba3b2f26638d8e425bf7b55eebfd0e3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: uc9AC4GUQbioMPgB73UoD66zNtWhyUe65kPprTuRD81PfGV/pY/w6if/ECsEIECTfMTT//SXmuc=
Cache-Control: max-age=31536000
ETag: "86fc463721a0d497c285223f0c91b64f"
x-amz-request-id: J9PTBTMNWXQFGMDZ
Accept-Ranges: bytes
Content-Length: 23485
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Tue, 05 Nov 2024 22:00:15 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK Farnes-Couple.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/10/28102329/ 49 KB
49 KB 137ms
136ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/10/28102329/Farnes-Couple.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ee6c73e7b6411ca53da807d5e87281ef11c32f665cd16e5b4faddb39e5aca5e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: yX1wJstZSDKWmK4r0FlA4/lES3Tw7TVujf99U4BCGn3o/YX9Fd47WId4Ql8c3sAIHfa3CqCDf60=
Cache-Control: max-age=31536000
ETag: "d0f70c3da20167a213815e5f8a046a2f"
x-amz-request-id: J9PRYB89HW80Z7JX
Accept-Ranges: bytes
Content-Length: 49851
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Mon, 28 Oct 2024 16:23:30 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK unnamed.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04122735/ 12 KB
12 KB 149ms
149ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04122735/unnamed.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 87862bda3691512df7e3198d6b3430f4d3d231f032e704bfc729f7e2012ca014

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: jljhZNjgT/p5t2RSIxDiqUSjwFjJytXzfc5X47jKmbvxsLsJl4QBvzYPDxkHkeDPv7vGIGncE0Q=
Cache-Control: max-age=31536000
ETag: "1b051b83880986f61095b8173abc92fb"
x-amz-request-id: J9PXKJX8DA5FA5X4
Accept-Ranges: bytes
Content-Length: 11989
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Mon, 04 Nov 2024 19:27:36 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK charly-lowry-photocredit-linda-fox-1024x731-1-700x500.jpeg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/10/31145028/ 58 KB
58 KB 148ms
148ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/10/31145028/charly-lowry-photocredit-linda-fox-1024x731-1-700x500.jpeg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e9bf7e72a7a3b048057d71b218cc35b4091e3da118479b9a6f239c23533b2e8f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: qKxnBTVRTUbri7hFj2fNRgmrmsv+8AYM7Z+ZfuAYFp636/gCEUMxAD8vrRK/WnOCGtJHaQiWgew=
Cache-Control: max-age=31536000
ETag: "2726c126c93062d5fe8e7658423a1954"
x-amz-request-id: J9PKYDSFPW95FP83
Accept-Ranges: bytes
Content-Length: 58920
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Thu, 31 Oct 2024 20:50:30 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 basic.min.css
www.heraldextra.com/wp-content/plugins/gravityforms/assets/css/dist/ 48 KB
7 KB 48ms
48ms Stylesheet
text/css 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/plugins/gravityforms/assets/css/dist/basic.min.css?ver=2.8.18
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 08c19ec190562f3078e2ad89f840a23315b57fec742d0906c8146b0b71eabee0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "c1a5-6237ac2ca5546-gzip"
age: 267784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 7280
x-amz-cf-id: DvimRFgnRQtlvd8mK5vo67H7AIL6fOZL9XEh6gVz_ERj84UimmgPWQ==
date: Sun, 03 Nov 2024 01:53:02 GMT
content-type: text/css
last-modified: Wed, 02 Oct 2024 09:07:01 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 theme-components.min.css
www.heraldextra.com/wp-content/plugins/gravityforms/assets/css/dist/ 0
333 B 48ms
48ms Stylesheet
text/css 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css?ver=2.8.18
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
etag: "0-6237ac2ca5546"
age: 261784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 0
x-amz-cf-id: 7ID9TFgR9fhbJOtvYOkyixB-b3lTDMHLx8OeEJRnXRmatNZ_QVf95w==
date: Sun, 03 Nov 2024 03:33:02 GMT
content-type: text/css
last-modified: Wed, 02 Oct 2024 09:07:01 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5

GET
H2 200 theme-ie11.min.css
www.heraldextra.com/wp-content/plugins/gravityforms/assets/css/dist/ 2 KB
795 B 48ms
47ms Stylesheet
text/css 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css?ver=2.8.18
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 3fee2241b1a7e456a690a5630244d9a452f20f2a8a241eb242238d418295750b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "6dd-6237ac2ca5546-gzip"
age: 267784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 401
x-amz-cf-id: szB4MxI--T1lKy9KMGQpu3TG54_ZqvBYMz5z6msb5AUIvjWm6aIfCQ==
date: Sun, 03 Nov 2024 01:53:02 GMT
content-type: text/css
last-modified: Wed, 02 Oct 2024 09:07:01 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 theme.min.css
www.heraldextra.com/wp-content/plugins/gravityforms/assets/css/dist/ 31 KB
6 KB 73ms
72ms Stylesheet
text/css 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/plugins/gravityforms/assets/css/dist/theme.min.css?ver=2.8.18
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: ca0af6b4ab8d2b645c51e8b2a3e8d3dce3a43f287d9edec5f01277e46526c757

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "7ddd-6237ac2ca5546-gzip"
age: 261784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 5896
x-amz-cf-id: 7P-s3Cri0eQAlqtaz4t02yoFC7ThCbxVQMyU1aNjnniNAVv3SxxD3w==
date: Sun, 03 Nov 2024 03:33:02 GMT
content-type: text/css
last-modified: Wed, 02 Oct 2024 09:07:01 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
997 B 204ms
56ms Script
text/javascript 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeeAEcqAAAAAK5XIkpu68jcWoQdS6g3oG9oH2j1&ver=1.6.0

Requested by

Host: www.heraldextra.com
URL: https://www.heraldextra.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

ESF /

Resource Hash

2874c01d56fdc903ed2b8a4d6efb16c569053f95ceca6aaefc83ab5d95f4b43d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 04:16:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Wed, 06 Nov 2024 04:16:06 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 regenerator-runtime.min.js Show response
www.heraldextra.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 73ms
73ms Script
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "194b-5dfc855f31300-gzip"
age: 267784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 2457
x-amz-cf-id: 0ZRQ3bRnjrkjnzvxOIFPECIdGZOacHSQ8JAVzek8R5T8HccW8-k21Q==
date: Sun, 03 Nov 2024 01:53:02 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 21:06:52 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 wp-polyfill.min.js Show response
www.heraldextra.com/wp-includes/js/dist/vendor/ 19 KB
7 KB 53ms
53ms Script
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "4ac6-5ec82acc5a979-gzip"
age: 267784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 7095
x-amz-cf-id: RqiX6ihFDkrG0GSCwdjBDnXjt7ooiJlSGG1xzdjOFEB8ravkw2ODyQ==
date: Sun, 03 Nov 2024 01:53:02 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 20:27:52 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 dom-ready.min.js Show response
www.heraldextra.com/wp-includes/js/dist/ 498 B
735 B 53ms
53ms Script
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "1f2-5dfc855f31300-gzip"
age: 267784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 331
x-amz-cf-id: OVFhq7TnafCBO2wzDu6Dj66PRL0oXdB8ljC7KQgUVeMoJZXQwIg_Lw==
date: Sun, 03 Nov 2024 01:53:02 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 21:06:52 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 hooks.min.js Show response
www.heraldextra.com/wp-includes/js/dist/ 5 KB
2 KB 71ms
71ms Script
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "132e-5dfc855f31300-gzip"
age: 261784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1661
x-amz-cf-id: XDY1MmtOvI_mObJ9v75lnld547ChJGlzGNMVoVWxYSyHhUwu5w82Ng==
date: Sun, 03 Nov 2024 03:33:02 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 21:06:52 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 i18n.min.js Show response
www.heraldextra.com/wp-includes/js/dist/ 10 KB
4 KB 71ms
71ms Script
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "27ee-5ec82acc693d8-gzip"
age: 267784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 3865
x-amz-cf-id: bcwKrc0DOKWftNw3jP13KpU1byyWx8rGwxjXRN3ktMUf4JoH9kCjtg==
date: Sun, 03 Nov 2024 01:53:02 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 20:27:52 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 a11y.min.js Show response
www.heraldextra.com/wp-includes/js/dist/ 2 KB
1 KB 71ms
71ms Script
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 5df2942db2352e49e00bcf3393b875a71d0acee986e48fbdcc5879846f5c3689

