URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Submission: On September 15 via manual from US — Scanned from DE

Summary

This website contacted 74 IPs in 8 countries across 53 domains to perform 309 HTTP transactions. The main IP is 192.104.183.109, located in United States and belongs to LEE-ASN, US. The main domain is www.telegraphherald.com. The Cisco Umbrella rank of the primary domain is 866413.
TLS certificate: Issued by GTS CA 1P5 on August 3rd 2023. Valid for: 3 months.
This is the only time www.telegraphherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 192.104.183.109 10668 (LEE-ASN)
11 2606:4700::68... 13335 (CLOUDFLAR...)
54 104.16.133.24 13335 (CLOUDFLAR...)
8 108.156.2.60 16509 (AMAZON-02)
14 2a00:1450:400... 15169 (GOOGLE)
1 13.32.99.22 16509 (AMAZON-02)
3 184.175.83.79 7393 (CYBERCON)
4 54.197.229.45 14618 (AMAZON-AES)
1 6 108.138.17.85 16509 (AMAZON-02)
18 151.139.128.10 20446 (STACKPATH...)
9 2a00:1450:400... 15169 (GOOGLE)
6 13.224.192.181 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2600:9000:20e... 16509 (AMAZON-02)
2 99.86.4.30 16509 (AMAZON-02)
8 116.202.150.116 24940 (HETZNER-AS)
1 3.65.104.49 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 18.239.18.118 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 172.64.152.89 13335 (CLOUDFLAR...)
2 2a03:2880:f17... 32934 (FACEBOOK)
4 99.86.8.175 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 162.19.138.117 16276 (OVH)
1 18.203.57.57 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 141.95.98.64 16276 (OVH)
3 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.32.184.192 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.64.149.180 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
11 13.226.175.128 16509 (AMAZON-02)
8 44.210.28.246 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
8 34.241.108.134 16509 (AMAZON-02)
1 3.216.232.229 14618 (AMAZON-AES)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 52.223.40.198 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 13.225.78.11 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.77.32.87 16625 (AKAMAI-AS)
1 162.55.144.217 24940 (HETZNER-AS)
2 46.228.174.115 56396 (AMOBEE)
1 69.173.144.137 26667 (RUBICONPR...)
1 13.32.121.35 16509 (AMAZON-02)
1 37.252.171.85 29990 (ASN-APPNEX)
1 172.64.148.101 13335 (CLOUDFLAR...)
1 52.58.45.126 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
3 13.32.119.77 16509 (AMAZON-02)
1 35.160.35.184 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 13.32.121.21 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 95.101.149.233 16625 (AKAMAI-AS)
1 69.173.144.139 26667 (RUBICONPR...)
309 74
Apex Domain
Subdomains
Transfer
54 townnews.com
bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 17305
377 KB
26 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 8030
trends.revcontent.com — Cisco Umbrella Rank: 2550
img.revcontent.com — Cisco Umbrella Rank: 13098
cdn.revcontent.com — Cisco Umbrella Rank: 9388
images.revcontent.com — Cisco Umbrella Rank: 9446
yeet.revcontent.com — Cisco Umbrella Rank: 9031
285 KB
24 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
49ccac6acb6fee62c890c019af555273.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 152
312 KB
19 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
pubads.g.doubleclick.net — Cisco Umbrella Rank: 412
216 KB
15 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 14127
embedcdn.sendtonews.com — Cisco Umbrella Rank: 15353
s2l.sendtonews.com — Cisco Umbrella Rank: 14150
player.sendtonews.com — Cisco Umbrella Rank: 14961
367 KB
14 telegraphherald.com
www.telegraphherald.com — Cisco Umbrella Rank: 866413
198 KB
11 cloudfront.net
d29xw9s9x32j3w.cloudfront.net
2 MB
11 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 337
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 675
aax.amazon-adsystem.com — Cisco Umbrella Rank: 418
134 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 388
184 KB
9 google.com
ampcid.google.com — Cisco Umbrella Rank: 2819
region1.analytics.google.com — Cisco Umbrella Rank: 2787
www.google.com — Cisco Umbrella Rank: 2
2 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 63
671 KB
8 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 8334
4 KB
8 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2408
234 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 56
imasdk.googleapis.com — Cisco Umbrella Rank: 501
358 KB
6 gstatic.com
fonts.gstatic.com
csi.gstatic.com
209 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 44
42 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
284 KB
4 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 967
eus.rubiconproject.com — Cisco Umbrella Rank: 669
token.rubiconproject.com — Cisco Umbrella Rank: 657
12 KB
4 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1907
34 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 887
id5-sync.com — Cisco Umbrella Rank: 427
62 KB
4 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 10520
compassdata.mrf.io — Cisco Umbrella Rank: 60349
50 KB
4 secondstreetapp.com
embed.secondstreetapp.com — Cisco Umbrella Rank: 55897
api.secondstreetapp.com — Cisco Umbrella Rank: 49622
107 KB
3 google.de
ampcid.google.de — Cisco Umbrella Rank: 71967
www.google.de — Cisco Umbrella Rank: 5677
889 B
3 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4447
buttons-config.sharethis.com — Cisco Umbrella Rank: 5278
l.sharethis.com — Cisco Umbrella Rank: 4833
47 KB
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 939
171 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 248
25 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 81
67 KB
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 568
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 553
67 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 117
263 B
2 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1107
lexicon.33across.com Failed
16 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 946
bcp.crwdcntrl.net — Cisco Umbrella Rank: 963
12 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 186
187 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 678
539 B
2 accessdubuque.com
www.accessdubuque.com
12 KB
1 thonline.com
archive.thonline.com
12 KB
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
300 B
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1265
180 B
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 639
549 B
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 550
558 B
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 268
710 B
1 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 4047
525 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1246
17 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 331
17 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 406
396 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1143
357 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5704
173 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 749
12 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1086
410 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 364
1 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1583
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1597
8 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 660
14 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1593
3 KB
309 53
Domain Requested by
54 bloximages.newyork1.vip.townnews.com www.telegraphherald.com
15 tpc.googlesyndication.com tagan.adlightning.com
14 securepubads.g.doubleclick.net www.telegraphherald.com
tagan.adlightning.com
securepubads.g.doubleclick.net
14 www.telegraphherald.com www.telegraphherald.com
bloximages.newyork1.vip.townnews.com
12 images.revcontent.com
11 d29xw9s9x32j3w.cloudfront.net www.telegraphherald.com
embed.sendtonews.com
11 cdn.cookielaw.org www.telegraphherald.com
cdn.cookielaw.org
tagan.adlightning.com
9 www.googletagmanager.com www.telegraphherald.com
www.googletagmanager.com
www.google-analytics.com
8 pagead2.googlesyndication.com imasdk.googleapis.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
tagan.adlightning.com
8 s2l.sendtonews.com embed.sendtonews.com
8 events.newsroom.bi sdk.mrf.io
8 tagan.adlightning.com www.telegraphherald.com
tagan.adlightning.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
6 c.amazon-adsystem.com www.telegraphherald.com
c.amazon-adsystem.com
embed.sendtonews.com
5 www.googletagservices.com tagan.adlightning.com
5 www.google.com tagan.adlightning.com
5 fonts.googleapis.com embed.sendtonews.com
embed.secondstreetapp.com
client
tagan.adlightning.com
5 embed.sendtonews.com 1 redirects www.telegraphherald.com
embed.sendtonews.com
4 yeet.revcontent.com assets.revcontent.com
4 trends.revcontent.com assets.revcontent.com
4 fonts.gstatic.com fonts.googleapis.com
4 cdn.segment.com www.telegraphherald.com
cdn.segment.com
tagan.adlightning.com
4 assets.revcontent.com www.telegraphherald.com
tagan.adlightning.com
3 aax.amazon-adsystem.com c.amazon-adsystem.com
3 region1.analytics.google.com www.googletagmanager.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 sdk.mrf.io www.telegraphherald.com
sdk.mrf.io
tagan.adlightning.com
2 eus.rubiconproject.com embed.sendtonews.com
eus.rubiconproject.com
2 csi.gstatic.com imasdk.googleapis.com
2 targeting.unrulymedia.com embed.sendtonews.com
2 pubads.g.doubleclick.net embed.sendtonews.com
imasdk.googleapis.com
2 imasdk.googleapis.com tagan.adlightning.com
2 cdnjs.cloudflare.com tagan.adlightning.com
embed.sendtonews.com
2 www.youtube.com tagan.adlightning.com
www.youtube.com
2 www.google.de www.telegraphherald.com
2 id5-sync.com cdn.id5-sync.com
2 api.secondstreetapp.com tagan.adlightning.com
2 www.facebook.com www.telegraphherald.com
2 cdn-ima.33across.com tagan.adlightning.com
www.telegraphherald.com
2 cdn.id5-sync.com tagan.adlightning.com
2 config.aps.amazon-adsystem.com tagan.adlightning.com
c.amazon-adsystem.com
2 connect.facebook.net www.telegraphherald.com
connect.facebook.net
2 geolocation.onetrust.com cdn.cookielaw.org
2 embed.secondstreetapp.com www.telegraphherald.com
tagan.adlightning.com
2 www.accessdubuque.com www.telegraphherald.com
1 token.rubiconproject.com eus.rubiconproject.com
1 archive.thonline.com www.telegraphherald.com
1 sb.scorecardresearch.com www.telegraphherald.com
1 49ccac6acb6fee62c890c019af555273.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.revcontent.com
1 api.segment.io cdn.segment.com
1 img.revcontent.com
1 hbopenbid.pubmatic.com embed.sendtonews.com
1 tlx.3lift.com embed.sendtonews.com
1 htlb.casalemedia.com embed.sendtonews.com
1 ib.adnxs.com embed.sendtonews.com
1 hb.undertone.com embed.sendtonews.com
1 prebid-server.rubiconproject.com embed.sendtonews.com
1 compassdata.mrf.io sdk.mrf.io
1 secure.cdn.fastclick.net www.telegraphherald.com
1 player.sendtonews.com embed.sendtonews.com
1 s0.2mdn.net imasdk.googleapis.com
1 match.adsrvr.org js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
1 id.sv.rkdms.com js-sec.indexww.com
1 js-sec.indexww.com tagan.adlightning.com
1 ads.pubmatic.com tagan.adlightning.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 cdn.jsdelivr.net tagan.adlightning.com
1 tags.crwdcntrl.net tagan.adlightning.com
1 invstatic101.creativecdn.com tagan.adlightning.com
1 oa.openxcdn.net tagan.adlightning.com
1 static.criteo.net tagan.adlightning.com
1 cdn.prod.uidapi.com tagan.adlightning.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 embedcdn.sendtonews.com www.telegraphherald.com
1 platform-api.sharethis.com www.telegraphherald.com
0 lexicon.33across.com Failed cdn-ima.33across.com
309 82
Subject Issuer Validity Valid
telegraphherald.com
GTS CA 1P5
2023-08-03 -
2023-11-01
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS RSA CA G1
2023-03-13 -
2024-04-12
a year crt.sh
*.adlightning.com
Amazon RSA 2048 M01
2023-07-08 -
2024-08-05
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
sharethis.com
Amazon RSA 2048 M02
2023-05-20 -
2024-06-17
a year crt.sh
accessdubuque.com
ZeroSSL RSA Domain Secure Site CA
2023-09-04 -
2023-12-03
3 months crt.sh
*.secondstreetapp.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-19 -
2024-07-21
a year crt.sh
assets.revcontent.com
R3
2023-09-08 -
2023-12-07
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-12-13 -
2023-12-13
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-02-28 -
2024-02-27
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-06-25 -
2023-09-23
3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3
2023-08-30 -
2023-11-28
3 months crt.sh
cdn.prod.uidapi.com
R3
2023-08-10 -
2023-11-08
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-05 -
2023-10-31
3 months crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-07-27 -
2023-10-25
3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-08-26 -
2023-11-24
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2022-11-07 -
2023-12-06
a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-06 -
2023-09-30
a year crt.sh
*.segment.com
Amazon RSA 2048 M01
2023-02-24 -
2024-01-12
a year crt.sh
*.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
sendtonews.com
Amazon RSA 2048 M02
2022-11-21 -
2023-12-20
a year crt.sh
*.google.de
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.id5-sync.com
R3
2023-09-01 -
2023-11-30
3 months crt.sh
*.eu-1-id5-sync.com
R3
2023-09-01 -
2023-11-30
3 months crt.sh
www.google.de
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-25 -
2024-01-24
a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3
2023-09-05 -
2024-09-03
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.sendtonews.com
Amazon RSA 2048 M01
2023-04-18 -
2024-05-16
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
revcontent.com
Amazon RSA 2048 M02
2023-05-18 -
2024-06-16
a year crt.sh
securedvisit.com
Amazon RSA 2048 M03
2023-08-16 -
2024-09-13
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2022-12-02 -
2023-12-02
a year crt.sh
ssl02.cert.cl03.k8s.mrf.io
R3
2023-08-31 -
2023-11-29
3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA
2023-05-10 -
2024-05-10
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.undertone.com
Amazon RSA 2048 M02
2023-08-03 -
2024-08-30
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
img.revcontent.com
R3
2023-09-09 -
2023-12-08
3 months crt.sh
*.segment.io
Amazon RSA 2048 M01
2023-02-10 -
2024-02-10
a year crt.sh
cdn.revcontent.com
R3
2023-09-05 -
2023-12-04
3 months crt.sh
images.revcontent.com
R3
2023-09-02 -
2023-12-01
3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA
2022-12-15 -
2023-12-28
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
www.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
archive.thonline.com
ZeroSSL RSA Domain Secure Site CA
2023-09-04 -
2023-12-03
3 months crt.sh

