www.heraldweekly.com Open in urlscan Pro
2600:9000:275d:8200:2:900c:c500:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Submission: On May 16 via api (May 16th 2024, 1:32:32 am UTC) from LU — Scanned from DE

Summary HTTP 53 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 53 HTTP transactions. The main IP is 2600:9000:275d:8200:2:900c:c500:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.heraldweekly.com. The Cisco Umbrella rank of the primary domain is 777600.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 24th 2023. Valid for: a year.

This is the only time www.heraldweekly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	2600:9000:275... 2600:9000:275d:8200:2:900c:c500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:2240:4e00:2:3f6e:e9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700:440... 2606:4700:4400::ac40:936c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.208.216.174 35.208.216.174	15169 (GOOGLE) (GOOGLE)
1 3	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:236... 2600:9000:236e:5400:11:1ed0:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:2f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:1f18:c3a... 2600:1f18:c3a:ef50:401:8f22:e439:5ef7	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.31.65 18.245.31.65	16509 (AMAZON-02) (AMAZON-02)
1	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:35ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.250.10.111 34.250.10.111	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
53	17

22 2600:9000:275d:8200:2:900c:c500:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.heraldweekly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bundle.heraldweekly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:4e00:2:3f6e:e9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

user.cortexmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:4400::ac40:936c (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.216.174 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 174.216.208.35.bc.googleusercontent.com

rt.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.6.136 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:5400:11:1ed0:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3div1mtym39ic.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:2f5 (United States)

ASN13335 (CLOUDFLARENET, US)

api-stagingtwo.cgstatic.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:c3a:ef50:401:8f22:e439:5ef7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

cmgl.heraldweekly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-65.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.10.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-10-111.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	heraldweekly.com www.heraldweekly.com — Cisco Umbrella Rank: 777600 bundle.heraldweekly.com cmgl.heraldweekly.com	544 KB
12	cookiepro.com cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 8083	283 KB
4	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 308 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 630	7 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1612 a.ad.gt — Cisco Umbrella Rank: 2168	5 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1095 bcp.crwdcntrl.net — Cisco Umbrella Rank: 983	12 KB
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 968	27 KB
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2071	10 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1126	17 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 533	306 B
1	cgstatic.info api-stagingtwo.cgstatic.info	965 B
1	cloudfront.net d3div1mtym39ic.cloudfront.net	67 KB
1	ad-score.com rt.ad-score.com — Cisco Umbrella Rank: 29976	608 B
1	cortexmg.com user.cortexmg.com — Cisco Umbrella Rank: 68620	458 B
53	13

	Domain	Requested by
21	www.heraldweekly.com	www.heraldweekly.com
12	cookie-cdn.cookiepro.com	www.heraldweekly.com cookie-cdn.cookiepro.com
3	cmgl.heraldweekly.com	bundle.heraldweekly.com
3	c.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	id.hadron.ad.gt	cdn.hadronid.net
1	a.ad.gt	cdn.hadronid.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.id5-sync.com	www.heraldweekly.com
1	cdn.hadronid.net	www.heraldweekly.com
1	tags.crwdcntrl.net	www.heraldweekly.com
1	secure.cdn.fastclick.net	www.heraldweekly.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	geolocation.onetrust.com	cookie-cdn.cookiepro.com
1	api-stagingtwo.cgstatic.info	www.heraldweekly.com
1	d3div1mtym39ic.cloudfront.net	www.heraldweekly.com
1	bundle.heraldweekly.com	www.heraldweekly.com
1	rt.ad-score.com	www.heraldweekly.com
1	user.cortexmg.com	www.heraldweekly.com
53	18

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.lifestyle-a2z.com
www.domesticatedcompanion.com
www.daily-stuff.com
www.daily-choices.com
cookiepedia.co.uk
www.cookiepro.com

Subject Issuer	Validity	Valid
*.heraldweekly.com Amazon RSA 2048 M03	`2023-10-24` - `2024-11-19`	a year	crt.sh
*.cortexmg.com Amazon RSA 2048 M02	`2024-05-01` - `2025-05-29`	a year	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2024-02-18` - `2024-12-31`	10 months	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
cgstatic.info E1	`2024-05-15` - `2024-08-13`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
hadronid.net GTS CA 1P5	`2024-03-31` - `2024-06-29`	3 months	crt.sh
id5-sync.com E1	`2024-04-06` - `2024-07-05`	3 months	crt.sh
id.hadron.ad.gt E1	`2024-03-27` - `2024-06-25`	3 months	crt.sh
a.ad.gt E1	`2024-04-11` - `2024-07-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Frame ID: 2AB7E05618469D2C97B56897065510FF
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Celine Dion Lost An Undisclosed Amount of Weight - Celebs and Their Awesome Transformations

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

98 %
HTTPS

63 %
IPv6

13
Domains

18
Subdomains

17
IPs

3
Countries

973 kB
Transfer

2954 kB
Size

10
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/FollowHeraldweekly/

Search URL Search Domain Scan URL

URL: https://www.lifestyle-a2z.com/celebs-and-their-awesome-transformations/
Title: lifestyle-a2z.com

Search URL Search Domain Scan URL

URL: https://www.domesticatedcompanion.com/

Search URL Search Domain Scan URL

URL: https://www.daily-stuff.com/

Search URL Search Domain Scan URL

URL: https://www.daily-choices.com/

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.cookiepro.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

53 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 2 Show response
www.heraldweekly.com/celebs-and-their-awesome-transformations/ 168 KB
48 KB 237ms
190ms Document
text/html 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.25.3 /

Resource Hash

e8e86d0a632a480bc0664477ce022a897b6073f9fbb632585cc32cb16ff071ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

cache-control: max-age=172800, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 16 May 2024 01:32:27 GMT
link: <https://www.heraldweekly.com/wp-json/>; rel="https://api.w.org/" <https://www.heraldweekly.com/?p=139303>; rel=shortlink
p3p: policyref="/w3c/p3p.xml", CP="ADMa,OUR,STA,COM,NAV"
server: nginx/1.25.3
vary: Accept-Encoding
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
x-amz-cf-id: b5TqZrM5fmnQNu2fAoDP8abPbUialXo62Z52Daiq7MCINtkXZ9sz8A==
x-amz-cf-pop: FRA56-P11
x-backend-server: www.heraldweekly.com
x-bypass-reason: Unknown
x-cache: Miss from cloudfront
x-frame-options: SAMEORIGIN
x-proxycache-key: P=x-v;A=;H=www.heraldweekly.com;U=/celebs-and-their-awesome-transformations/2;M=GET;D=d--;G=DE|;
x-proxycache-status: MISS
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 style.css
www.heraldweekly.com/wp-content/themes/cortado/child/heraldweekly.com/ 134 KB
18 KB 9ms
8ms Stylesheet
text/css 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldweekly.com/wp-content/themes/cortado/child/heraldweekly.com/style.css?abid=v1@www&v=7645f5eccd7538c636348c045469bd7a
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.25.3 /
Resource Hash: de8de4dbf1d9ce2c3187501cd37c3a78f77abd44f8206eab3e60590820ac5649