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "9cc-5dfc855f31300-gzip"
age: 267784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 989
x-amz-cf-id: iPydaPkmB4uIkB5VcnswrWPHl8EPP89gyiRmYFOqc6_pi0VmjQckyg==
date: Sun, 03 Nov 2024 01:53:02 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 21:06:52 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 jquery.json.min.js Show response
www.heraldextra.com/wp-content/plugins/gravityforms/js/ 2 KB
1 KB 105ms
105ms Script
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.8.18
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 998a575c7b376128a98e6d67e29c42e1726aac3489cf2c0b2aaebf6f6ad0b546

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "72c-6237ac2cb66b4-gzip"
age: 267784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 899
x-amz-cf-id: tlZIv_Wc9OjHnS8aou5Xq0of_U82kfxlSn5jEwNsQ5NV0A-47ujKoA==
date: Sun, 03 Nov 2024 01:53:02 GMT
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 09:07:01 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 gravityforms.min.js Show response
www.heraldextra.com/wp-content/plugins/gravityforms/js/ 46 KB
14 KB 105ms
105ms Script
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.8.18
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 154817f0d937e5e7fc5970a56687464e84d690e15e530d8e3f189869280c43e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "b690-6237ac2cb66b4-gzip"
age: 267784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 13759
x-amz-cf-id: TkKMYt8qG9Og1WWNa-HLJwv7q1bf2uV6R2YjSizhU2IXui7G5P4XAA==
date: Sun, 03 Nov 2024 01:53:02 GMT
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 09:07:01 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 conditional_logic.min.js Show response
www.heraldextra.com/wp-content/plugins/gravityforms/js/ 9 KB
3 KB 105ms
104ms Script
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/plugins/gravityforms/js/conditional_logic.min.js?ver=2.8.18
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 1b5b0187242aa0d8873c91877a0c55ec72c66eaffeea0742ca065ad26f52cd89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "2573-6237ac2cb66b4-gzip"
age: 267784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 3096
x-amz-cf-id: CI5mbao-ku_i32_UvCkFTBXkFbdM8jt0qEIyPoOfkrvQOrRZOnPHUA==
date: Sun, 03 Nov 2024 01:53:02 GMT
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 09:07:01 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 placeholders.jquery.min.js Show response
www.heraldextra.com/wp-content/plugins/gravityforms/js/ 5 KB
2 KB 102ms
102ms Script
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.8.18
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "121f-6237ac2cb66b4-gzip"
age: 267784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1750
x-amz-cf-id: 2zDtuebcxLSq16YhBsAr4voidjJ6o5V8kkZbLX_R75oUqCuIc-G1yw==
date: Sun, 03 Nov 2024 01:53:02 GMT
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 09:07:01 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 utils.min.js Show response
www.heraldextra.com/wp-content/plugins/gravityforms/assets/js/dist/ 38 KB
12 KB 107ms
107ms Script
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/plugins/gravityforms/assets/js/dist/utils.min.js?ver=50c7bea9c2320e16728e44ae9fde5f26
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 05a02a17f79ea82224a296d1b3067e36ae3440fca4172aead3b8fee4a4cfe770

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "97ad-6237ac2ca5546-gzip"
age: 267784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 11762
x-amz-cf-id: vqE2ReWoctSeK6JEtr3IDfBcZDLXSoo6EOl9OOMv9Xv_b2HBR3vhLg==
date: Sun, 03 Nov 2024 01:53:02 GMT
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 09:07:01 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 vendor-theme.min.js Show response
www.heraldextra.com/wp-content/plugins/gravityforms/assets/js/dist/ 17 KB
7 KB 107ms
107ms Script
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/plugins/gravityforms/assets/js/dist/vendor-theme.min.js?ver=54e7080aa7a02c83aa61fae430b9d869
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 6b63f93f45b836123619e22860a43538ac0cd157f7afd2f58134e28e5e18fa04

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "438a-6237ac2ca5546-gzip"
age: 267784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 6334
x-amz-cf-id: 0kozU1F_ZoflPFieZ4K5Kha55EMLrm7OGy1fentynQySohxTM-bRJg==
date: Sun, 03 Nov 2024 01:53:02 GMT
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 09:07:01 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 scripts-theme.min.js Show response
www.heraldextra.com/wp-content/plugins/gravityforms/assets/js/dist/ 4 KB
2 KB 133ms
133ms Script
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/plugins/gravityforms/assets/js/dist/scripts-theme.min.js?ver=bab19fd84843dabc070e73326d787910
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: fff9001fa9a705871580a83e3c2916c7d136360c55bf0b5ac88d6e055085678d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "1043-6237ac2ca5546-gzip"
age: 267784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1773
x-amz-cf-id: ozoBFdYCaY42Iaa_Jslq_mULabm2iG8pxsHjV3BVkbzRJg_S_9SOCw==
date: Sun, 03 Nov 2024 01:53:02 GMT
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 09:07:01 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 frontend-legacy.min.js Show response
www.heraldextra.com/wp-content/plugins/gravityformsrecaptcha/js/ 1 KB
979 B 108ms
108ms Script
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/plugins/gravityformsrecaptcha/js/frontend-legacy.min.js?ver=1.6.0
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 0ee0b109ff5dfaaa94bc0347df48c1c2a3a09dcea8fe49de2a5aac6ccb5551a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "467-622f6f4e137a0-gzip"
age: 267784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 576
x-amz-cf-id: mx_s5SKVWiLHVq4ah1FLi7JaXl_h_7TanyKXURMuFVlvwrnSEqtfKQ==
date: Sun, 03 Nov 2024 01:53:02 GMT
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 19:52:05 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@11.0.6/dist/ 5 KB
3 KB 205ms
49ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@11.0.6/dist/lazyload.min.js

Requested by

Host: www.heraldextra.com
URL: https://www.heraldextra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fd9b21475370627e77a6988f76c0bf93a005f9e66c4f2e9fd62e5c2de5976dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"1499-chVA5Lq8JbbyRbkq7vcOmT5AjYA"
age: 3688562
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 06 Nov 2024 04:16:06 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230144-FRA, cache-mxp6962-MXP
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2135
x-jsd-version: 11.0.6

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 229 KB
82 KB 189ms
57ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5XWNRNN