This page contains 16 frames:

Primary Page: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Frame ID: 116875896FAF5AFDA7A2A60CDC0E520B
Requests: 229 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: AA4104085C371265909CF7FA4087F42D
Requests: 19 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4EF7404F67F91043334EF98CE61AE305
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,700
Frame ID: 1526C7E84376BE7BCD33689BBDB8340B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Frame ID: 174A0C32CA971F170FC433720A41FA09
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9FB7D0CE98EE8776C0AC4AAEA36FC5B5
Requests: 1 HTTP requests in this frame

Frame: https://49ccac6acb6fee62c890c019af555273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A2F99108EB9C3B2E85262BBA4E1CAE5E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DAA37F22305242BCE66D7BE1E05A6AB2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B1C09480BE5A9D47F57E637C49707290
Requests: 2 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Frame ID: 1A4DE3251A512C4DAB2015ADC7034A29
Requests: 8 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Frame ID: B982B12E7C0D4A7524A48FF0C98B0A02
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Frame ID: 745487D849DF7B6200E0D4743558B93E
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Frame ID: 2F3F06D9AF51DD71D9D9D3CD0B48E7A8
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,700
Frame ID: 37A31C2761D79B871D5A2EB6A297C165
Requests: 4 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Frame ID: 93B96EA28087A4394DC7043CF0C5A76F
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1YYN
Frame ID: 444248C7110206BE9F5C698A9A720038
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Public comment sought for draft of environmental assessment of Cardinal-Hickory Creek line | Tri-state News | telegraphherald.comBack ButtonFilter Button

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Overall confidence: 100%
Detected patterns
  • tracker\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

309
Requests

99 %
HTTPS

41 %
IPv6

53
Domains

82
Subdomains

74
IPs

8
Countries

6451 kB
Transfer

15428 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://embed.sendtonews.com/player2/embedcode.php?fk=dtKKcuXb&cid=13403 HTTP 302
  • https://embedcdn.sendtonews.com/easy-stn-player/7.23.0-A/embed.js