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Sun, 12 May 2024 09:15:46 GMT
content-encoding: gzip
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2024 08:08:18 GMT
server: nginx/1.25.3
x-amz-cf-pop: FRA56-P11
age: 317801
etag: W/"6603d3f2-2190c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=172800, private
x-backend-server: www.heraldweekly.com
x-amz-cf-id: IMyhKk9KR11FRtYPG6SVHlXxmS4_l3qNauGA-UXUSIyquY9wayD1YA==

GET
H2 200 icomoon.woff2
www.heraldweekly.com/wp-content/themes/cortado/fonts/ 2 KB
3 KB 12ms
11ms Font
application/octet-stream 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldweekly.com/wp-content/themes/cortado/fonts/icomoon.woff2?abid=v1@www&v=359ec393f40074c58cf3871647be0399
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.25.3 /
Resource Hash: e3c26c91b451af9063bf5a68a3167595ef2c18e472468f7d5a2a5c3fa9ed69be

Request headers

Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Origin: https://www.heraldweekly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Sun, 12 May 2024 09:15:46 GMT
content-encoding: gzip
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 317801
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ADMa,OUR,STA,COM,NAV"
x-backend-server: www.heraldweekly.com
x-bypass-reason: Unknown
x-proxycache-key: P=x--;A=;H=www.heraldweekly.com;U=/wp-content/themes/cortado/fonts/icomoon.woff2;M=GET;D=---;G=|v=359ec393f40074c58cf3871647be0399;
x-proxycache-status: MISS
last-modified: Wed, 27 Mar 2024 08:08:18 GMT
server: nginx/1.25.3
etag: W/"6603d3f2-94c"
vary: Accept-Encoding
content-type: text/plain
cache-control: max-age=172800, private
x-amz-cf-id: ku2ORqqvojbn4rqcOWdJ_DsBeqUgWp8pOle6-VsPYeRJaovVxlvVOw==

GET
H2 200 header.min.js Show response
www.heraldweekly.com/wp-content/themes/cortado/js/ 11 KB
4 KB 13ms
12ms Script
application/javascript 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldweekly.com/wp-content/themes/cortado/js/header.min.js?abid=v1@www&v=7dc46dc57c3b0ba72bee43a124a5f73b
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.25.3 /
Resource Hash: ad6c101ff73464e2477aaaf218fbd1990ae2fae33fce6ba1cacdc0714239817f

Request headers

Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Origin: https://www.heraldweekly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Sun, 12 May 2024 09:15:46 GMT
content-encoding: br
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2024 08:08:18 GMT
server: nginx/1.25.3
x-amz-cf-pop: FRA56-P11
age: 317801
etag: W/"6603d3f2-2c57"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=172800, private
x-backend-server: www.heraldweekly.com
x-amz-cf-id: H61w5PT1LaLiBRshzTRA5YrTTCOEGC-MThpHb7FBzNS6Hmk7gF2ZyA==

GET
H2 200 footer.min.js Show response
www.heraldweekly.com/wp-content/themes/cortado/js/ 85 KB
19 KB 14ms
13ms Script
application/javascript 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldweekly.com/wp-content/themes/cortado/js/footer.min.js?abid=v1@www&v=7bce4809d4d7f03c2e1eaacdc46b273d
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.25.3 /
Resource Hash: 24934774200c98f32ee7a12d7c7a2cafd23f5f6151e280815318a11eecc35265

Request headers

Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Origin: https://www.heraldweekly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Sun, 12 May 2024 09:15:47 GMT
content-encoding: br
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2024 08:08:18 GMT
server: nginx/1.25.3
x-amz-cf-pop: FRA56-P11
age: 317800
etag: W/"6603d3f2-155a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=172800, private
x-backend-server: www.heraldweekly.com
x-amz-cf-id: 1ABAihYK-yovLWzC-ddCNW9SJm6NQKv_TopkOS2kNiFM8_m0kHQ8Tg==

GET
H2 200 jquery.js Show response
www.heraldweekly.com/wp-content/themes/cortado/js/ 86 KB
30 KB 9ms
8ms Script
application/javascript 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldweekly.com/wp-content/themes/cortado/js/jquery.js?abid=v1@www&v=7be0da72eb78d85711e2bdf958c1e8c0
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.25.3 /
Resource Hash: b2ab7bf1d5cfb6a51556c68ddccd82dc79c89db06826245ede28a4222d94f77d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Sun, 12 May 2024 09:15:46 GMT
content-encoding: br
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2024 08:08:18 GMT
server: nginx/1.25.3
x-amz-cf-pop: FRA56-P11
age: 317801
etag: W/"6603d3f2-1585c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=172800, private
x-backend-server: www.heraldweekly.com
x-amz-cf-id: wMv92lZhsTLrNC1lRjksAW1tsOM25L9a3kLsALZZiGTf4scar8IDvg==

GET
H2 200 info.js Show response
user.cortexmg.com/ 183 B
458 B 59ms
8ms Script
text/javascript 2600:9000:2240:4e00:2:3f6e:e9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://user.cortexmg.com/info.js?mode=5
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4e00:2:3f6e:e9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ace2d4983b59e75e59769e8b1a19ae3bc8e1353309ce02db7d148c831ff9d54b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 05:34:52 GMT
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1
age: 16401455
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
content-length: 183
x-amz-cf-id: nEPni1Iuy3YmH3pVLY2MXqZEQOmty8dcNtt7Y-eLihfSRe7_yhAILA==

GET
H2 200 style.css
www.heraldweekly.com/wp-content/themes/cortado/ 66 B
431 B 10ms
9ms Stylesheet
text/css 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldweekly.com/wp-content/themes/cortado/style.css?ver=2.6.1
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.25.3 /
Resource Hash: 2e6a950ac4f738dc0282dbb7fcc2f4d30e02e2f158273a966cf18da9673b7ff7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Sun, 12 May 2024 09:15:45 GMT
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2024 08:08:18 GMT
server: nginx/1.25.3
x-amz-cf-pop: FRA56-P11
age: 317802
etag: "6603d3f2-42"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=172800, private
accept-ranges: bytes
x-backend-server: www.heraldweekly.com
content-length: 66
x-amz-cf-id: -Nzc2Am4F9fEqw5GqjWBSnyX3jJJUYEDzFJ9mvOrVZWfovBMWXyKIg==