Requested by

Host: www.heraldextra.com
URL: https://www.heraldextra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c704fd62aac550792ac96b7352b6cbb212a8bb42ca1eaa6a6400428e5e79d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 06 Nov 2024 04:16:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 04:16:06 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 06 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 83092
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 print.css
www.heraldextra.com/wp-content/themes/oni_2021_daily/css/ 1 KB
849 B 103ms
103ms Stylesheet
text/css 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/themes/oni_2021_daily/css/print.css
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 2aa38f9689f47b8c0620ba023e4f88b244bd1645532d526a77e308bce3e4292d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "4ce-5dabb68f24280-gzip"
age: 267784
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 457
x-amz-cf-id: nVvvePaqXk_f5all0s7GwI8bFFBoWZB2tus1Ok7d3e15Jh5aFu8qEQ==
date: Sun, 03 Nov 2024 01:53:02 GMT
content-type: text/css
last-modified: Mon, 21 Mar 2022 14:35:38 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
955 B 152ms
55ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap

Requested by

Host: www.heraldextra.com
URL: https://www.heraldextra.com/wp-content/themes/oni_2021_daily/css/layout.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

918a6605a30759293b94242a84a0da24dcaae3576c30d4fedbd0c854da459b8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 04:16:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 04:16:06 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 06 Nov 2024 03:54:40 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 324 KB
80 KB 195ms
45ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d74e13622b2936b0395e33581297ab1b1600dd8b6b8c02a0fd292780d6c7a35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"b3da0d59872bd7a86984a426ca256adc"
age: 2710
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront), 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: ktohtBdvFRTAOPC9fiWLzQ-U_vwpL5mqXxDJZhjhrSjFfquMrqgovQ==
date: Wed, 06 Nov 2024 03:30:57 GMT
content-type: application/javascript
last-modified: Fri, 01 Nov 2024 20:18:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
x-amz-server-side-encryption: AES256

GET
H2 200 85c187d4390a42d5cd2a4a54fa20d7a9f7ee1c4a6684bac7e5aef981d6eebac9f1b32c57768ecbcd8a9e854b53b61c856bf0b6ed53baef8aa778a61b70ed Show response
detectdiscovery.com/ 67 KB
24 KB 233ms
85ms Script
text/javascript 2606:4700::6812:196f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://detectdiscovery.com/85c187d4390a42d5cd2a4a54fa20d7a9f7ee1c4a6684bac7e5aef981d6eebac9f1b32c57768ecbcd8a9e854b53b61c856bf0b6ed53baef8aa778a61b70ed

Requested by

Host: www.heraldextra.com
URL: https://www.heraldextra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee45f81a8c5917bb6e453cf6aa4fef329ef375b784b6b9e8e91111f378e3646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"6d89de3854bb8b5882b140ade5d012b08905f37a0007d275a727ac03f4dff9bc"
x-buildname: hoothoot
x-hostname: fen-hoothoot-europe-west1-x1l3
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 04:16:06 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Language
strict-transport-security: max-age=15724800; preload
cache-control: private, must-revalidate, max-age=21600
timing-allow-origin: *
x-datacenter: gce-europe-west1
via: 1.1 google
cf-ray: 8de2442958e61c3a-FRA
x-buildnumber: 1507459579
server: cloudflare

GET
H3 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 120ms
44ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.heraldextra.com
Referer: https://fonts.googleapis.com/

Response headers

age: 564551
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:26:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:26:55 GMT
last-modified: Tue, 02 May 2023 15:12:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22504
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 146ms
70ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.heraldextra.com
Referer: https://fonts.googleapis.com/

Response headers

age: 564966
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:20:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:20:00 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 118ms
46ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.heraldextra.com
Referer: https://fonts.googleapis.com/

Response headers

age: 564712
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:24:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:24:14 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H2 200 fontello.woff2
www.heraldextra.com/wp-content/themes/oni_2021_daily/css/font/ 3 KB
4 KB 73ms
39ms Font
application/octet-stream 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/themes/oni_2021_daily/css/font/fontello.woff2?63277023
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/wp-content/themes/oni_2021_daily/css/layout.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 1d376489c78a57ab22ae9aacfec24b47e8f3a2ba8731f7112fe21902baf83c40

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.heraldextra.com
Referer: https://www.heraldextra.com/wp-content/themes/oni_2021_daily/css/layout.css?v=2

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "cd8-5dabb68f24280-gzip"
age: 656916
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 3311
x-amz-cf-id: on7bPDq6wgJmUWbkLUe7NSrYcDWbORBrfgEzuALJ41apSM2M51kZGw==
date: Tue, 29 Oct 2024 13:47:30 GMT
last-modified: Mon, 21 Mar 2022 14:35:38 GMT
vary: Accept-Encoding
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5

GET
H/1.1 200
OK Aegis-Headshots-Day-1-4348-scaled-1-333x500.jpeg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/03/01113411/ 57 KB
0 0ms
0ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/03/01113411/Aegis-Headshots-Day-1-4348-scaled-1-333x500.jpeg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7178cc3e76decbf8b2438933443acdc43a1239bcf726fc8da1fd12570f61be96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: mZqmDe2xULsdUl4l/MPACBSipC10UEZBbJvE/6Ac0sk0TJ6L4yB64VbJKixkhz8AlhFHsXXNhMk=
Cache-Control: max-age=31536000
ETag: "f742ee6af8c69c5aa61e320e985b11ee"
x-amz-request-id: J9PQHRMYNY3DRPX8
Accept-Ranges: bytes
Content-Length: 57969
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Fri, 01 Mar 2024 18:34:12 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 inc_breakingNews.js Show response
www.heraldextra.com/_breakingNews/ 216 B
513 B 460ms
457ms XHR
application/javascript 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/_breakingNews/inc_breakingNews.js?_=1730866566654
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: c32feb0b2794d622e7fcd8fe31922ec811d1aff3265d1b438f4d8ce093549750

Request headers

Referer: https://www.heraldextra.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "d8-622d255821393-gzip"
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 111
x-amz-cf-id: ojQ1RPlthiRp3IOgI8Cz0ymMe3-TRCwYqLUQokqVUopYzYGZjSBdZQ==
date: Wed, 06 Nov 2024 04:16:07 GMT
content-type: application/javascript
last-modified: Tue, 24 Sep 2024 00:10:33 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding,User-Agent

GET
H2 200 get_promos.php Show response
promos.ogdennews.com/_custom/promos/ 6 KB
992 B 728ms
459ms XHR
text/html 72.44.44.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://promos.ogdennews.com/_custom/promos/get_promos.php?sid=DHPU&buster=0.5453105965098042
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.44.44.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-72-44-44-12.compute-1.amazonaws.com
Software: Apache/2.4.59 () PHP/7.4.33 / PHP/7.4.33
Resource Hash: cc6995c745b27b376df0e73b8ea24c28cb83048ab37a8a6e460f7f5f656ec184

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: text/html, */*; q=0.01
Referer: https://www.heraldextra.com/

Response headers

content-encoding: gzip
access-control-allow-origin: *
content-length: 798
date: Wed, 06 Nov 2024 04:16:07 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
server: Apache/2.4.59 () PHP/7.4.33
vary: Accept-Encoding,User-Agent

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 547 KB
217 KB 97ms
41ms Script
text/javascript 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeeAEcqAAAAAK5XIkpu68jcWoQdS6g3oG9oH2j1&ver=1.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.heraldextra.com
Referer: https://www.heraldextra.com/