309 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
www.telegraphherald.com/news/tri-state/
583 KB
141 KB
Document
General
Full URL
https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
3494d17a7eddcc1f2157db72d2b64d0255b3b1a4e83314207fb34f4f2edf9ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
42
cache-control
public, max-age=300
content-encoding
gzip
content-length
142443
content-type
text/html; charset=UTF-8
date
Fri, 15 Sep 2023 16:48:24 GMT
etag
W/a0ed64bf25ae8f65a9e6600752db57a1
last-modified
Wed, 13 Sep 2023 06:00:00 GMT
link
<https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://cdn.cookielaw.org/scripttemplates/otSDKStub.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy
strict-origin-when-cross-origin
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.71.0; app5; 0.36s; 6.7M
x-ua-compatible
IE=edge
x-vcache
HIT
x-xss-protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Sep 2023 16:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7EncTFplbWDUpOxlbB9/Qg==
age
82897
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6836
x-ms-lease-status
unlocked
last-modified
Tue, 12 Sep 2023 06:30:39 GMT
server
cloudflare
etag
0x8DBB359C864B571
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
84b29714-201e-0007-16b2-e555e0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80725c6edc0318e6-FRA
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/
98 KB
34 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
624098
last-modified
Wed, 07 Jul 2021 20:09:22 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60e609f2-1882c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6f1f5e2c7e-FRA
expires
Thu, 25 Jul 2024 08:30:46 GMT
user.js
www.telegraphherald.com/shared-content/art/tncms/user/
3 KB
2 KB
Script
General
Full URL
https://www.telegraphherald.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:44:19 GMT
content-encoding
gzip
last-modified
Thu, 07 Sep 2023 15:06:26 GMT
x-vcache
HIT
age
286
etag
W/"64f9e6f2-c46"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1437
service-worker-allowed
/
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/
39 KB
11 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
6205242
cross-origin-resource-policy
cross-origin
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5d726a23-9bd8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6f1f692c7e-FRA
expires
Wed, 27 Mar 2024 10:56:11 GMT
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/
32 KB
12 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
4765357
cross-origin-resource-policy
cross-origin
last-modified
Thu, 16 Mar 2023 19:39:17 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64137065-8154"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6f1f5a2c7e-FRA
expires
Thu, 21 Mar 2024 07:31:20 GMT
tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/
11 KB
4 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
2629013
cross-origin-resource-policy
cross-origin
last-modified
Thu, 10 Aug 2023 18:23:36 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64d52b28-2d77"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6eff382c7e-FRA
expires
Wed, 14 Aug 2024 19:01:20 GMT
application.3c64d611e594b45dd35b935162e79d85.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/
4 KB
2 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
076f281a9257ad662f34badb12393195fdca0dc2fde9acd1f1628b9674a96aee
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
566785
cross-origin-resource-policy
cross-origin
last-modified
Fri, 23 Jun 2023 18:40:28 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6495e71c-10fa"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6f1f5b2c7e-FRA
expires
Sat, 22 Jun 2024 19:01:48 GMT
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/
2 KB
969 B
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
624098
cross-origin-resource-policy
cross-origin
last-modified
Mon, 17 Jul 2023 20:19:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64b5a23c-9b8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6f1f682c7e-FRA
expires
Thu, 25 Jul 2024 10:14:23 GMT
bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/
107 KB
18 KB
Stylesheet
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
588444
cross-origin-resource-policy
cross-origin
last-modified
Thu, 11 May 2023 20:00:28 GMT
x-vcache
MISS
server
cloudflare
etag
W/"645d495c-1ac2e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6eff2d2c7e-FRA
expires
Wed, 15 May 2024 15:01:11 GMT
layout.c16df073a4f45c16eb2b8a91ceb7b785.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/
154 KB
28 KB
Stylesheet
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.c16df073a4f45c16eb2b8a91ceb7b785.css
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38a8c69764cb608dd9ab1a715c2bcc582d8ffdf33ea486a8926234bf68d5733c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1244025
cross-origin-resource-policy
cross-origin
last-modified
Wed, 26 Jul 2023 20:07:12 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64c17cf0-26681"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6eff2e2c7e-FRA
expires
Wed, 31 Jul 2024 19:01:29 GMT
theme-basic.a7351649a9c39f0af7c6d288a87ef140.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/
41 KB
8 KB
Stylesheet
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.a7351649a9c39f0af7c6d288a87ef140.css
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5069584ce49d3443299d9a275b0924a94f054ec25dabfcbc2118d2425dda672
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
566785
cross-origin-resource-policy
cross-origin
last-modified
Thu, 15 Jun 2023 22:05:00 GMT
x-vcache
MISS
server
cloudflare
etag
W/"648b8b0c-a506"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6eff372c7e-FRA
expires
Wed, 19 Jun 2024 19:01:35 GMT
tnt.access.offers.e83899ab184df30a9837c1688f1e5fa1.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/styles/
21 KB
4 KB
Stylesheet
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/styles/tnt.access.offers.e83899ab184df30a9837c1688f1e5fa1.css
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87afb07bae07c473cd2c18190936b19be8925b8f47e94ff7cb8f477c3c9ffbc
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
101889
cross-origin-resource-policy
cross-origin
last-modified
Fri, 04 Aug 2023 13:16:02 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64ccfa12-5327"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6eff302c7e-FRA
expires
Wed, 07 Aug 2024 19:01:29 GMT
datepicker3.9f2593097fc3849b80bb9d187a12b345.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/
31 KB
3 KB
Stylesheet
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/datepicker3.9f2593097fc3849b80bb9d187a12b345.css
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62864dfc09682e01eedffa6de15991cab27064828cb39a1831059ab9a7bb735b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
180059
cross-origin-resource-policy
cross-origin
last-modified
Thu, 16 Mar 2023 19:40:15 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6413709f-7b02"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6eff332c7e-FRA
expires
Thu, 21 Mar 2024 07:34:33 GMT
flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/
960 B
521 B
Stylesheet
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33d27a2237dd1e05c016cffdd6e7f19af210d5ab0f278a1090d0c342ee151a69
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
602093
cross-origin-resource-policy
cross-origin
last-modified
Thu, 16 Mar 2023 19:40:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64137098-3c0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6eff322c7e-FRA
expires
Thu, 21 Mar 2024 06:59:11 GMT
flex-card-promo-boxes.ed1a8e3c93ef8d80d23b903d016790fa.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/
1 KB
778 B
Stylesheet
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-card-promo-boxes.ed1a8e3c93ef8d80d23b903d016790fa.css
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0bb12bc1cb0dd34d2c3db06e0e376e55d14453983513e9670973e39ea2b7f65
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
180059
cross-origin-resource-policy
cross-origin
last-modified
Fri, 21 Apr 2023 12:44:28 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6442852c-4a6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6eff312c7e-FRA
expires
Fri, 10 May 2024 02:43:59 GMT
access.js
www.telegraphherald.com/shared-content/art/tncms/api/
87 KB
35 KB
Script
General
Full URL
https://www.telegraphherald.com/shared-content/art/tncms/api/access.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
955becd6590ca9099279669e95771cf8d4d519ff8643dc8c398b6daaba6061a8