GET
H2 200 styles.css
www.heraldweekly.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 11ms
10ms Stylesheet
text/css 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldweekly.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.5
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.25.3 /
Resource Hash: a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Sun, 12 May 2024 09:15:46 GMT
content-encoding: gzip
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
last-modified: Tue, 22 Aug 2023 14:55:57 GMT
server: nginx/1.25.3
x-amz-cf-pop: FRA56-P11
age: 317800
etag: W/"64e4cc7d-6cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=172800, private
x-backend-server: www.heraldweekly.com
x-amz-cf-id: JfYI_CfjEOVBiROV2CSg0ZS6BGGaAey7x0nB8ZB1RRZ8a231pyi3Dw==

GET
H2 200 main Show response
www.heraldweekly.com/wp-json/cmg-replay/ 1 KB
1 KB 14ms
14ms Script
text/javascript 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldweekly.com/wp-json/cmg-replay/main?mode=front;220182d437e4612391e10448ebda5973

Requested by

Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.25.3 /

Resource Hash

e4414dd59ff7a194c921fd75f060c53f3e2eba6d5a111519bb8589c51ff66dc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Sun, 12 May 2024 09:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 317390
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ADMa,OUR,STA,COM,NAV"
x-backend-server: www.heraldweekly.com
x-proxycache-key: P=x-v;A=;H=www.heraldweekly.com;U=/wp-json/cmg-replay/main;M=GET;D=d--;G=DE|mode=front;220182d437e4612391e10448ebda5973;
x-bypass-reason: Unknown
x-proxycache-status: MISS
server: nginx/1.25.3
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
cache-control: max-age=172800, private
x-robots-tag: noindex
link: <https://www.heraldweekly.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, Content-Type
x-amz-cf-id: oX0BiF-ZlR4IGw9LTvlaexEJ1p7sqLFVkaa4eo3w3MYzDV9M19Sa2g==

GET
H2 200 sfn_1670412653-Celine-Dion-Celebs-and-Their-Awesome-Transformations.jpg.pro-cmg.jpg
www.heraldweekly.com/wp-content/uploads/cmg_images/139303/rid_c95164f9b96f172d03eedb6d4474466d/ 75 KB
76 KB 15ms
15ms Image
image/webp 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/cmg_images/139303/rid_c95164f9b96f172d03eedb6d4474466d/sfn_1670412653-Celine-Dion-Celebs-and-Their-Awesome-Transformations.jpg.pro-cmg.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e5c20a78adb09d24019bec7ff5c441b9f0a55123aacb2981006237ae7ea8da2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Wed, 15 May 2024 07:36:43 GMT
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 07:50:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 64545
etag: "cf79012f01fffa8ff5c0cc7364da4b30"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 76942
x-amz-cf-id: FWv6ay6W0XqdjBlh6_nrcPLr3U53VGfKWjVoUpFFHzga3baxJ3jffw==

GET
H2 200 sfn_1670412653-BeFunky-collage-Kelly-Rowland-Celebs-and-Their-Awesome-Transformations-scaled.jpg.pro-cmg.jpg
www.heraldweekly.com/wp-content/uploads/cmg_images/139303/rid_74aeb9b9f1bbb89b0a2a204c25711a36/ 76 KB
77 KB 17ms
17ms Image
image/webp 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/cmg_images/139303/rid_74aeb9b9f1bbb89b0a2a204c25711a36/sfn_1670412653-BeFunky-collage-Kelly-Rowland-Celebs-and-Their-Awesome-Transformations-scaled.jpg.pro-cmg.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6531e8bcbcc5d2a2acda7a1c7c344fd53df4e965c17429193f9689e5413e7dcd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Wed, 15 May 2024 07:36:43 GMT
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 07:51:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 64545
etag: "6dfa031a98fe167df3c2d6d37ead4e52"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 77914
x-amz-cf-id: 1A6QSCp3k-NZ6ToW5M49aE7-ucEcBqTIayTKPsDpacPnJXg4ym2Z7w==

GET
H2 200 sfn_1670412653-BeFunky-collage-Melissa-Joan-Hart-Celebs-and-Their-Awesome-Transformations-scaled.jpg.pro-cmg.jpg
www.heraldweekly.com/wp-content/uploads/cmg_images/139303/rid_ac6e52f6ef0e943520e546ba11e7111e/ 79 KB
79 KB 9ms
8ms Image
image/webp 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/cmg_images/139303/rid_ac6e52f6ef0e943520e546ba11e7111e/sfn_1670412653-BeFunky-collage-Melissa-Joan-Hart-Celebs-and-Their-Awesome-Transformations-scaled.jpg.pro-cmg.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 784bf12a8eba0f1cca6500e25bdcc6b0bbc13a0c07fec8113822f56b36cd8fc0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Wed, 15 May 2024 07:36:43 GMT
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 07:51:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 64545
etag: "925306b2bb8d480b4f6246b244fbebc5"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 80500
x-amz-cf-id: e1hTMPY9bc4xDlRHj9r8d7LQLdtKAePLAhrjoVgCKPYa3GjCd9zwBQ==

GET
H2 200 sfn_1670412653-Beth-Chapman-Celebs-and-Their-Awesome-Transformations-Lost-30-Pounds-1.jpg.pro-cmg.jpg
www.heraldweekly.com/wp-content/uploads/cmg_images/139303/rid_f0f88c04f37cfef78855882cfc1e2c0f/ 59 KB
60 KB 14ms
13ms Image
image/webp 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/cmg_images/139303/rid_f0f88c04f37cfef78855882cfc1e2c0f/sfn_1670412653-Beth-Chapman-Celebs-and-Their-Awesome-Transformations-Lost-30-Pounds-1.jpg.pro-cmg.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ad0b9c797b1c2281a5bf52a6950b2f519449903f608391f1ba0e01c7d224938

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Wed, 15 May 2024 07:36:43 GMT
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 07:51:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 64545
etag: "8fec69d5938b2350c7cc48ba434caf67"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 60556
x-amz-cf-id: HbkwP5xQldgEoVB7lfi5M4mRZgLKRiOVzR1jQh-NlW70kYU2PppdgA==

GET
H2 200 sfn_1670412653-BeFunky-collage-Queen-Latifah-Celebs-and-Their-Awesome-Transformations-scaled.jpg.pro-cmg.jpg
www.heraldweekly.com/wp-content/uploads/cmg_images/139303/rid_6c60e534c9cf025b50dc68a2ea36ad69/ 54 KB
54 KB 16ms
14ms Image
image/webp 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/cmg_images/139303/rid_6c60e534c9cf025b50dc68a2ea36ad69/sfn_1670412653-BeFunky-collage-Queen-Latifah-Celebs-and-Their-Awesome-Transformations-scaled.jpg.pro-cmg.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cfb6675f2c94f1c979daa4c42467c44555018423b516ae7dbd013fdf18020e8b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Wed, 15 May 2024 16:54:54 GMT
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 07:51:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 37953
x-amz-server-side-encryption: AES256
etag: "c14e564cc46377c633f3185a8a225752"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 55244
x-amz-cf-id: MykujdDn6XNms8NkkSR5VqOFE_B21W_tz3lQI5Skpwf1adMIcj2lFA==