Response headers

content-encoding: gzip
age: 43487
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 16:11:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 16:11:19 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222594
x-xss-protection: 0
server: sffe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/ 483 KB
150 KB 40ms
39ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

346c66e4f479f4a17ed1401f493c41c4c36b694580749098da5224e7707ed994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

content-encoding: br
etag: 2396380646379452942
age: 40095
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 17:07:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 05 Nov 2024 17:07:51 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 153075
x-xss-protection: 0
server: cafe

GET
H2 200 blur_image.jpg
www.heraldextra.com/wp-content/themes/oni_2021_daily/images/ 12 KB
13 KB 42ms
41ms Image
image/jpeg 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldextra.com/wp-content/themes/oni_2021_daily/images/blur_image.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/wp-content/themes/oni_2021_daily/css/layout.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: eb66a3807316801bcea37697d7af86a86345dfe48f335e7f804f73df1a85fc5e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/wp-content/themes/oni_2021_daily/css/layout.css?v=2

Response headers

cache-control: max-age=2628000
etag: "30a7-5dabb690184c0"
age: 267739
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 12455
x-amz-cf-id: NUdXHOmBqatD2sXQoxW5fdu9xPikf216SDR3pjHi9BEWAGti2hzmbQ==
date: Sun, 03 Nov 2024 01:53:47 GMT
content-type: image/jpeg
last-modified: Mon, 21 Mar 2022 14:35:39 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5

GET
H/1.1 200
OK AP24304779782739-410x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/01152044/ 45 KB
46 KB 338ms
138ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/01152044/AP24304779782739-410x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: df739fc671fb672ec8056d59aad345e15fb32b1f6417db2ec30de96d4af5065d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: 3qRz7p3qIBOy37lLDS4JH03pPLpsrL0VUp2WmlSXDzoe/9Hl475tGrvNywSMS7xN25BXD4mBEdo=
Cache-Control: max-age=31536000
ETag: "e20d2e4652980f0f0198f38278959e02"
x-amz-request-id: J9PY2YW9BXB1HJ6Y
Accept-Ranges: bytes
Content-Length: 46536
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Fri, 01 Nov 2024 21:20:45 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24310709882999-411x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05134302/ 32 KB
0 7ms
7ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05134302/AP24310709882999-411x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3863ac02cb1e27847d312d0475826106b918dcbc97166a135aebd75ad3944802

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: AmqXYNEiSEuWwYE+2DLLELXuW/pdbo4651EZrbUmKP/lke7vhDa05hUr3ka+XsEWDFsqFfFEJUo=
Cache-Control: max-age=31536000
ETag: "3f2882ba7beecb65a9052c2f02e498cc"
x-amz-request-id: THNJT0RJENDYKXA3
Accept-Ranges: bytes
Content-Length: 32978
Date: Wed, 06 Nov 2024 04:16:07 GMT
Last-Modified: Tue, 05 Nov 2024 20:43:04 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24310198627263-411x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05133625/ 30 KB
0 1ms
1ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05133625/AP24310198627263-411x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 187b896cbdd2f419582d794e25ee47a92a21f0ca8eb23c584c8f2982912aa201

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: zkzw40H8OMAk7idtaZhr5OY9S8MRGUET0d6EqzT+B/zD1k23KTkUNqCgLbxaCCZqu6zwuoiDAgI=
Cache-Control: max-age=31536000
ETag: "3edd7a30ca959c949bae5d665528423e"
x-amz-request-id: THNHBHN7MTX72HA4
Accept-Ranges: bytes
Content-Length: 30771
Date: Wed, 06 Nov 2024 04:16:07 GMT
Last-Modified: Tue, 05 Nov 2024 20:36:27 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24310412958878-440x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05102313/ 47 KB
0 2ms
2ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05102313/AP24310412958878-440x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b40ab30e2cf23e1b4f462e32e084566e4d7f7a6eba9a85d641e645dc01980d7a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: UWjdkz4k3M+pjwGG5GUbJE3kRRxUqVBKO3PM73+9qHEsWc7gS/jQFDnGGh3LKJdwtoDHejjzbug=
Cache-Control: max-age=31536000
ETag: "e6354c351535bcd9ff2b500d2c060caf"
x-amz-request-id: THNTDRPX7T4EMYS7
Accept-Ranges: bytes
Content-Length: 48371
Date: Wed, 06 Nov 2024 04:16:07 GMT
Last-Modified: Tue, 05 Nov 2024 17:23:14 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24310441008589-411x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05100739/ 34 KB
0 3ms
3ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05100739/AP24310441008589-411x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 23906409b3eb7a818df5a56c9741865f224424e54f1ec2d0559f0b615de84ae5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: Ua9pATPMlk3Sw6qmH0zIQxI1HSybtjKjiTmO0uzAlqe8w4nNxXKtoCPiKJVaB5d5Sfg3oRcHkAM=
Cache-Control: max-age=31536000
ETag: "81d9896ad722cd6eb8e6eeeb7bcdf3b6"
x-amz-request-id: THNM3ZWVTHDXYMBC
Accept-Ranges: bytes
Content-Length: 34916
Date: Wed, 06 Nov 2024 04:16:07 GMT
Last-Modified: Tue, 05 Nov 2024 17:07:40 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24306676995973-411x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04131738/ 24 KB
0 6ms
6ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04131738/AP24306676995973-411x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6f0894af3ffa15f5a3f58a4126b29f9c46661c0d93e1ff5f1a2cffc416b43a27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: QAvsYz3ZdVTz4D4AHprLvWdGVQQbY98TNbf+5OBodWQeVgNrTxsPF/DdL7zPkeQohbj828VqrZ4=
Cache-Control: max-age=31536000
ETag: "8cd8ae705de1a4f2c1eada7baaf3b1be"
x-amz-request-id: J9PR6QY7PQ2C4J0J
Accept-Ranges: bytes
Content-Length: 24629
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Mon, 04 Nov 2024 20:17:40 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24301839404380-410x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04111720/ 34 KB
0 1ms
1ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04111720/AP24301839404380-410x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: af5459702687bcef4d8491c8707ab12115aba5ef4062eb32b0a4907c63c7d52a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: v7z+RHmAjVROi5+AoL9aAX27erEoXx6gs3TOHtj+SyIZu76MiI74XOOiLqDNaiAMhhZ7E9j2uMw=
Cache-Control: max-age=31536000
ETag: "911eaf60e5d1cf1686c7d2eeadebdfc2"
x-amz-request-id: J9PP4Q7W4H9EX764
Accept-Ranges: bytes
Content-Length: 35303
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Mon, 04 Nov 2024 18:17:22 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24306580008870-411x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04111112/ 39 KB
0 2ms
2ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04111112/AP24306580008870-411x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0748270e68f4b3defdd18247b35edbbb3e29c5600b643ae85467f19a40bb0cce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: bJLZHxae+UC67c4HQpuySVJbM4KlY4g3yXBm2LNm6yXt6Xs4CqGLIoWN+Rq3GgPy1bUDo77wLQY=
Cache-Control: max-age=31536000
ETag: "437ee4675541d116107a926a00be1499"
x-amz-request-id: J9PS99MPKDYHWYNJ
Accept-Ranges: bytes
Content-Length: 40218
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Mon, 04 Nov 2024 18:11:13 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24309285878154-411x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04110820/ 29 KB
0 8ms
8ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/04110820/AP24309285878154-411x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4492b66a0536317b7d4733328a3a37c60313b798f090ab7ea8c47a670cbdf2bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: 4MbfcXRESbGZmEFQbViGW8VlQWHm3eWj1ge6BHvF3Fdo4aYPBgLTNX9hXvD7UF55Rdrdq8rYUwI=
Cache-Control: max-age=31536000
ETag: "b539abcf01c4c147ed446202670a9e2c"
x-amz-request-id: J9PKPPDYTWF2XKBM
Accept-Ranges: bytes
Content-Length: 29328
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Mon, 04 Nov 2024 18:08:21 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK AP24290656620202-411x274.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/01152505/ 22 KB
0 2ms
2ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/01152505/AP24290656620202-411x274.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ae444a65fcd024ad0b5fbbc30020a04df273e784f48d6086f2b5a328cbdf1520