Request headers

Referer
https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Origin
https://www.telegraphherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:44:12 GMT
content-encoding
gzip
last-modified
Wed, 06 Sep 2023 14:49:50 GMT
x-vcache
HIT
age
293
etag
W/"64f8918e-15cd7"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
35387
service-worker-allowed
/
bootstrap-datepicker.2b28bee684315ebcadec4a6b63cc146d.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/
26 KB
8 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/bootstrap-datepicker.2b28bee684315ebcadec4a6b63cc146d.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
883aa8eae3e60fb3293982ea005b7d0825faf153e68b7495fc6fe5893c38cb8c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
101889
cross-origin-resource-policy
cross-origin
last-modified
Thu, 23 Feb 2023 14:47:22 GMT
x-vcache
MISS
server
cloudflare
etag
W/"63f77c7a-6931"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6f1f642c7e-FRA
expires
Mon, 26 Feb 2024 07:53:36 GMT
jquery.mask.84bef41f682a27dac3fd6e812c06365d.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/
3 KB
1 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.mask.84bef41f682a27dac3fd6e812c06365d.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5bf9da61f9d4956b20577fe79038e5bd6dd8db076059155b18d8f4f2f8d6b34
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
194726
cross-origin-resource-policy
cross-origin
last-modified
Wed, 24 May 2023 17:14:47 GMT
x-vcache
MISS
server
cloudflare
etag
W/"646e4607-c0b"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6f1f632c7e-FRA
expires
Sat, 25 May 2024 08:06:02 GMT
tnt.access.log.3a08a9e5cc9ffa7f4c54ed2c8a09a1a2.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/
10 KB
2 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.3a08a9e5cc9ffa7f4c54ed2c8a09a1a2.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4502a3093838e13382b726c462761c6f8d75ace126ecccebc1f051f0beb3a11c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
194726
cross-origin-resource-policy
cross-origin
last-modified
Fri, 04 Aug 2023 13:15:58 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64ccfa0e-2638"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6f1f662c7e-FRA
expires
Wed, 07 Aug 2024 19:01:29 GMT
tnt.access.status.828de94349981272665c0fb0107f3e49.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/
925 B
420 B
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.status.828de94349981272665c0fb0107f3e49.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4530108a7846e31d33b46c776fcd52a54aa52c879577dee1cd75dbae68dc0585
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
232550
cross-origin-resource-policy
cross-origin
last-modified
Fri, 19 May 2023 18:36:42 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6467c1ba-39d"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6f1f5f2c7e-FRA
expires
Thu, 23 May 2024 11:08:54 GMT
user-controls.578df3df79d812af55ab13bae47f9857.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/
533 B
465 B
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448e1a4179ffa476609ed1e8909867082486239c06fb2e277f7843e3269d427b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
157217
cross-origin-resource-policy
cross-origin
last-modified
Mon, 17 Jul 2023 20:19:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64b5a23c-215"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70fa1f2c7e-FRA
expires
Thu, 25 Jul 2024 10:08:09 GMT
sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/
1 KB
782 B
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
306018
cross-origin-resource-policy
cross-origin
last-modified
Thu, 16 Feb 2023 20:57:54 GMT
x-vcache
MISS
server
cloudflare
etag
W/"63ee98d2-5bb"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70fa222c7e-FRA
expires
Thu, 22 Feb 2024 12:05:29 GMT
tnt.dynamic.navigation.2c31f97f685c80e6b8dde49bcd628fd6.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/
2 KB
843 B
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.dynamic.navigation.2c31f97f685c80e6b8dde49bcd628fd6.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f1cfc02cb95103ce088d49e98ba6dfa4eaadb10fe50939f8b0cbca742a0802f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
731458
cross-origin-resource-policy
cross-origin
last-modified
Wed, 29 Mar 2023 16:33:53 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64246871-6d3"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70fa232c7e-FRA
expires
Tue, 02 Apr 2024 18:17:29 GMT
op.js
tagan.adlightning.com/townnews/
48 KB
19 KB
Script
General
Full URL
https://tagan.adlightning.com/townnews/op.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-60.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2d5da788f85f6c7606a2ce6b73ffdc5bbae4f1c94718b3682e614317a97ed0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
XA6dViIncsajw.9xT0BwO90kJFc7NvVx
content-encoding
gzip
via
1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
date
Fri, 15 Sep 2023 16:07:02 GMT
x-amz-cf-pop
MXP63-P4
age
2532
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
19170
x-amz-meta-git_commit
e09f10f
last-modified
Wed, 13 Sep 2023 15:33:43 GMT
server
AmazonS3
etag
"f6b54ac76ca5c2f94afd76e0d00f9e5e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
JvNpnJwlBiYpuWPdx9dDjocSEY5TGfiKOknzimVXDYU8sXZhkppu3Q==
gpt.js
securepubads.g.doubleclick.net/tag/js/
99 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d7b31298b1677591809a6dd1fc186edf3ea2215e5a715b50fb7a31017dba949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29352
x-xss-protection
0
server
cafe
etag
760 / 19615 / m202309120101 / config-hash: 4208450176701668025
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 15 Sep 2023 16:49:06 GMT
tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/
4 KB
2 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1f33558d1045531b408a422d50e71ad01b0b33984d74d6a3a06d97e4cfd3d81
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
194725
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Apr 2023 14:41:39 GMT
x-vcache
MISS
server
cloudflare
etag
W/"643814a3-1151"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70fa242c7e-FRA
expires
Wed, 17 Apr 2024 20:53:25 GMT
tnt.followed.notifications.5c3f8754f8cc2a7e270984c98de1d1c9.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/search/resources/scripts/
3 KB
1 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/search/resources/scripts/tnt.followed.notifications.5c3f8754f8cc2a7e270984c98de1d1c9.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a59df0e9bd45c2897db8be1409882ef4ebb7508ed14cd742c75160e5256f845e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Thu, 15 Jun 2023 22:04:06 GMT
x-vcache
MISS
server
cloudflare
etag
W/"648b8ad6-d35"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70fa252c7e-FRA
expires
Wed, 19 Jun 2024 19:01:35 GMT
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/
207 B
277 B
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
4765357
cross-origin-resource-policy
cross-origin
last-modified
Mon, 17 Jul 2023 20:19:10 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64b5a23e-cf"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c6f1f622c7e-FRA
expires
Thu, 18 Jul 2024 20:42:52 GMT
tracking.js
www.telegraphherald.com/shared-content/art/tncms/
3 KB
1 KB
Script
General
Full URL
https://www.telegraphherald.com/shared-content/art/tncms/tracking.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:47:09 GMT
content-encoding
gzip
last-modified
Thu, 07 Sep 2023 15:06:26 GMT
x-vcache
HIT
age
116
etag
W/"64f9e6f2-a3a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1157
service-worker-allowed
/
otCCPAiab.js
cdn.cookielaw.org/opt-out/
22 KB
6 KB
Script
General
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
39805
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
80725c70df0c18e6-FRA
fontawesome.b2419fcc3201a1f4e3293248c643da08.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/
268 KB
97 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.b2419fcc3201a1f4e3293248c643da08.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
389f438844f7135c2be70a4a9f6654443a8c76482f1f0fbbea73b903c0d5cfad
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
591662
cross-origin-resource-policy
cross-origin
last-modified
Thu, 15 Jun 2023 22:03:56 GMT
x-vcache
MISS
server
cloudflare
etag
W/"648b8acc-430b9"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70fa262c7e-FRA
expires
Wed, 19 Jun 2024 19:01:35 GMT
sharethis.js
platform-api.sharethis.com/js/
203 KB
46 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-22.fra60.r.cloudfront.net
Software
/
Resource Hash
cb9c4209cb9614d749efa807c0f454fc51136f7d5914ca629945cadad984edf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:39:07 GMT
content-encoding
gzip
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P3
age
599
etag
W/"32bd5-ML7JuoX3RQAdwjY+/7SzPPb0+Vo"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
RTtYXOg96FsrClG2FGNjViyrkffu-Lhlg4VV0CnXdil1CQw-UBPY-Q==
tracker.js
www.telegraphherald.com/shared-content/art/stats/common/
9 KB
3 KB
Script
General
Full URL
https://www.telegraphherald.com/shared-content/art/stats/common/tracker.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:44:12 GMT
content-encoding
gzip
last-modified
Wed, 22 Mar 2023 14:02:33 GMT
x-vcache
HIT
age
293
etag
W/"641b0a79-2200"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
3224
service-worker-allowed
/
f4444c72-43dc-11eb-b69b-e72b84364643.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/
17 KB
18 KB
Image
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/f4444c72-43dc-11eb-b69b-e72b84364643.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
870028f088733265a28509511a09579ac83710b15ab1141ac8a58fe625cb2eb8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=37309
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="f4444c72-43dc-11eb-b69b-e72b84364643.webp"
content-length
17692
cf-bgj
imgq:85,h2pri
last-modified
Mon, 21 Dec 2020 22:36:23 GMT
server
cloudflare
x-vcache
MISS
etag
"5fe12367-91bd"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
80725c70fa272c7e-FRA
expires
Thu, 05 Sep 2024 19:25:38 GMT
9139213c-5b44-11eb-9746-8b8866e9f2ff.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/
4 KB
4 KB
Image
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/9139213c-5b44-11eb-9746-8b8866e9f2ff.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b69de612111c26b096a1f30502688185e5bd0fcb1681c9fd7a9a1b89fa9d82e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
507810
cf-polished
qual=85, origFmt=jpeg, origSize=4605
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="9139213c-5b44-11eb-9746-8b8866e9f2ff.webp"
content-length
3756
cf-bgj
imgq:85,h2pri
last-modified
Wed, 20 Jan 2021 17:26:01 GMT
server
cloudflare
x-vcache
MISS
etag
"600867a9-11fd"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
80725c70fa292c7e-FRA
expires
Thu, 15 Aug 2024 17:59:21 GMT
84062fc8-a3fe-11ed-9545-938ccd782e2c.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/
8 KB
9 KB
Image
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/84062fc8-a3fe-11ed-9545-938ccd782e2c.jpg?resize=750%2C63
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098febc0d0ea7ff5edd7991f8ea8db5997c8f2ca32bbeb0ab2da5b28f0c96c35
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=10687
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="84062fc8-a3fe-11ed-9545-938ccd782e2c.webp"
content-length
8512
cf-bgj
imgq:85,h2pri
last-modified
Fri, 03 Feb 2023 20:08:25 GMT
server
cloudflare
x-vcache
MISS
etag
"a076aaa44296e3449d9be9ce9c5169e2"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
80725c70fa2a2c7e-FRA
expires
Fri, 26 Jul 2024 06:26:15 GMT
cancellations-js-data.cfm
www.accessdubuque.com/TownNews/data/
136 B
393 B
Script
General
Full URL
https://www.accessdubuque.com/TownNews/data/cancellations-js-data.cfm
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.175.83.79 , United States, ASN7393 (CYBERCON, US),
Reverse DNS
cf.thmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e6f9679b4a3f1b11233b36ccc9728ee7db25cffd51542ce046c82f1f368a6740