GET
H2 200 logo-h60-w300.png
www.heraldweekly.com/wp-content/uploads/2019/06/ 4 KB
4 KB 10ms
9ms Image
image/webp 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/06/logo-h60-w300.png
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7d37117c0d1def0732213cb1209a9d5120eaaa7f39ef1b60dad325b15db70d7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Wed, 15 May 2024 09:15:50 GMT
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 07:50:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 59204
x-amz-server-side-encryption: AES256
etag: "b2484f6c89cbd9cfac55e627fe01e6a8"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 3996
x-amz-cf-id: YtXnrPa8XdjAhAritDmzHOibElIAQ4mDqZF2s9fEt8JUak50AxbVcA==

GET
H2 200 logo-dc-small.png
www.heraldweekly.com/wp-content/uploads/2019/01/ 2 KB
3 KB 11ms
10ms Image
image/webp 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/01/logo-dc-small.png
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7b0be6d18e238dc3e35530df2042ffd46acce39d3336efe2b318b9a02e6111e5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Wed, 15 May 2024 09:15:50 GMT
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 07:50:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 63291
x-amz-server-side-encryption: AES256
etag: "156436f91983154001fbd724a3591ae1"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 2246
x-amz-cf-id: gNvdm9Z9sG8xdHnEexuhWnHLeVygs5tmtuL0NTtk75MZUF-KD-Ym2Q==

GET
H2 200 ds-logo-300x60-1.png
www.heraldweekly.com/wp-content/uploads/2020/11/ 3 KB
3 KB 12ms
11ms Image
image/webp 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2020/11/ds-logo-300x60-1.png
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0cf3ca5886b5dcfceb139f557b4b539b41528acce60f974a36a56f584e86f6c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Wed, 15 May 2024 09:15:50 GMT
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 07:50:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 59232
x-amz-server-side-encryption: AES256
etag: "a89765928658f20e367db1179469988c"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 2976
x-amz-cf-id: b1qbudEpvQPKmG0aytH5f4-0bQLdRIdFXtR96wQzYmbKuRixrb61Qg==

GET
H2 200 logo.png
www.heraldweekly.com/wp-content/uploads/2019/01/ 4 KB
4 KB 13ms
12ms Image
image/webp 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/01/logo.png
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05fb4ada94f6bb3475806bd6a7ea4645a3d6175ec872adc723176120caf755f9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Wed, 15 May 2024 07:58:10 GMT
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 07:50:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 63258
x-amz-server-side-encryption: AES256
etag: "c50fe9ecc5733067d53a46568c4c12b4"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 3990
x-amz-cf-id: BcpJKmcTUe6wby5bEEuLS8wsV-EirIc971j7oD3NPNBJiAe4hJdxdA==

GET
H2 200 webpage_view
www.heraldweekly.com/nunchaku/kusari/ 0
667 B 210ms
210ms Stylesheet
text/css 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldweekly.com/nunchaku/kusari/webpage_view?v=p@heraldweekly.com@82@2024-05-12_09-15-37@743@www.heraldweekly.com&type=css
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 May 2024 01:32:27 GMT
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
server: nginx/1.24.0
x-amz-cf-pop: FRA56-P11
etag: 1715823147.776092
access-control-allow-methods: HEAD, GET, POST, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: gcLtQk9hM2LtnH3aZitumKA5kL0HRcHK3-Tfoiy5EUxRShGBzb1KFg==
expires: 0

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 21 KB
7 KB 61ms
20ms Script
application/javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 May 2024 01:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: Dw6K+rTuf8kOuPIEBw1QQA==
age: 22222
x-ms-lease-status: unlocked
last-modified: Thu, 09 May 2024 00:28:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a5e57c83-501e-0063-3bae-a1b647000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 88479d30da4830c4-FRA
expires: Fri, 17 May 2024 01:32:27 GMT

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/v2/score/ 53 B
608 B 470ms
119ms XHR
text/plain 35.208.216.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/v2/score/cors?s=1&callback=PMRT&v=7e01bc9&cb=0.6842948645844857&pid=1000305&tid=www.heraldweekly.com&l1=undef&l2=undef&l3=www.heraldweekly.com&l4=undef&l5=rt&uid=pmu-QuRKLqUHOPOQMaKQ07tdC165Cn0N&tt=lowcontent
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: 8a5eb0a23bb6e5a6b664cdcfcab1964cce731413a2ee52d4782e4c6b2f8b79f3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 May 2024 01:32:28 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://www.heraldweekly.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 53

GET
H2 200 app.webpack.js Show response
bundle.heraldweekly.com/bundle/v10_20/ 173 KB
54 KB 24ms
7ms Script
application/javascript 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bundle.heraldweekly.com/bundle/v10_20/app.webpack.js?v=p@heraldweekly.com@82@2024-05-12_09-15-37@743@www.heraldweekly.com
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bc55d1c9293ff6d31191015985586464a46d97732b7013bc1e082abc4c7afcc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Sun, 12 May 2024 09:15:47 GMT
x-amz-version-id: cH7nXVQsFkSJ4fWlRpm9.UG7YnczBu.M
content-encoding: gzip
last-modified: Wed, 24 Apr 2024 13:33:26 GMT
server: AmazonS3
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
etag: W/"eac2d22c5ee58b4e28027c2f70d82fde"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=172800, private
age: 317801
x-amz-cf-id: Wgy15okikLaPQE47RGYR4Vbwu7dMgaIfMrx0h3ZqfkFjZxUyoTtPyw==

GET
H2 200 icomoon.woff2
www.heraldweekly.com/wp-content/themes/cortado/fonts/ 2 KB
3 KB 8ms
8ms Font
application/octet-stream 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldweekly.com/wp-content/themes/cortado/fonts/icomoon.woff2?v=minified
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/wp-content/themes/cortado/child/heraldweekly.com/style.css?abid=v1@www&v=7645f5eccd7538c636348c045469bd7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.25.3 /
Resource Hash: e3c26c91b451af9063bf5a68a3167595ef2c18e472468f7d5a2a5c3fa9ed69be