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: oZVohw3z8pGJAJZHbjIyZlvj88rrYWgef8PrasVSOyWtpIs15oen7S5NdXkG3QIthBHsdM7H8Ks=
Cache-Control: max-age=31536000
ETag: "7201ab67aba4fe5410d2c0dab9186e4c"
x-amz-request-id: J9PHKJKBS6TSP8ME
Accept-Ranges: bytes
Content-Length: 22150
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Fri, 01 Nov 2024 21:25:07 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
480 B 153ms
40ms Image
image/gif 2600:9000:2165:9800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adspot_id=lmixf_728x90_
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2165:9800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
age: 15695
x-cache: Hit from cloudfront
x-amz-cf-id: YzF0dMRle6S4leeAEpj_A1Lj0JYRoYtggZdLFmRO7LjSiVs57scdpQ==
date: Tue, 05 Nov 2024 23:54:32 GMT
content-type: image/gif
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 419820c97f609bc6c7a0fe8ab9ac7158.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 43
x-amz-cf-pop: MUC50-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 729ce0ef-27ae-4112-a6f1-52cb2c548a08 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
829 B 144ms
39ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/729ce0ef-27ae-4112-a6f1-52cb2c548a08
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: f27a98f4565c914ccda5a42cf1960798de70a0386a3e8f423897a1afac3abe17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=3600
age: 2851
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 563
x-amz-cf-id: rTgs_LXnEHfLpdqhCfVwczg98CIsbyXKYgcRP_azAW36YKiP2AI6Ew==
date: Wed, 06 Nov 2024 03:28:35 GMT
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
server: CloudFront

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
314 B 41ms
40ms XHR
text/plain 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.heraldextra.com&pubid=729ce0ef-27ae-4112-a6f1-52cb2c548a08
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=21550, s-maxage=21600
age: 19199
access-control-allow-credentials: true
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.heraldextra.com
x-cache: Hit from cloudfront
x-amz-cf-id: xrJ6aK5fzvgRDqSe7Og-emaDu63lgjKUmMibzjpKL4lCRnd7fW78_Q==
date: Tue, 05 Nov 2024 22:56:06 GMT
x-amz-cf-pop: FRA56-P6
server: Server

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 119ms
40ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
age: 85260
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: RBmC2DdAJ_BmXSNjYxh-HuN3ZEu6_dm5--AuqgVCyJZ_yYAjapoCEg==
date: Tue, 05 Nov 2024 04:35:07 GMT
content-type: application/javascript
vary: Origin,accept-encoding
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 357 KB
119 KB 54ms
48ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z3HN8E0HNS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XWNRNN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba650dd9978df52aa46d7116cac01b535f02702c3e944b42a6386389ff0f980a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 06 Nov 2024 04:16:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 04:16:06 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 121323
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 145ms
39ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XWNRNN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

content-encoding: gzip
age: 2757
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 05:30:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 03:30:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
63 KB 142ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.heraldextra.com
URL: https://www.heraldextra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55270971fdc4172d5cbba95dadd779074eadb9c50bf16c2b3253ccc6bc8fc363

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-akq9CclY' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 04:16:06 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-akq9CclY' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=13, mss=1297, tbw=2940, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: nKJFsyl3gONaru/dxJwyMEYOWrKdKshQMe0Y8fz97kucJH9IPwlivyinGtPLQmKqrwZ6dUusfHvXeGjB4mdxGg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK A50I2316-750x500.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2022/09/16100929/ 60 KB
0 3ms
1ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2022/09/16100929/A50I2316-750x500.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 62ff57476716465e15cf67ba66392e3c57d70aece0a5dd849f0a70a5327590c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

Cache-Control: max-age=31536000
ETag: "d58adacf031c2be4e99309902a7ca246"
x-amz-request-id: J9PYETRZYDN3AZ96
Accept-Ranges: bytes
Content-Length: 60962
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Fri, 16 Sep 2022 16:09:31 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-id-2: LBpNAE5SKylaO61FnuNy0TOIPWg51zYeZqgJzEUaT2anDDOMmuJ4/CoTV625phJdC1ZKQh+K1Gg=

GET
H/1.1 200
OK Sandra-Joyce-Park-Dahl-374x500.jpg
ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05150014/ 23 KB
0 3ms
3ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/www.heraldextra.com/images/2024/11/05150014/Sandra-Joyce-Park-Dahl-374x500.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: eb4cf654ef3f5cb2d6a5665deaa36a48ba3b2f26638d8e425bf7b55eebfd0e3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: uc9AC4GUQbioMPgB73UoD66zNtWhyUe65kPprTuRD81PfGV/pY/w6if/ECsEIECTfMTT//SXmuc=
Cache-Control: max-age=31536000
ETag: "86fc463721a0d497c285223f0c91b64f"
x-amz-request-id: J9PTBTMNWXQFGMDZ
Accept-Ranges: bytes
Content-Length: 23485
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Tue, 05 Nov 2024 22:00:15 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
380 B 232ms
89ms XHR
text/javascript 108.138.8.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.heraldextra.com%2F&pid=hpavgKmwPTT9f&cb=0&ws=1600x1200&v=24.910.1025&t=3000&slots=%5B%7B%22sd%22%3A%22DHPU_Top_728x90%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22452x250%22%5D%2C%22sn%22%3A%22%2F1032081%2FDHPU_Top_728x90%22%7D%2C%7B%22sd%22%3A%22DHPU_Middle_728x90%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22452x250%22%5D%2C%22sn%22%3A%22%2F1032081%2FDHPU_Middle_728x90%22%7D%2C%7B%22sd%22%3A%22DHPU_Right_300x600%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F1032081%2FDHPU_Right_300x600%22%7D%2C%7B%22sd%22%3A%22DHPU_Bottom_728x90%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22452x250%22%5D%2C%22sn%22%3A%22%2F1032081%2FDHPU_Bottom_728x90%22%7D%2C%7B%22sd%22%3A%22DHPU_Middle_300x250%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1032081%2FDHPU_Middle_300x250%22%7D%2C%7B%22sd%22%3A%22DHPU_Middle2_300x250%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1032081%2FDHPU_Middle2_300x250%22%7D%2C%7B%22sd%22%3A%22DHPU_PAW_1x1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F1032081%2FDHPU_PAW_1x1%22%7D%2C%7B%22sd%22%3A%22DHPU_FloatBar_1x1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F1032081%2FDHPU_FloatBar_1x1%22%7D%5D&pubid=729ce0ef-27ae-4112-a6f1-52cb2c548a08&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.8.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-8-164.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.heraldextra.com
x-cache: Miss from cloudfront
content-length: 43
x-amz-cf-id: zLn20fJNSp5fKHKiGmFrNo8R7KgWT75WZnynUsSI0te-yThoXF88_Q==
date: Wed, 06 Nov 2024 04:16:06 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: FRA56-P6
server: Server