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 16:49:06 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Length
179
Vary
Accept-Encoding
Content-Type
text/html;charset=UTF-8
turpin-logo-clean-200x51.png
www.accessdubuque.com/
11 KB
11 KB
Image
General
Full URL
https://www.accessdubuque.com/turpin-logo-clean-200x51.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.175.83.79 , United States, ASN7393 (CYBERCON, US),
Reverse DNS
cf.thmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b33206bcdd3dc06f5d13265b61a6afc0b61a09b366c9f7b84b7a869274dd2654

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 16:49:06 GMT
Last-Modified
Fri, 21 Jan 2022 21:47:32 GMT
Server
Microsoft-IIS/10.0
ETag
"4d5aaf7e10fd81:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
11462
60f1e118a9d82.image.png
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/media/e/cf/ecfff66c-e66d-11eb-95f9-4b43aeaae19e/
7 KB
7 KB
Image
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/media/e/cf/ecfff66c-e66d-11eb-95f9-4b43aeaae19e/60f1e118a9d82.image.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d950bcf10ea02125f7e203a9d96b3589a74558d66b33171845e4fa3d0a18d25
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
587489
cf-polished
origFmt=png, origSize=12536
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="60f1e118a9d82.webp"
content-length
6884
cf-bgj
imgq:85,h2pri
last-modified
Fri, 16 Jul 2021 19:42:16 GMT
server
cloudflare
x-vcache
MISS
etag
"60f1e118-30f8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
80725c70fa2b2c7e-FRA
expires
Fri, 06 Sep 2024 05:38:27 GMT
optin.js
embed.secondstreetapp.com/Scripts/dist/
177 KB
52 KB
Script
General
Full URL
https://embed.secondstreetapp.com/Scripts/dist/optin.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d6f235c0ae26135f22383f4adf497677205319471b09ee53ab9d8b2b4a364fc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 16:49:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Sep 2023 15:34:46 GMT
Server
Microsoft-IIS/10.0
ETag
"02f227ec5e4d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-SS
106
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
52552
embed.js
embedcdn.sendtonews.com/easy-stn-player/7.23.0-A/
Redirect Chain
  • https://embed.sendtonews.com/player2/embedcode.php?fk=dtKKcuXb&cid=13403
  • https://embedcdn.sendtonews.com/easy-stn-player/7.23.0-A/embed.js
7 KB
3 KB
Script
General
Full URL
https://embedcdn.sendtonews.com/easy-stn-player/7.23.0-A/embed.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Server
108.138.17.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3328bd9037407076ea9796475ce6b141b3123ebaaedbc56efdc43ee07cd43dc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:48:47 GMT
x-amz-version-id
R.2AvLLqDMEiBlSkHE87hNbIdl1IN7Po
content-encoding
br
last-modified
Tue, 12 Sep 2023 00:30:31 GMT
server
AmazonS3
via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"5cc2c452879a57020145e8cdc91535cf"
age
20
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
2_iDDS95ILQW-k7e31cZbqWNQ_OoBCnlKEphPOWAsZoNrdbgXRK77w==