Request headers

Referer: https://www.heraldweekly.com/wp-content/themes/cortado/child/heraldweekly.com/style.css?abid=v1@www&v=7645f5eccd7538c636348c045469bd7a
Origin: https://www.heraldweekly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Sun, 12 May 2024 09:15:46 GMT
content-encoding: gzip
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 317801
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ADMa,OUR,STA,COM,NAV"
x-backend-server: www.heraldweekly.com
x-bypass-reason: Unknown
x-proxycache-key: P=x--;A=;H=www.heraldweekly.com;U=/wp-content/themes/cortado/fonts/icomoon.woff2;M=GET;D=---;G=|v=minified;
x-proxycache-status: MISS
last-modified: Wed, 27 Mar 2024 08:08:18 GMT
server: nginx/1.25.3
etag: W/"6603d3f2-94c"
vary: Accept-Encoding
content-type: text/plain
cache-control: max-age=172800, private
x-amz-cf-id: 4-8hjnBgkZBgTXqV0cUHY_Htji27WfL09OMh72D6MXzhY8ThB9uNtA==

GET
H2

200

apstag.js Show response
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain

https://c.amazon-adsystem.com/aax2/apstag.js
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

303 KB
67 KB

48ms
10ms

Script
application/javascript

2600:9000:236e:5400:11:1ed0:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Server: 2600:9000:236e:5400:11:1ed0:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5339b2c0e2da97d564233498a2ee75b6fd895f8408d4bd90d1319d002a3f46d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Thu, 16 May 2024 01:32:20 GMT
content-encoding: br
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
last-modified: Tue, 07 May 2024 20:29:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 8
x-amz-server-side-encryption: AES256
etag: W/"299fe111f64c76143769e50e3f9edd6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 8et3rAzNoy_te8g7784J2TNUtONbJA_ZVJ2PbnP0U-tLtUuUH5ANbQ==

Redirect headers

date: Wed, 15 May 2024 21:43:22 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 13745
x-cache: Hit from cloudfront
content-type: text/html
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length: 167
x-amz-cf-id: yvdb6kh1aXUlLwjCluvfPIFyJb_6gDEhJWbVunc1KKxgvAPW479u3Q==

GET
H2 200 webpage_crossdomain
api-stagingtwo.cgstatic.info/nunchaku/kusari/ 68 B
965 B 232ms
199ms Image
image/png 2606:4700:20::681a:2f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-stagingtwo.cgstatic.info/nunchaku/kusari/webpage_crossdomain?brUID=a31adb62-9893-0a87-3747-4dabdaef7f91&sid=5322282634147
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Thu, 16 May 2024 01:32:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename=pixel1x1.png
alt-svc: h3=":443"; ma=86400
content-length: 68
pragma: no-cache
last-modified: Sun, 12 May 2024 12:33:30 GMT
server: cloudflare
etag: 1715823147.8539622
access-control-allow-methods: HEAD, GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S20fHmlReyC9nep7xDH50s3KP1W0b6GHIgTUyE0RynnrUVmPK9u6YKkn0eGVI4VjsccrPlG9NU211yZDLC9uV%2FZAX5DfGE1Oz8kIVK%2F%2FWmjl7DAlRn3%2BC8%2FkRq5RhIebqJQFaIOFpCSX8F0CTGXWmqmBGQdXfLeDculL"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 88479d312ece2bc0-FRA
expires: 0

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6aef90e7d69b5e2f11d1d6ece7603f9fe55d28db0c38c8c66c4e647150b0fdc9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 e2d1040d-5b13-4339-9111-bce7a5da03da.json Show response
cookie-cdn.cookiepro.com/consent/e2d1040d-5b13-4339-9111-bce7a5da03da/ 5 KB
2 KB 45ms
28ms XHR
application/x-javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/e2d1040d-5b13-4339-9111-bce7a5da03da/e2d1040d-5b13-4339-9111-bce7a5da03da.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26ce1c7639b4965355fe11b620d10e2dbcc2f100a5f05a802a78e554bf02dc36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 May 2024 01:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: 8MlUbvjATcmdSMg3q/g2bw==
age: 21701
x-ms-lease-status: unlocked
last-modified: Sun, 28 Jan 2024 11:36:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d563c70e-201e-0034-6b7b-751874000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 88479d311aeb8edb-FRA

POST
H2 200 himo
cmgl.heraldweekly.com/nunchaku/ 0
256 B 438ms
210ms Ping
text/html 2600:1f18:c3a:ef50:401:8f22:e439:5ef7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cmgl.heraldweekly.com/nunchaku/himo?_request_type=webpage_view&__logID=d797a516-3cfc-76f7-53b6-679c50c63134
Requested by: Host: bundle.heraldweekly.com
URL: https://bundle.heraldweekly.com/bundle/v10_20/app.webpack.js?v=p@heraldweekly.com@82@2024-05-12_09-15-37@743@www.heraldweekly.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:c3a:ef50:401:8f22:e439:5ef7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldweekly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 May 2024 01:32:28 GMT
server: nginx/1.24.0
etag: 1715823148.0724328
access-control-allow-methods: HEAD, GET, POST, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: 0

POST
H2 200 himo
cmgl.heraldweekly.com/nunchaku/ 0
257 B 331ms
104ms Ping
text/html 2600:1f18:c3a:ef50:401:8f22:e439:5ef7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cmgl.heraldweekly.com/nunchaku/himo?_request_type=wp_ready&__logID=d06b68e0-13c0-a1cf-8a90-fc5262459402
Requested by: Host: bundle.heraldweekly.com
URL: https://bundle.heraldweekly.com/bundle/v10_20/app.webpack.js?v=p@heraldweekly.com@82@2024-05-12_09-15-37@743@www.heraldweekly.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:c3a:ef50:401:8f22:e439:5ef7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldweekly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 May 2024 01:32:27 GMT
server: nginx/1.24.0
etag: 1715823147.9665453
access-control-allow-methods: HEAD, GET, POST, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: 0

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 45ms
26ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.heraldweekly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Thu, 16 May 2024 01:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 88479d316c45372d-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/202310.2.0/ 426 KB
99 KB 28ms
28ms Script
application/javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202310.2.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

838f4b697deefb701f31eb892e6dde74a92dd7c65d4d56f967bb79c17a66d79e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 May 2024 01:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: 3zwKFeg02sA5dMnkMN3c/A==
age: 22220
x-ms-lease-status: unlocked
last-modified: Thu, 16 Nov 2023 11:36:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e048fcdb-401e-0071-54bc-2fde66000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 88479d319a9830c4-FRA
expires: Fri, 17 May 2024 01:32:27 GMT

GET
H2 200 1326ecb8-453d-4895-a55f-8ba968e408d5 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
829 B 32ms
6ms Script
application/javascript 18.245.31.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/1326ecb8-453d-4895-a55f-8ba968e408d5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-65.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: cea6b2e3afe61e526c5d722de9324ad9a6dde0f6d59d0b241c04da3ae156c505