GET
H2 200 1032081 Show response
fundingchoicesmessages.google.com/i/ 196 KB
65 KB 212ms
92ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/1032081?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f98d2cb8597ed64c305f25c70c6b35ccd0ef6b0a5b904caf04cd31bef742f1b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-EaZVrUn3x8AwpC9yO54jkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 04:16:07 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII1pBiOHnrNtNFIJb4-pJJA4id0mewBgFx681zrFOBOOnfedYiIHbXusjqD8SGCpdYHUG46BKrJxCr9lxiNQXi--susT4H4iKJK6xNQHy76QrrYyBm-HqFlQOIhbg52m-v3skmcODKM0UljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0MDYwM9A4P4AgMAazZEwQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-EaZVrUn3x8AwpC9yO54jkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame FF48 0
0 156ms
70ms Document
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeeAEcqAAAAAK5XIkpu68jcWoQdS6g3oG9oH2j1&co=aHR0cHM6Ly93d3cuaGVyYWxkZXh0cmEuY29tOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=14al25uz602

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8o3PM3How-1FKCM0kc6XaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldextra.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8o3PM3How-1FKCM0kc6XaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Nov 2024 04:16:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 153ms
53ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Z3HN8E0HNS&gtm=45je4au0v9117979096z89119154933za200zb9119154933&_p=1730866566212&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=1490747734.1730866567&ul=de-de&sr=1600x1200&_ng=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730866567&sct=1&seg=0&dl=https%3A%2F%2Fwww.heraldextra.com%2F&dt=News%2C%20Sports%2C%20Jobs%20-%20Daily%20Herald&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2040
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z3HN8E0HNS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.heraldextra.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 04:16:07 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
548 B 168ms
50ms Ping
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-Z3HN8E0HNS&cid=1490747734.1730866567&gtm=45je4au0v9117979096z89119154933za200zb9119154933&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101878899~101878944~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z3HN8E0HNS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.heraldextra.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 04:16:07 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 113ms
54ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-Z3HN8E0HNS&cid=1490747734.1730866567&gtm=45je4au0v9117979096z89119154933za200zb9119154933&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&tag_exp=101823848~101878899~101878944~101925629&z=523225064

Requested by

Host: www.heraldextra.com
URL: https://www.heraldextra.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 06 Nov 2024 04:16:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
424 B 59ms
59ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=789624983&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldextra.com%2F&ul=de-de&de=UTF-8&dt=News%2C%20Sports%2C%20Jobs%20-%20Daily%20Herald&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=868618446&gjid=1463796887&cid=1490747734.1730866567&tid=UA-92804485-1&_gid=1904127726.1730866567&_r=1&_slc=1&gtm=45He4au0n815XWNRNNv9119154933za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&npa=1&z=1110139261

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.heraldextra.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 04:16:07 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.heraldextra.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H2 200 1234360754408901 Show response
connect.facebook.net/signals/config/ 76 KB
15 KB 95ms
94ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1234360754408901?v=2.9.176&r=stable&domain=www.heraldextra.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d1eb307e17b5a7621460ad28f09f1f08545f135e3e8661f69a53191181d7e725

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-1SiDZPNs' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 04:16:07 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-1SiDZPNs' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=69, mss=1297, tbw=67724, tp=-1, tpl=-1, uplat=53, ullat=0
pragma: public
x-fb-debug: lgOs/MoyHX4Bcep+9IBLtugXDCJCuHa+co6kr4v5+OHKYOekocWKJUDOENrOimOM7snQBU8oHO3BaVcfNDr9Aw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 AGSKWxUC3VG0eeoZKIQ2ZaA_ojY1_i7gSzWz1tcZxkeR_fHnLVa8XegvexG9ZF8aE25KF9yhuMucoUlmxNBnUvWdAoJREUzFizvSbgTSLvdm1_zsBM0ct2vFh1Hm26Ofpk4Pyj5y6Q8rqQ== Show response
fundingchoicesmessages.google.com/f/ 411 KB
62 KB 112ms
110ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUC3VG0eeoZKIQ2ZaA_ojY1_i7gSzWz1tcZxkeR_fHnLVa8XegvexG9ZF8aE25KF9yhuMucoUlmxNBnUvWdAoJREUzFizvSbgTSLvdm1_zsBM0ct2vFh1Hm26Ofpk4Pyj5y6Q8rqQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwODY2NTY3LDIyMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuaGVyYWxkZXh0cmEuY29tLyIsbnVsbCxbWzgsIllzZ09PY3R1a3JJIl0sWzksImRlIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMyO9FXQaj3ay2zcf2hEtVYN0PGvtQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e20b56cf14bb2eca10f752e71b8acb555eba3d4d8028c608345207ff992a6cef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AqvdC04cgK7NF2h0U9t-UQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 04:16:07 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1JBikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgdte6yOoPxIYKl1gdQbjoEqsnEKv2XGI1BeL76y6xPgfiIokrrE1AfLvpCutjIGb4eoWVA4iFeDjab6_eySbw4f3tfkYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0MDYwM9A4P4AgMAj-JATw"
content-security-policy: script-src 'report-sample' 'nonce-AqvdC04cgK7NF2h0U9t-UQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 170ms
45ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1234360754408901&ev=PageView&dl=https%3A%2F%2Fwww.heraldextra.com%2F&rl=&if=false&ts=1730866567264&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730866567257.491469315756328874&cs_est=true&ler=empty&cdl=API_unavailable&it=1730866567088&coo=false&rqm=GET

Requested by

Host: www.heraldextra.com
URL: https://www.heraldextra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2966, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 06 Nov 2024 04:16:07 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 349ms
224ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1234360754408901&ev=PageView&dl=https%3A%2F%2Fwww.heraldextra.com%2F&rl=&if=false&ts=1730866567264&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730866567257.491469315756328874&cs_est=true&ler=empty&cdl=API_unavailable&it=1730866567088&coo=false&rqm=FGET

Requested by

Host: www.heraldextra.com
URL: https://www.heraldextra.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7434015300671192940"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 04:16:07 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: TalBnRIElWhWpiVGjttL3aObNd8URj9MgS1aYnFVNaULfExJCeoRvGMlQ6bfzCuLoQlqec+EmeY+e3TYwY8tPw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7434015300671192940", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=17, mss=1297, tbw=3284, tp=-1, tpl=-1, uplat=180, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 200 53c629183b7fa6ed9d0d18ab851e6ae1e05cf0b7bc Show response
butterbulb.com/submit/d40a86d3d8/ 303 B
775 B 206ms
86ms Fetch
application/json 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://butterbulb.com/submit/d40a86d3d8/53c629183b7fa6ed9d0d18ab851e6ae1e05cf0b7bc

Requested by

Host: detectdiscovery.com
URL: https://detectdiscovery.com/85c187d4390a42d5cd2a4a54fa20d7a9f7ee1c4a6684bac7e5aef981d6eebac9f1b32c57768ecbcd8a9e854b53b61c856bf0b6ed53baef8aa778a61b70ed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abe5d6e842fae19d350de0be96a0490851e4cbc0984d7dea7b8f6edcb7135414