Redirect headers

date
Fri, 15 Sep 2023 16:49:06 GMT
via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
FunctionGeneratedResponse from cloudfront
location
https://embedcdn.sendtonews.com/easy-stn-player/7.23.0-A/embed.js
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
y2dsTbahHxQzWHmX6pX-kXGXvYbydR0lfJXMZhMOVuagjbaDOhG1Og==
64528a8d95831.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/media/d/e0/de0a808a-e9ce-11ed-8900-4be12711b57b/
17 KB
18 KB
Image
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/media/d/e0/de0a808a-e9ce-11ed-8900-4be12711b57b/64528a8d95831.image.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa05997ea2c6a549852ad57323ba29ddf9cc361a636871be8fe52617d1b2cd7c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
1289830
cf-polished
qual=85, origFmt=jpeg, origSize=29480
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="64528a8d95831.webp"
content-length
17840
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 16:23:41 GMT
server
cloudflare
x-vcache
MISS
etag
"64528a8d-7328"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
80725c70fa2c2c7e-FRA
expires
Sat, 08 Jun 2024 17:41:20 GMT
delivery.js
assets.revcontent.com/master/
163 KB
52 KB
Script
General
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
7f84a292e0721d3de1fed900349151e455ca5a03561747a4d58088693729efa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
content-encoding
gzip
last-modified
Tue, 29 Aug 2023 18:58:37 GMT
server
AmazonS3
x-amz-request-id
YWDJFC07RCWWYXGA
etag
"a9aebf0b520fad8d9f454f7e1ed59efd"
x-amz-server-side-encryption
AES256
x-hw
1694796546.cds286.fr8.hn,1694796546.cds055.fr8.c
content-type
text/javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
52533
x-amz-id-2
XZBxZQH2glWsNkpwYeNER40pm0+Mb38Sv3Zphhek6dsKDKILw0nPiEXp9Km3y8CkQbJ0WneoielISnOouItyrA==
2765012a-43ae-11eb-b69b-9b615e72b007.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/
10 KB
10 KB
Image
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/2765012a-43ae-11eb-b69b-9b615e72b007.jpg?resize=540%2C187
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb252a7b0f03225554f0781925db4039148977f4731567d3d161a7b2f8bac64
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=14995
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="2765012a-43ae-11eb-b69b-9b615e72b007.webp"
content-length
10340
cf-bgj
imgq:85,h2pri
last-modified
Mon, 21 Dec 2020 17:01:22 GMT
server
cloudflare
x-vcache
MISS
etag
"5ba692d20d23ce7a861173f51ffd3891"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
80725c70fa2d2c7e-FRA
expires
Fri, 13 Sep 2024 18:37:22 GMT
gtm.js
www.googletagmanager.com/
229 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
426113221b8ffe09c48f255a2be770815d1f6d4256ff677eff1c1de5009f0488
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79028
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Sep 2023 16:49:06 GMT
62f59fd0-d7e3-438f-9ad5-b01d90539a49.json
cdn.cookielaw.org/consent/62f59fd0-d7e3-438f-9ad5-b01d90539a49/
5 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/62f59fd0-d7e3-438f-9ad5-b01d90539a49/62f59fd0-d7e3-438f-9ad5-b01d90539a49.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c01b4ea39d41a159cae309e742b5cd4dcbfb24d99456a6ab3822f426120f765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Sep 2023 16:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
38475
content-md5
rOfib6L6hvufFQlsTgH36Q==
content-length
1707
x-ms-lease-status
unlocked
last-modified
Mon, 26 Sep 2022 04:01:06 GMT
server
cloudflare
etag
0x8DA9F73BCE27AFD
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0eb5f026-e01e-0171-61e1-5aec8a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80725c6fd9e8694c-FRA
expires
Sat, 16 Sep 2023 16:49:06 GMT
tnt.access.3.1.a6e0068e9b5fdd5e841934cf8157498c.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/
8 KB
2 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.3.1.a6e0068e9b5fdd5e841934cf8157498c.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e29e7a53319f0f692a359d1dd23f412bebb653718dd3a9435ff2d12081b8cef
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
101888
cross-origin-resource-policy
cross-origin
last-modified
Fri, 04 Aug 2023 13:15:58 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64ccfa0e-1e2a"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70d9da2c7e-FRA
expires
Wed, 07 Aug 2024 19:01:29 GMT
tnt.access.granted.3.1.fc65cad9e66250cf8998ec9ff3cfa9eb.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/
2 KB
880 B
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.granted.3.1.fc65cad9e66250cf8998ec9ff3cfa9eb.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6519b2e757cd863fa5d0fd7476b99cd8983f6b34cda36b65b0ef6791b9bd60c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
326617
cross-origin-resource-policy
cross-origin
last-modified
Thu, 16 Mar 2023 19:39:04 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64137058-832"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70d9dd2c7e-FRA
expires
Wed, 27 Mar 2024 12:51:14 GMT
tnt.access.user.modal.b3515e2efc7544f596cd77d421e1655f.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/
3 KB
1 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.user.modal.b3515e2efc7544f596cd77d421e1655f.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b398ca5776a86c9873f15b54b0e4f51a30b844915c2286630072d2410f4ced00
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
194725
cross-origin-resource-policy
cross-origin
last-modified
Thu, 10 Aug 2023 18:23:36 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64d52b28-a12"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70d9de2c7e-FRA
expires
Wed, 14 Aug 2024 19:01:34 GMT
tnt.access.user.modal.wall.21ec4dc0d216de4acb895df85cf39bf1.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/
27 KB
7 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.user.modal.wall.21ec4dc0d216de4acb895df85cf39bf1.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62fa775e491874d7e0eb6dc4293d4920d156c6d04eb9d2cbc62519115822ae44
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
101889
cross-origin-resource-policy
cross-origin
last-modified
Thu, 10 Aug 2023 18:23:36 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64d52b28-6c5a"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70d9e02c7e-FRA
expires
Wed, 14 Aug 2024 19:01:34 GMT
tnt.access.denied.4.0.offers.3838af3fd4bd9949036725cb7bad51e6.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/
12 KB
4 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.denied.4.0.offers.3838af3fd4bd9949036725cb7bad51e6.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5829a4bb2db7aa971395872851eae5fb07ce0196772c09fa9fd1576f5852b0df
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
101889
cross-origin-resource-policy
cross-origin
last-modified
Fri, 04 Aug 2023 13:15:58 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64ccfa0e-2e05"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70d9e32c7e-FRA
expires
Wed, 07 Aug 2024 19:01:42 GMT
jquery.validate.f4d73313b7ce7a32500a94c38e2d2ca2.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/
20 KB
7 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.validate.f4d73313b7ce7a32500a94c38e2d2ca2.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f180d76be4fe3072f5c29b64ac56aa850f4ee0bfc2fcfe33541f918cd2801ad4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
326616
cross-origin-resource-policy
cross-origin
last-modified
Wed, 29 Mar 2023 16:34:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64246880-512b"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70d9e42c7e-FRA
expires
Wed, 03 Apr 2024 07:50:54 GMT
additional-methods.54cac72c4ecc4fe6191818374fa8d218.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/
15 KB
4 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/additional-methods.54cac72c4ecc4fe6191818374fa8d218.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c1d2122bde8e57c6a0d64d3ae5ab9311b92a90d939505522ea8017a0332afed
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
326616
cross-origin-resource-policy
cross-origin
last-modified
Mon, 17 Jul 2023 20:19:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64b5a23c-3ab0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70d9e52c7e-FRA
expires
Thu, 25 Jul 2024 10:14:23 GMT
jquery.validate.custom-methods.77562065896d6b48f0405363b8758736.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/
7 KB
2 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.validate.custom-methods.77562065896d6b48f0405363b8758736.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e601d8d6f7a7e9ea77b0779587ac065677343a89df058a6638129e9b0f1ebdd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221109
cross-origin-resource-policy
cross-origin
last-modified
Thu, 11 May 2023 04:31:44 GMT
x-vcache
MISS
server
cloudflare
etag
W/"645c6fb0-1ce5"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70d9e72c7e-FRA
expires
Wed, 19 Jun 2024 19:01:35 GMT
tnt.access.log.gtm.22dbd70d9641f10d0559ebd1a1327e07.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/
3 KB
773 B
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.gtm.22dbd70d9641f10d0559ebd1a1327e07.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5040a141549518c773b0d75420b0d4d316b26c029e4c94946d60d5d3afac7cf
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
194725
cross-origin-resource-policy
cross-origin
last-modified
Fri, 04 Aug 2023 13:15:58 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64ccfa0e-ce5"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70d9e82c7e-FRA
expires
Wed, 07 Aug 2024 19:01:29 GMT