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Thu, 16 May 2024 00:33:22 GMT
via: 1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
age: 3545
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: qMENhjwRc50iC-pEJCUciPRr2hc-MxH_lzK_MJfgmStVGJVj9R-NPg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 7ms
7ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.heraldweekly.com&pubid=1326ecb8-453d-4895-a55f-8ba968e408d5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: f78bafa10bd58376e2b2f225c024454183dba2b2d9fe62645e21436a89432c0a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Wed, 15 May 2024 21:03:01 GMT
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 16165
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldweekly.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2196
x-amz-cf-id: eIPMpFgjtrgSbLhc7BJ7xBsUZFiZYsML0lNf2gncuYpWOh1v9aYBtw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 23ms
7ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Thu, 16 May 2024 01:25:08 GMT
x-amz-cf-pop: FRA56-P6
age: 601
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 9S4BxkG9HUoNwb5tDkmena91eO9U_0-DndqTSKO4k7vWIzQY6pXejA==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 38ms
8ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Thu, 16 May 2024 01:32:27 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Thu, 16 May 2024 01:47:27 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 45ms
7ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Wed, 15 May 2024 18:10:07 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 17:39:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 26541
x-amz-server-side-encryption: AES256
etag: W/"0f107a0e7753aa69cd07ded21852408c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 2K5pmR0tandYGyeO7q5ocgjVOjSnBtqCn5MGGFqigKjAUF6ZRMUeCg==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 53ms
21ms Script
application/javascript 2606:4700:10::6816:35ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.heraldweekly.com%2Fcelebs-and-their-awesome-transformations%2F2%3Fxcmg%3D1&ref=&_it=amazon&partner_id=614
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ddd96839c08e8cbdd3b1f56569b6d4770021731534b98dd17dec8526bb0d151

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Thu, 16 May 2024 01:32:27 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 07 Mar 2024 15:57:22 GMT
server: cloudflare
x-amz-request-id: GPA71GZPJYF3GMCR
age: 1426
etag: W/"4f8d7eccb8b77bff110a91871ebadcc0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=432000
cf-ray: 88479d31fc199f16-FRA
x-amz-id-2: wVIO1wrs31x1jKRIz3dKPn3IKJaxmFZdB4TaOgRyJwNYeBol3+8I/Y1HD2dEOHBU8sCH74De62g=
expires: Tue, 26 Mar 2024 00:23:56 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 93 KB
27 KB 46ms
18ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d830a998066b3e15644d716280d1e6bdcef4dcb2c463da234743b7acb8416ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Thu, 16 May 2024 01:32:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 08 May 2024 12:31:06 GMT
server: cloudflare
x-amz-request-id: Y1WNHRZJC8ZPNPNK
age: 687
etag: W/"975872beea6fa436507d8a74321584b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 88479d31ed129b5b-FRA
x-amz-id-2: xGCyjisIGNuxa24ZBbubhAFnoNtEUl4RYLrxS1L4jjDpUUxl1x2o9idNnewui62TvtYoxzdHhzI=

GET
H2 200 en.json Show response
cookie-cdn.cookiepro.com/consent/e2d1040d-5b13-4339-9111-bce7a5da03da/de45b34a-3d5f-4461-b106-b315a5e39cc4/ 172 KB
32 KB 27ms
26ms Fetch
application/x-javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/e2d1040d-5b13-4339-9111-bce7a5da03da/de45b34a-3d5f-4461-b106-b315a5e39cc4/en.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e0a8f8a22e2359d26e9aefd148a5d8b8235a926bd72632b36c56f789dbfa1f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 May 2024 01:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: GErN9PihH04Bwq+E4rhdcw==
age: 31132
x-ms-lease-status: unlocked
last-modified: Sun, 28 Jan 2024 11:37:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 536aaeed-201e-0046-1670-711f3b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 88479d31db438edb-FRA

GET
H2 200 iab2V2Data.json Show response
cookie-cdn.cookiepro.com/vendorlist/ 571 KB
74 KB 31ms
31ms Fetch
application/x-javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/vendorlist/iab2V2Data.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987c4f96c3464eb5d2666ee8634df311145d7e5028560c7f28b6a7c0da6094a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 May 2024 01:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: nVLwPMjkSjGZ3b0OJfP2ew==
age: 35286
x-ms-lease-status: unlocked
last-modified: Tue, 14 May 2024 13:00:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 388db295-a01e-0005-151c-a6f967000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 88479d31eb448edb-FRA
expires: Fri, 17 May 2024 01:32:27 GMT

GET
H2 200 otTCF.js Show response
cookie-cdn.cookiepro.com/scripttemplates/202310.2.0/ 39 KB
12 KB 20ms
19ms Script
application/javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202310.2.0/otTCF.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b225b553da329022367ef9806c9820cbb60051aede8489749a879cfc3bed0677

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 May 2024 01:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: hm3OoSxk2AlRMovgolMY2Q==
age: 22219
x-ms-lease-status: unlocked
last-modified: Thu, 16 Nov 2023 11:36:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e29059d2-701e-006a-32bc-2fe065000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 88479d31dab530c4-FRA
expires: Fri, 17 May 2024 01:32:27 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
339 B 98ms
30ms XHR
application/json 34.250.10.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.10.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-10-111.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 933529218bbda269d977960ac90393a2b876667efc295dd939af6ecf0e942de2

Request headers

Referer: https://www.heraldweekly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 May 2024 01:32:27 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.heraldweekly.com
cache-control: no-cache
x-server: 10.45.13.116
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 101 B
291 B 103ms
103ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=614&sync=0&domain=www.heraldweekly.com&url=https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.heraldweekly.com%2Fcelebs-and-their-awesome-transformations%2F2%3Fxcmg%3D1&ref=&_it=amazon&partner_id=614
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b028208aba379efe84c19275809b9c2c7d4c53845af608b013985b176ebfbb

Request headers

Referer: https://www.heraldweekly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 May 2024 01:32:28 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 88479d331ff49a12-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ 0
0 152ms
105ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=614&sync=0&domain=www.heraldweekly.com&url=https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.heraldweekly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 88479d327fbe9a12-FRA
content-length: 0
content-type: application/json
date: Thu, 16 May 2024 01:32:28 GMT
debug: OPTIONS block
expires: Fri, 16 May 2025 01:32:27 GMT
server: cloudflare

GET
H2 200 otCenterRounded.json Show response
cookie-cdn.cookiepro.com/scripttemplates/202310.2.0/assets/ 9 KB
3 KB 24ms
23ms Fetch
application/json 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202310.2.0/assets/otCenterRounded.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 May 2024 01:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: oYt+EDUnaeOgBEWKs5v3Eg==
age: 35284
x-ms-lease-status: unlocked
last-modified: Thu, 16 Nov 2023 11:36:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 4c1f4898-201e-000b-355b-75d0d7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 88479d327b8a8edb-FRA
expires: Fri, 17 May 2024 01:32:27 GMT