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.heraldextra.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
x-buildname: hoothoot
access-control-allow-methods: POST, OPTIONS
x-hostname: fen-hoothoot-europe-west1-x1l3
expires: Wed, 06 Nov 2024 04:16:06 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 04:16:07 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security: max-age=15724800; preload
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
access-control-allow-credentials: true
x-datacenter: gce-europe-west1
via: 1.1 google
cf-ray: 8de2442e5fbe916a-FRA
access-control-allow-origin: https://www.heraldextra.com
x-buildnumber: 1507459579
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 114 KB
6 KB 78ms
69ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YsgOOctukrI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzKKCJ_eirEoHg0x_kw-rb21LJjzw/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3379b46641b48791c136b410e325c4e10f1b08be254fec82c726ec26089f6467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 04:16:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 04:16:07 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 06 Nov 2024 04:16:07 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK election-1.jpg
ogden_images.s3.amazonaws.com/promos.ogdennews.com/images/2024/11/05092120/ 45 KB
46 KB 134ms
133ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/promos.ogdennews.com/images/2024/11/05092120/election-1.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5c82054db0e363f2e137d8c901c6bec5003ebf3f3e23668f9e3dab338b2252ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: Jn7tp3/4cd+CNtkCfYojm2xu1nbC0u5i1xN9JoBoai5MhHknrk88gFzmzPhABO7aU0IirNqxmHo=
Cache-Control: max-age=31536000
ETag: "05367ff8f166051bf5bbf02e6fb296f6"
x-amz-request-id: J9PZG6F7ZY3BJR80
Accept-Ranges: bytes
Content-Length: 46417
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Tue, 05 Nov 2024 14:21:21 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK provo-win-ONO-320x130-1.jpg
ogden_images.s3.amazonaws.com/promos.ogdennews.com/images/2023/03/13142605/ 54 KB
54 KB 136ms
136ms Image
image/jpeg 16.182.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogden_images.s3.amazonaws.com/promos.ogdennews.com/images/2023/03/13142605/provo-win-ONO-320x130-1.jpg
Requested by: Host: www.heraldextra.com
URL: https://www.heraldextra.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.98.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f15bc2be7ac626911e452637c18c0c958ba37ecff3e1d9f7f3d8a1468621e3d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

x-amz-id-2: ImJk3QEQwhbjPjpO+Z07e3X11D+j4RHPjRBp903SIXDwz5qbqOrnSAuDD4GT8SW75oncFTksTKU=
Cache-Control: max-age=31536000
ETag: "23e259070bfda8edfc83a47f7fc31c32"
x-amz-request-id: J9PX0SJ6ME2MB5MH
Accept-Ranges: bytes
Content-Length: 54845
Date: Wed, 06 Nov 2024 04:16:08 GMT
Last-Modified: Mon, 13 May 2024 18:26:06 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 13 KB
13 KB 50ms
49ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

201dc695ba7ad24f5b671ffbb0074bcf1880605ab9bbf91a380465b6fe760988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.heraldextra.com
Referer: https://fonts.googleapis.com/

Response headers

age: 564231
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:32:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:32:16 GMT
last-modified: Tue, 15 Aug 2023 18:38:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12808
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 39ms
39ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www.heraldextra.com
URL: https://www.heraldextra.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.heraldextra.com
Referer: https://www.heraldextra.com/

Response headers

age: 564466
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:28:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:28:21 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

POST
H3 204 AGSKWxVKMW2EHr_3XOAfP6RegiYb5UBgJPYy9eu7jOkGd-Zi1D0NVsSPTnOWUy2-f3RgRqZy2RnM1yEBpvOSgnHwR9jwt8s_AWfe3u6vPXBiOBelTmEf6V-s4i9EThgB6geFdTeWngMYug== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 109ms
57ms XHR
text/html 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVKMW2EHr_3XOAfP6RegiYb5UBgJPYy9eu7jOkGd-Zi1D0NVsSPTnOWUy2-f3RgRqZy2RnM1yEBpvOSgnHwR9jwt8s_AWfe3u6vPXBiOBelTmEf6V-s4i9EThgB6geFdTeWngMYug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-njnDOu2_6oubGNIey7DxbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.heraldextra.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 04:16:07 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uFov716J5vAhZ5Ne5mUXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmhgbGhnoF5fIEBADJgKMs"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-njnDOu2_6oubGNIey7DxbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.heraldextra.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVKMW2EHr_3XOAfP6RegiYb5UBgJPYy9eu7jOkGd-Zi1D0NVsSPTnOWUy2-f3RgRqZy2RnM1yEBpvOSgnHwR9jwt8s_AWfe3u6vPXBiOBelTmEf6V-s4i9EThgB6geFdTeWngMYug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oXU7FHPpfTmQc3dioq7MUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.heraldextra.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 04:16:07 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0pBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uFov716J5vAhocfLjMpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDA2NDPQPz-AIDAFdAKU8"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oXU7FHPpfTmQc3dioq7MUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.heraldextra.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 favicon.ico
www.heraldextra.com/wp-content/themes/oni_2021_daily/ 318 B
581 B 41ms
41ms Other
image/vnd.microsoft.icon 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldextra.com/wp-content/themes/oni_2021_daily/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: Apache/2.4.59 () PHP/7.4.33 /
Resource Hash: 07d29bcc40a5cedcbe61c7e9cf3ebc3dec33a39a4f0f2efde87aa83d56da3cf5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.heraldextra.com/