tnt.access.log.legacy.8de26295ce9ca025da0008f10ecacd2d.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/
4 KB
946 B
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.legacy.8de26295ce9ca025da0008f10ecacd2d.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfb4a2c4f974120f57a48cc57f7937f8045abe2bfb1f78b6683dab126091464
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Fri, 04 Aug 2023 13:15:58 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64ccfa0e-f6a"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70d9e92c7e-FRA
expires
Wed, 07 Aug 2024 19:01:29 GMT
tnt.access.output.subscription.245e49413d8c36773b4034b7970cc61e.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/
2 KB
1 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.output.subscription.245e49413d8c36773b4034b7970cc61e.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef545107e05d08ac455ec0a3b36290ef3d3a5e7b49d2ed8f5f1499398b58fc43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
194725
cross-origin-resource-policy
cross-origin
last-modified
Wed, 24 May 2023 17:14:29 GMT
x-vcache
MISS
server
cloudflare
etag
W/"646e45f5-9bc"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70d9eb2c7e-FRA
expires
Thu, 23 May 2024 18:01:33 GMT
tnt.access.output.laterpay.7a6e72d83c11470ac72ce2b2f5d9fdbd.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/
2 KB
1 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.output.laterpay.7a6e72d83c11470ac72ce2b2f5d9fdbd.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af6bea70dc94c86467e3682e344566a3f7097d677b5329fe22fd41abb9a443bd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
326616
cross-origin-resource-policy
cross-origin
last-modified
Thu, 16 Mar 2023 19:39:03 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64137057-9cd"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70fa0e2c7e-FRA
expires
Thu, 21 Mar 2024 07:02:40 GMT
tnt.access.output.customjs.1480f2a51e2939dd767e130e3406e489.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/
2 KB
715 B
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.output.customjs.1480f2a51e2939dd767e130e3406e489.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc1009104ffcf20bdd8170964316315eb915d2d565aebc9d8f21b8b8f8e94150
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
101889
cross-origin-resource-policy
cross-origin
last-modified
Wed, 29 Mar 2023 16:34:01 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64246879-638"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70fa0f2c7e-FRA
expires
Tue, 02 Apr 2024 19:18:33 GMT
asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/
941 B
488 B
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
101889
cross-origin-resource-policy
cross-origin
last-modified
Thu, 16 Mar 2023 19:38:56 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64137050-3ad"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70fa122c7e-FRA
expires
Thu, 21 Mar 2024 07:18:52 GMT
tnt.ads.core.ff45cdf30b55b3c7217142a30df13f3d.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/
13 KB
5 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.ff45cdf30b55b3c7217142a30df13f3d.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46a96fa4f8b7be243cc0f92c4f877dfc84490eac8cba15ef27bbd4a1ae79c221
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
592080
cross-origin-resource-policy
cross-origin
last-modified
Tue, 22 Aug 2023 13:23:07 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64e4b6bb-34c5"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70fa132c7e-FRA
expires
Wed, 28 Aug 2024 19:01:27 GMT
withinviewport.1f94ee79a22e6ee8e9c0bb61dec9999b.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/
2 KB
1 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/withinviewport.1f94ee79a22e6ee8e9c0bb61dec9999b.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34fc4e7529fac73aeaa0c93e5d6c40dcf6dc896aa0df459fac69542fb8a2a547
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
101889
cross-origin-resource-policy
cross-origin
last-modified
Fri, 23 Jun 2023 13:09:39 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64959993-9c5"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70fa152c7e-FRA
expires
Sat, 22 Jun 2024 15:29:47 GMT
jquery.withinviewport.6ef0fee1774e9b313c264a5736522e35.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/
1 KB
460 B
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.withinviewport.6ef0fee1774e9b313c264a5736522e35.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef363fc8d14e4cdfc401792ea044108d84aa709594566611808f8e5aa0779c4c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
194725
cross-origin-resource-policy
cross-origin
last-modified
Wed, 21 Jun 2023 20:55:53 GMT
x-vcache
MISS
server
cloudflare
etag
W/"649363d9-591"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70fa182c7e-FRA
expires
Sat, 22 Jun 2024 09:17:07 GMT
jquery.scrollstop.934c2bd4d6bebe0494bcb9dd4b1b6ca1.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/
976 B
546 B
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.scrollstop.934c2bd4d6bebe0494bcb9dd4b1b6ca1.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d06b0e662cfd11cf87c4c75d9a1c22bb7f710d0d1b9c6d5dfc099e52672a4246
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
101888
cross-origin-resource-policy
cross-origin
last-modified
Thu, 16 Mar 2023 19:39:16 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64137064-3d0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70fa1a2c7e-FRA
expires
Thu, 21 Mar 2024 07:18:52 GMT
sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/
4 KB
1 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
101889
cross-origin-resource-policy
cross-origin
last-modified
Tue, 22 Aug 2023 13:23:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64e4b6b9-1010"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70fa1c2c7e-FRA
expires
Tue, 10 Sep 2024 12:42:49 GMT
tnt.regions.b44801b45845a81b995eeaad12f4f276.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/
4 KB
2 KB
Script
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.b44801b45845a81b995eeaad12f4f276.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39d6835ee4b7c5b33295b8e6ca78c56ce6fbcf44d80e79d218d528a2453fb185
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
194725
cross-origin-resource-policy
cross-origin
last-modified
Thu, 16 Mar 2023 19:38:57 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64137051-1015"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c70fa1d2c7e-FRA
expires
Wed, 27 Mar 2024 10:56:12 GMT
b-e09f10f-34756dc3.js
tagan.adlightning.com/townnews/
81 KB
31 KB
Script
General
Full URL
https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-60.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 07:16:44 GMT
content-encoding
gzip
via
1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
x-amz-version-id
vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop
MXP63-P4
age
3835943
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30930
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:26:34 GMT
server
AmazonS3
etag
"bd7974ac83b1adc649e5e24a01f74b12"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Ucjdzvmf9N4miduIa6ENvLDFnb84IgAoLK-i8yhUbmwLAKBIYsNQkw==
bl-ef0aa10-eb644f7f.js
tagan.adlightning.com/townnews/
73 KB
30 KB
Script
General
Full URL
https://tagan.adlightning.com/townnews/bl-ef0aa10-eb644f7f.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-60.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
197d57973f476d5a90adbeb556aa75d0dd3b0de064773b87e9ac4315858a03a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 15:37:40 GMT
content-encoding
gzip
via
1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
x-amz-version-id
URKQx7fx6_jf5ilRKQVENDhziRpFv7ub
x-amz-cf-pop
MXP63-P4
age
177087
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30654
x-amz-meta-git_commit
ef0aa10
last-modified
Wed, 13 Sep 2023 15:33:03 GMT
server
AmazonS3
etag
"cf5585934ccd581e98fb184e006c7b11"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
3VV76RnK9pbLFStCe2GNQAVH2sqvsqTG_xJpjcuUEUQY6PbP-ibo5w==
apstag.js
c.amazon-adsystem.com/aax2/
249 KB
61 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 15:59:34 GMT
content-encoding
gzip
via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront), 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Thu, 14 Sep 2023 19:03:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
2973
x-amz-server-side-encryption
AES256
etag
W/"c48a6ec54d501e77b70ec98cc7bfa1a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Ttn5Y7-05OSB8vSya8Psd9k2dgLsbIlZ09I7kwG65hiZmtcF9y-cSg==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
59 B
304 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
80725c70f93235ff-FRA
access-control-allow-headers
Content-Type
gtm.js
www.googletagmanager.com/
121 KB
47 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NN54BPG
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1bf00649d48931a37df34de72bd5f3fdeb35dd731cb30b0083bf356ad6b01050
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48034
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Sep 2023 16:49:06 GMT
gtm.js
www.googletagmanager.com/
218 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJWBF3J
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da779586ab94abb7d4cc76ee20bdee72681057173160798962835e2758746dfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78962
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Sep 2023 16:49:06 GMT
marfeel-sdk.js
sdk.mrf.io/statics/
125 KB
35 KB
Script
General
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03aa80580b402aebc5e486b943a2da82ee76790993dfffc4f4a421592e2d6f57