GET
H2 200 otPcCenter.json Show response
cookie-cdn.cookiepro.com/scripttemplates/202310.2.0/assets/v2/ 62 KB
14 KB 22ms
21ms Fetch
application/json 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202310.2.0/assets/v2/otPcCenter.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 May 2024 01:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: PV7Y7lcwNLcROEFo5k3N7g==
age: 26505
x-ms-lease-status: unlocked
last-modified: Thu, 16 Nov 2023 11:36:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e0490963-401e-0071-6fbd-2fde66000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 88479d327b8c8edb-FRA
expires: Fri, 17 May 2024 01:32:27 GMT

GET
H2 200 otCommonStyles.css Show response
cookie-cdn.cookiepro.com/scripttemplates/202310.2.0/assets/ 21 KB
4 KB 20ms
20ms Fetch
text/css 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202310.2.0/assets/otCommonStyles.css

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 May 2024 01:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 21471
x-ms-lease-status: unlocked
last-modified: Thu, 16 Nov 2023 11:36:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: c0a154d5-d01e-0063-1475-30a5b6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 88479d327b8d8edb-FRA
expires: Fri, 17 May 2024 01:32:27 GMT

GET
H2 200 cropped-favicon-32x32.png
www.heraldweekly.com/wp-content/uploads/2019/06/ 918 B
1 KB 8ms
7ms Other
image/webp 2600:9000:275d:8200:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/06/cropped-favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8200:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 069598748371e0a1a52a4d202d363862f5b7bf0e52e7b99f1961fb54acd1fa3c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Wed, 15 May 2024 09:22:57 GMT
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 07:50:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 59565
x-amz-server-side-encryption: AES256
etag: "f75e3c44011e0b050bbb361872666b61"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 918
x-amz-cf-id: _WjXtXoQRpVAcoS7qDLGeOy2ebEbdxL-aTG6wNq4qw0DOoAsxO-MAg==

POST
H2 200 himo
cmgl.heraldweekly.com/nunchaku/ 0
255 B 187ms
187ms Ping
text/html 2600:1f18:c3a:ef50:401:8f22:e439:5ef7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cmgl.heraldweekly.com/nunchaku/himo?_request_type=dom_loaded&__logID=bb4a6695-ed23-b11c-d509-1fe3ae48f26f
Requested by: Host: bundle.heraldweekly.com
URL: https://bundle.heraldweekly.com/bundle/v10_20/app.webpack.js?v=p@heraldweekly.com@82@2024-05-12_09-15-37@743@www.heraldweekly.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:c3a:ef50:401:8f22:e439:5ef7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldweekly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 May 2024 01:32:28 GMT
server: nginx/1.24.0
etag: 1715823148.074909
access-control-allow-methods: HEAD, GET, POST, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: 0

GET
H2 200 ot_guard_logo.svg Show response
cookie-cdn.cookiepro.com/logos/static/ 497 B
473 B 18ms
18ms Fetch
image/svg+xml 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/logos/static/ot_guard_logo.svg

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 May 2024 01:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 4221
x-ms-lease-status: unlocked
last-modified: Thu, 09 May 2024 00:28:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 84410c77-201e-000b-2b36-a2d0d7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 88479d32ab978edb-FRA
expires: Fri, 17 May 2024 01:32:27 GMT

GET
H2 200 cookiepro_logo.png
cookie-cdn.cookiepro.com/logos/static/ 33 KB
33 KB 21ms
21ms Image
image/png 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookie-cdn.cookiepro.com/logos/static/cookiepro_logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7a4433b13c8343bcdd960799292dbf550667e323682ed710f44b7a81cdbce09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 May 2024 01:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-md5: IipuN9Einq/0wIZw6VIt/g==
age: 11904
cf-polished: origSize=36419
content-length: 33302
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri
last-modified: Thu, 09 May 2024 00:28:12 GMT
server: cloudflare
etag: 0x8DC6FBEE9217D1D
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 24698582-d01e-006d-665b-a29ff7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88479d32bb0b30c4-FRA
expires: Fri, 17 May 2024 01:32:27 GMT

GET
H2 200 poweredBy_cp_logo.svg
cookie-cdn.cookiepro.com/logos/static/ 5 KB
2 KB 19ms
19ms Image
image/svg+xml 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookie-cdn.cookiepro.com/logos/static/poweredBy_cp_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 May 2024 01:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: uInNdQwuuw8s7lYl3cE7eQ==
age: 35907
x-ms-lease-status: unlocked
last-modified: Thu, 09 May 2024 00:28:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f06f8d9d-501e-0001-1626-a27460000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 88479d32bb0e30c4-FRA
expires: Fri, 17 May 2024 01:32:27 GMT

GET
H2 200 614 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 644ms
626ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/614?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.heraldweekly.com%2Fcelebs-and-their-awesome-transformations%2F2%3Fxcmg%3D1&ref=&_it=amazon&partner_id=614
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f3f9fb67f62ddc5d6eb45164ba0f08cdaf43a8208d3e604e61d4679a2cce13

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 10323.67.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.209 Safari/537.36

Response headers

date: Thu, 16 May 2024 01:32:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 May 2024 01:28:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 88479d33efdd3a7e-FRA