Response headers

cache-control: max-age=2628000
content-encoding: gzip
etag: "13e-5dabb6910c700-gzip"
age: 266466
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 178
x-amz-cf-id: qDWvTtbDo4V9r-cmKkI44gLS-r1HJ8dq4G831K99ELzjEle8nH0Uuw==
date: Sun, 03 Nov 2024 02:15:01 GMT
content-type: image/vnd.microsoft.icon
last-modified: Mon, 21 Mar 2022 14:35:40 GMT
server: Apache/2.4.59 () PHP/7.4.33
x-amz-cf-pop: MUC50-P5
vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.heraldextra.com/	1970-01-21 10:23:46	Name: _ga_Z3HN8E0HNS Value: GS1.1.1730866567.1.0.1730866567.60.0.0
.heraldextra.com/	1970-01-21 10:23:46	Name: _ga Value: GA1.2.1490747734.1730866567
.heraldextra.com/	1970-01-21 00:49:12	Name: _gid Value: GA1.2.1904127726.1730866567
.heraldextra.com/	1970-01-21 00:47:46	Name: _gat_UA-92804485-1 Value: 1
.heraldextra.com/	1970-01-21 02:57:22	Name: _fbp Value: fb.1.1730866567257.491469315756328874
.heraldextra.com/	1970-01-21 10:16:34	Name: _awl Value: 2.1730866567.5-c2d1445ea100d27d850a951c62723637-6763652d6575726f70652d7765737431-0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ajax.googleapis.com
butterbulb.com
c.amazon-adsystem.com
cdn.jsdelivr.net
code.jquery.com
config.aps.amazon-adsystem.com
connect.facebook.net
detectdiscovery.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
harktheherald.com
heraldextra.com
ogden_images.s3.amazonaws.com
promos.ogdennews.com
region1.analytics.google.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.heraldextra.com
108.138.6.136
108.138.8.164
142.250.184.228
142.250.185.110
142.250.186.67
142.250.186.99
16.182.98.225
172.217.18.2
18.210.229.227
192.104.182.209
2001:4860:4802:32::36
216.58.206.67
2600:9000:2165:9800:8:48e:53c0:93a1
2606:4700::6812:186f
2606:4700::6812:196f
2a00:1450:4001:803::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:812::200a
2a00:1450:4001:830::2008
2a00:1450:400c:c09::9c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::649
2a04:4e42::485
54.230.228.29
72.44.44.12
99.86.4.71
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05a02a17f79ea82224a296d1b3067e36ae3440fca4172aead3b8fee4a4cfe770
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0748270e68f4b3defdd18247b35edbbb3e29c5600b643ae85467f19a40bb0cce
07d29bcc40a5cedcbe61c7e9cf3ebc3dec33a39a4f0f2efde87aa83d56da3cf5
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
08c19ec190562f3078e2ad89f840a23315b57fec742d0906c8146b0b71eabee0
0ee0b109ff5dfaaa94bc0347df48c1c2a3a09dcea8fe49de2a5aac6ccb5551a2
154817f0d937e5e7fc5970a56687464e84d690e15e530d8e3f189869280c43e7
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
187b896cbdd2f419582d794e25ee47a92a21f0ca8eb23c584c8f2982912aa201
1b5b0187242aa0d8873c91877a0c55ec72c66eaffeea0742ca065ad26f52cd89
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d376489c78a57ab22ae9aacfec24b47e8f3a2ba8731f7112fe21902baf83c40
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
201dc695ba7ad24f5b671ffbb0074bcf1880605ab9bbf91a380465b6fe760988
23906409b3eb7a818df5a56c9741865f224424e54f1ec2d0559f0b615de84ae5
2874c01d56fdc903ed2b8a4d6efb16c569053f95ceca6aaefc83ab5d95f4b43d
2aa38f9689f47b8c0620ba023e4f88b244bd1645532d526a77e308bce3e4292d
3379b46641b48791c136b410e325c4e10f1b08be254fec82c726ec26089f6467
346c66e4f479f4a17ed1401f493c41c4c36b694580749098da5224e7707ed994
36f52d6a6ce83e65c786ac282183e3a3e846dd6d4bbacfe85ba2d5cef976f79a
3863ac02cb1e27847d312d0475826106b918dcbc97166a135aebd75ad3944802
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3fee2241b1a7e456a690a5630244d9a452f20f2a8a241eb242238d418295750b
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4492b66a0536317b7d4733328a3a37c60313b798f090ab7ea8c47a670cbdf2bf
4f5ea35260b7266427ca6fe13e0374d5fdd8584faba2af05480246bf79b78193
55270971fdc4172d5cbba95dadd779074eadb9c50bf16c2b3253ccc6bc8fc363
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
5c82054db0e363f2e137d8c901c6bec5003ebf3f3e23668f9e3dab338b2252ee
5ce969b2d4f9239506f0210d2d48a549f1155cc04e082c8942b434d808f3bc08
5d74e13622b2936b0395e33581297ab1b1600dd8b6b8c02a0fd292780d6c7a35
5df2942db2352e49e00bcf3393b875a71d0acee986e48fbdcc5879846f5c3689
62ff57476716465e15cf67ba66392e3c57d70aece0a5dd849f0a70a5327590c8
6b63f93f45b836123619e22860a43538ac0cd157f7afd2f58134e28e5e18fa04
6c704fd62aac550792ac96b7352b6cbb212a8bb42ca1eaa6a6400428e5e79d61
6d57f608a733bc3af253e3b75bda92c747c351b01cbcbb4ee3ce18f4a04df155
6f0894af3ffa15f5a3f58a4126b29f9c46661c0d93e1ff5f1a2cffc416b43a27
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
7178cc3e76decbf8b2438933443acdc43a1239bcf726fc8da1fd12570f61be96
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
782e94834eac92382e269b11dbee1cec9f911fe671c7c687aa21aebdb61706b5
7c5775430a3bf26e088aee6474fc3df297debf4aa014a46c56258428c23e17b3
7f98d2cb8597ed64c305f25c70c6b35ccd0ef6b0a5b904caf04cd31bef742f1b
87862bda3691512df7e3198d6b3430f4d3d231f032e704bfc729f7e2012ca014
918a6605a30759293b94242a84a0da24dcaae3576c30d4fedbd0c854da459b8e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
998a575c7b376128a98e6d67e29c42e1726aac3489cf2c0b2aaebf6f6ad0b546
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9ee45f81a8c5917bb6e453cf6aa4fef329ef375b784b6b9e8e91111f378e3646
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abe5d6e842fae19d350de0be96a0490851e4cbc0984d7dea7b8f6edcb7135414
ae444a65fcd024ad0b5fbbc30020a04df273e784f48d6086f2b5a328cbdf1520
af5459702687bcef4d8491c8707ab12115aba5ef4062eb32b0a4907c63c7d52a
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b40ab30e2cf23e1b4f462e32e084566e4d7f7a6eba9a85d641e645dc01980d7a
ba650dd9978df52aa46d7116cac01b535f02702c3e944b42a6386389ff0f980a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c32feb0b2794d622e7fcd8fe31922ec811d1aff3265d1b438f4d8ce093549750
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6b78f4fcdbb784b73ca87a2ebc2b5a0b609eaacfe577b66297c70c818d41b7f
ca0af6b4ab8d2b645c51e8b2a3e8d3dce3a43f287d9edec5f01277e46526c757
cc6995c745b27b376df0e73b8ea24c28cb83048ab37a8a6e460f7f5f656ec184
d1eb307e17b5a7621460ad28f09f1f08545f135e3e8661f69a53191181d7e725
d398d44ee07aa24f2903c61cf3510d7245896e7e0098bdc380f5562c8e51b04b
d49ff0336aaa35bb4a1194b9461cc84ff15609d948892d3e5afc887ed18d04ad
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df739fc671fb672ec8056d59aad345e15fb32b1f6417db2ec30de96d4af5065d
e20b56cf14bb2eca10f752e71b8acb555eba3d4d8028c608345207ff992a6cef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94e7f9dc17a393590c8cad01a7380d50e669cc767ae8c132b45a6c61cf9aee7
e9bf7e72a7a3b048057d71b218cc35b4091e3da118479b9a6f239c23533b2e8f
eb4cf654ef3f5cb2d6a5665deaa36a48ba3b2f26638d8e425bf7b55eebfd0e3e
eb66a3807316801bcea37697d7af86a86345dfe48f335e7f804f73df1a85fc5e
ee6c73e7b6411ca53da807d5e87281ef11c32f665cd16e5b4faddb39e5aca5e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15bc2be7ac626911e452637c18c0c958ba37ecff3e1d9f7f3d8a1468621e3d6
f27a98f4565c914ccda5a42cf1960798de70a0386a3e8f423897a1afac3abe17
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd9b21475370627e77a6988f76c0bf93a005f9e66c4f2e9fd62e5c2de5976dc9
fff9001fa9a705871580a83e3c2916c7d136360c55bf0b5ac88d6e055085678d

www.heraldextra.com Open in urlscan Pro 54.230.228.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

105 Requests

100 %HTTPS

50 %IPv6

19 Domains

27 Subdomains

26 IPs

3 Countries

2834 kBTransfer

6217 kBSize

6 Cookies

9 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heraldextra.com Open in urlscan Pro
54.230.228.29 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

100 %
HTTPS

50 %
IPv6

19
Domains

27
Subdomains

26
IPs

3
Countries

2834 kB
Transfer

6217 kB
Size

6
Cookies

105 HTTP transactions
0 data transactions