Verdicts & Comments Add Verdict or Comment

259 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.heraldweekly.com/	1970-01-21 05:22:39	Name: __country_iso Value: DE
.heraldweekly.com/	1970-01-21 05:22:39	Name: brUID Value: a31adb62-9893-0a87-3747-4dabdaef7f91
www.heraldweekly.com/	1970-01-21 05:22:39	Name: brUID Value: a31adb62-9893-0a87-3747-4dabdaef7f91
www.heraldweekly.com/	1970-01-21 05:22:39	Name: cmg_test_item Value: 1
www.heraldweekly.com/	1970-01-21 06:13:03	Name: CONSOLE_LOG_STATUS Value: %22DISABLED%22
.heraldweekly.com/	1970-01-20 20:38:29	Name: ctxpxl Value: "pv:1\054sid:ab84cbea-9ecc-42ba-8030-96543da07dad\054user_id_actual:2a01..4a0..5a....4\054distributor_id:0\054campaign_id:\054sub_id:\054utm_medium:\054utm_content:\054ad_id:\054date:2024_05_16_01_32_27"
.heraldweekly.com/	1970-01-20 20:37:03	Name: lotame_domain_check Value: heraldweekly.com
.cgstatic.info/	1970-01-21 05:22:39	Name: cmgcrossdomainid Value: a31adb62-9893-0a87-3747-4dabdaef7f91
.cgstatic.info/	1970-01-21 05:22:39	Name: cmghstck Value: W7CK10bV66PDuBNMfuwO2HvS/PYBXXCKbc8ckP9Y/0GrrB8Q1ZTHB1gyGDuO0FKs
.www.heraldweekly.com/	1970-01-21 05:22:39	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+May+16+2024+03%3A32%3A27+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=72f643d8-1dc7-4986-8108-1c50267691b9&interactionCount=0&landingPath=https%3A%2F%2Fwww.heraldweekly.com%2Fcelebs-and-their-awesome-transformations%2F2%3Fxcmg%3D1&groups=C0001%3A1%2CC0002%3A1%2CC0004%3A1%2CC0003%3A1%2CV2STACK42%3A0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://www.heraldweekly.com/celebs-and-their-awesome-transformations/2?xcmg=1 Message: The resource https://www.heraldweekly.com/wp-content/themes/cortado/fonts/icomoon.woff2?abid=v1@www&v=359ec393f40074c58cf3871647be0399 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
api-stagingtwo.cgstatic.info
bcp.crwdcntrl.net
bundle.heraldweekly.com
c.amazon-adsystem.com
cdn.hadronid.net
cdn.id5-sync.com
cmgl.heraldweekly.com
config.aps.amazon-adsystem.com
cookie-cdn.cookiepro.com
d3div1mtym39ic.cloudfront.net
geolocation.onetrust.com
id.hadron.ad.gt
rt.ad-score.com
secure.cdn.fastclick.net
tags.crwdcntrl.net
user.cortexmg.com
www.heraldweekly.com
108.138.6.136
18.245.31.65
184.30.211.26
2600:1f18:c3a:ef50:401:8f22:e439:5ef7
2600:9000:2240:4e00:2:3f6e:e9c0:93a1
2600:9000:236e:5400:11:1ed0:3900:93a1
2600:9000:275d:8200:2:900c:c500:93a1
2606:4700:10::6816:35ad
2606:4700:10::6816:545
2606:4700:10::ac43:266a
2606:4700:20::681a:2f5
2606:4700:4400::ac40:936c
2606:4700:4400::ac40:9b77
34.250.10.111
35.208.216.174
65.9.66.68
05fb4ada94f6bb3475806bd6a7ea4645a3d6175ec872adc723176120caf755f9
069598748371e0a1a52a4d202d363862f5b7bf0e52e7b99f1961fb54acd1fa3c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
1ad0b9c797b1c2281a5bf52a6950b2f519449903f608391f1ba0e01c7d224938
24934774200c98f32ee7a12d7c7a2cafd23f5f6151e280815318a11eecc35265
26ce1c7639b4965355fe11b620d10e2dbcc2f100a5f05a802a78e554bf02dc36
2ddd96839c08e8cbdd3b1f56569b6d4770021731534b98dd17dec8526bb0d151
2e6a950ac4f738dc0282dbb7fcc2f4d30e02e2f158273a966cf18da9673b7ff7
3e0a8f8a22e2359d26e9aefd148a5d8b8235a926bd72632b36c56f789dbfa1f9
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
5e5c20a78adb09d24019bec7ff5c441b9f0a55123aacb2981006237ae7ea8da2
6531e8bcbcc5d2a2acda7a1c7c344fd53df4e965c17429193f9689e5413e7dcd
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88
6aef90e7d69b5e2f11d1d6ece7603f9fe55d28db0c38c8c66c4e647150b0fdc9
6d830a998066b3e15644d716280d1e6bdcef4dcb2c463da234743b7acb8416ed
77b028208aba379efe84c19275809b9c2c7d4c53845af608b013985b176ebfbb
784bf12a8eba0f1cca6500e25bdcc6b0bbc13a0c07fec8113822f56b36cd8fc0
7b0be6d18e238dc3e35530df2042ffd46acce39d3336efe2b318b9a02e6111e5
838f4b697deefb701f31eb892e6dde74a92dd7c65d4d56f967bb79c17a66d79e
8a5eb0a23bb6e5a6b664cdcfcab1964cce731413a2ee52d4782e4c6b2f8b79f3
8bc55d1c9293ff6d31191015985586464a46d97732b7013bc1e082abc4c7afcc
8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447
933529218bbda269d977960ac90393a2b876667efc295dd939af6ecf0e942de2
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
987c4f96c3464eb5d2666ee8634df311145d7e5028560c7f28b6a7c0da6094a6
a0cf3ca5886b5dcfceb139f557b4b539b41528acce60f974a36a56f584e86f6c
a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d
ace2d4983b59e75e59769e8b1a19ae3bc8e1353309ce02db7d148c831ff9d54b
ad6c101ff73464e2477aaaf218fbd1990ae2fae33fce6ba1cacdc0714239817f
b225b553da329022367ef9806c9820cbb60051aede8489749a879cfc3bed0677
b2ab7bf1d5cfb6a51556c68ddccd82dc79c89db06826245ede28a4222d94f77d
b7d37117c0d1def0732213cb1209a9d5120eaaa7f39ef1b60dad325b15db70d7
c7f3f9fb67f62ddc5d6eb45164ba0f08cdaf43a8208d3e604e61d4679a2cce13
cea6b2e3afe61e526c5d722de9324ad9a6dde0f6d59d0b241c04da3ae156c505
cfb6675f2c94f1c979daa4c42467c44555018423b516ae7dbd013fdf18020e8b
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
de8de4dbf1d9ce2c3187501cd37c3a78f77abd44f8206eab3e60590820ac5649
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c26c91b451af9063bf5a68a3167595ef2c18e472468f7d5a2a5c3fa9ed69be
e4414dd59ff7a194c921fd75f060c53f3e2eba6d5a111519bb8589c51ff66dc6
e8e86d0a632a480bc0664477ce022a897b6073f9fbb632585cc32cb16ff071ac
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
f5339b2c0e2da97d564233498a2ee75b6fd895f8408d4bd90d1319d002a3f46d
f78bafa10bd58376e2b2f225c024454183dba2b2d9fe62645e21436a89432c0a
f7a4433b13c8343bcdd960799292dbf550667e323682ed710f44b7a81cdbce09
ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8

www.heraldweekly.com Open in urlscan Pro 2600:9000:275d:8200:2:900c:c500:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

53 Requests

98 %HTTPS

63 %IPv6

13 Domains

18 Subdomains

17 IPs

3 Countries

973 kBTransfer

2954 kBSize

10 Cookies

7 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heraldweekly.com Open in urlscan Pro
2600:9000:275d:8200:2:900c:c500:93a1 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

98 %
HTTPS

63 %
IPv6

13
Domains

18
Subdomains

17
IPs

3
Countries

973 kB
Transfer

2954 kB
Size

10
Cookies

53 HTTP transactions
1 data transactions