Request headers

Referer
https://www.telegraphherald.com/
Origin
https://www.telegraphherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-response-time
3ms
date
Fri, 15 Sep 2023 16:49:06 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 15 Sep 2023 07:54:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
9
accept-ranges
bytes
cf-ray
80725c712e034dc4-FRA
alt-svc
h3=":443"; ma=86400
content-length
35338
fbevents.js
connect.facebook.net/en_US/
197 KB
53 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 15 Sep 2023 16:49:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53155
x-xss-protection
0
pragma
public
x-fb-debug
Vx3m9FytFJg8t7diHHjRNweNDd47rz3KYWoCutLScpM3HWcNyiR92jFY9fstrj3DlVVaL+hwLQf/fA0pedC28g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
tracker.gif
www.telegraphherald.com/shared-content/art/stats/common/
0
145 B
Image
General
Full URL
https://www.telegraphherald.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1694796546688160012001350298553388&tnms_dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&tnms_upage=1&tnms_do=www.telegraphherald.com&tnms_uri=/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&tnms_ref=&rt=1694796546692
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
x-vcache
MISS
age
0
etag
"48f79fed-0"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
0
truncated
/
73 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/
68 B
235 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
80725c71bd98bb53-FRA
vary
Accept-Encoding
content-type
text/javascript
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202209.1.0/
376 KB
90 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Sep 2023 16:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
229oLfugqvtMNLM3e0uPaA==
age
45357
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
91423
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:30 GMT
server
cloudflare
etag
0x8DAAB422B1E6529
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9d360d5a-501e-00e4-32e1-5acbec000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80725c71682418e6-FRA
5cd2f43a3f59c700126bad43.js
buttons-config.sharethis.com/js/
461 B
904 B
Script
General
Full URL
https://buttons-config.sharethis.com/js/5cd2f43a3f59c700126bad43.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c4a23a217e269ad2451e4668ad319a23ad3c70ec0d3d84a43d3a2564f0d3287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C1
age
42
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
461
last-modified
Wed, 08 May 2019 19:40:11 GMT
server
AmazonS3
etag
"4d059be5eef50cc04a77381344839252"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=60,public
accept-ranges
bytes
x-amz-cf-id
7egOn_42_g-xxCmerPguwjOMHHsWLvvnhyyHftZV5H_AiBkej5bwFQ==
e42ec5cd-11f7-4d8a-a91c-74054da9c4cb
config.aps.amazon-adsystem.com/configs/
537 B
812 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/e42ec5cd-11f7-4d8a-a91c-74054da9c4cb
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-30.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
c4f4a1449fff0e667a601b7c2a9a4e3dbe306903c3047b9d21b2f6a7b05ca2e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:21:22 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
1665
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
0h7OauUwo6QBF2FpVn3qFNUCgtNC0tVpwaLCTl4rrmZsIJopxvlpNw==
config
c.amazon-adsystem.com/cdn/prod/
598 B
959 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.telegraphherald.com&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
30e4d1e0f46d3af24c1b100040fa413fd22cc1e0260bbc63017f6fbd69fa7eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 14:12:10 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
9416
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.telegraphherald.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
598
x-amz-cf-id
7slHmhTR782rCX6_rYuVuGzKNTOa3lfOArVcrbr9u_9GRWQs1Mhm2g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
date
Fri, 15 Sep 2023 05:33:42 GMT
x-amz-cf-pop
FRA2-C1
age
40526
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
6102XWKNsga2q_52b3oR8zDSOk07H1CYJaVGSAo4eQGVnM9siwG3PA==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/
408 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37b564138a8c782c7ef7f804054712a1bb75a63677dca0e6e186b82102aebb93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 11:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
20747
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131633
x-xss-protection
0
server
cafe
etag
12671944107613252425
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 14 Sep 2024 11:03:20 GMT
1329857520488846
connect.facebook.net/signals/config/
489 KB
134 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1329857520488846?v=2.9.127&r=stable&domain=www.telegraphherald.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ecadd5e05e21cee2f29ac9136fc2dfa15269b78b8be566bae9f08a061f3422e5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 15 Sep 2023 16:49:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
Nd00/A2Auv/sGYwSieVdVACkmar7JG4qUrWIDFfYZNvURJHx1tBfadnvr+2VMl0vYM6j1SBq71fEM1L3np2y8g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
ingest.php
events.newsroom.bi/
50 B
859 B
XHR
General
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy01.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.telegraphherald.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
compass-multimedia-sdk.js
sdk.mrf.io/statics/
6 KB
3 KB
Script
General
Full URL
https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=754
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d34178fd2e5a63ee1aeada7c11ef3f65639935fee58ba0eafa99b2b1dbd67ee3

Request headers

Referer
https://www.telegraphherald.com/
Origin
https://www.telegraphherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
content-encoding
gzip
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
cf-cache-status
EXPIRED
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
104
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 13 Sep 2023 09:50:56 GMT
server
cloudflare
etag
W/"e6ad3179582ae74d56c8c6309f582ea6"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
80725c7338c84dc4-FRA
x-amz-cf-id
m0le4wzIXnGzw02RD-IhNgREvNjcU3EjnLXpuCa-mn3MPIy0U4j6Ug==
pview
l.sharethis.com/
0
410 B
XHR
General
Full URL
https://l.sharethis.com/pview?event=pview&hostname=www.telegraphherald.com&location=%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&product=inline-share-buttons&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&cms=unknown&publisher=5cd2f43a3f59c700126bad43&sop=true&version=st_sop.js&lang=en&description=Federal%20officials%20seek%20public%20comment%20on%20a%20draft%20of%20an%20environmental%20assessment%20for%20a%20controversial%20power%20transmission%20line%20that%20will%20span%20from%20Dubuque%20County%20to%20Dane%20County%2C%20Wis.&ua=&ua_mobile=false&ua_full_version_list=
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.104.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-104-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 16:49:07 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://www.telegraphherald.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Sep 2023 15:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3564
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 15 Sep 2023 17:49:43 GMT
gtm.js
www.googletagmanager.com/
178 KB
63 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6509b47e7d2ae329dbfd211c5e0f6816b368cb30b00c8e93c502b32792d3f4a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64822
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Sep 2023 16:49:07 GMT
gtm.js
www.googletagmanager.com/
215 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9f6114de4e1f9c80ad04cc403b8472320d5604ac43816db5c1540a17101e93dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70235
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Sep 2023 16:49:07 GMT
en.json
cdn.cookielaw.org/consent/62f59fd0-d7e3-438f-9ad5-b01d90539a49/ea56b807-a9bd-4840-a986-27a00bc3b66e/
54 KB
12 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/62f59fd0-d7e3-438f-9ad5-b01d90539a49/ea56b807-a9bd-4840-a986-27a00bc3b66e/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
403b2909c28a9ec15859414656330bb266efccf0a660631faa249fe3945c2971
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Sep 2023 16:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1089
content-md5
7kDwGG0M5FVG2rnvsURDLg==
content-length
11585
x-ms-lease-status
unlocked
last-modified
Mon, 26 Sep 2022 04:01:12 GMT
server
cloudflare
etag
0x8DA9F73C02BF97B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5272b98b-001e-0030-21b8-a582cc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80725c739ee3694c-FRA
expires
Sat, 16 Sep 2023 16:49:07 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/
138 KB
30 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a170a7411835031a08ba9a8499c88b73eb0e9ca71729ad3bdcfce3c4332242
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 09:30:49 GMT
server
cloudflare
x-amz-request-id
5E7CQEKZSSWX59DS
age
877
etag
W/"6f2e4365e45d56ebb0820172e6b3d823"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
80725c75b9f84d4a-FRA
x-amz-id-2
v20g43EBNP/IOPwa4UqQhI/SgOgQ63rC+vmBWfrpIwvsQizyC18NYwY9OZp5IvFm1WmavmhbBHk=
gtm.js
www.googletagmanager.com/
182 KB
63 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6edd42686ddddc5cc5a5ad6e45305a1e0cf72a0c3e1790d59091ffb26070259e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64410
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Sep 2023 16:49:07 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/
3 KB
3 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:6000:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date
Fri, 15 Sep 2023 05:39:43 GMT
Via
1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
40165
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Wed, 06 Sep 2023 03:40:59 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
wloSwjDnTIqIkydpa5lWl88eBogGinV1PxttfEO7aEOuBZs0bj9YXA==
esp.js
cdn.id5-sync.com/api/1.0/
139 KB
30 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 09:30:49 GMT
server
cloudflare
x-amz-request-id
VK2SRF16D02X5ZN2
age
1896
etag
W/"1a5f44cdb786ba83a7fa05963228f464"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
80725c75b9fa4d4a-FRA
x-amz-id-2
W86YinNW2dsuZPfS+ZTkYpgh0FatBDvKhVeIE0/ciWbe7u4JzKj0+uiv//jSw9oMSxGGGz5knYw=
publishertag.ids.js
static.criteo.net/js/ld/
43 KB
14 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-ab99"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 16 Sep 2023 16:49:07 GMT
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 19:33:05 GMT
content-encoding
gzip
age
1804562
x-guploader-uploadid
ADPycdsJEoGEdACkPhEpLcadnh3aQlj77UDinvOmb6bbnYP4ZBIZ1c4FNa4dKEFL9W-lxAEBMvtWjPiKZu_LC3LquNuUVfFyLVER
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 24 Aug 2024 19:33:05 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
f56bb5853eec36671c02a8390fb5c342
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-118.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 02:44:08 GMT
content-encoding
gzip
via
1.1 28b2547a012b744c90796693b582d83c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P6
age
50700
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
a8Pt8iOctONEOn1SiNVGqciMkvcHsH8GYTtYPcLXyZClEfS3fKEq4A==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
29311
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4568-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dB7hlgpbUig09iu5ykPqn7V3Arl%2B2t9kBcGGQ9aQTxZGevZmRnWk5BGVuUIPI%2Bli8Q0Bj1c%2F8r6I8tyWvHgZyysADA6RhYvIStsaAvbzG%2BTjt0g294ePvJWzh1dzW6baIaDhDYftULnDRQmwUyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
80725c75cdea30e4-FRA
ob.js
cdn-ima.33across.com/
40 KB
9 KB
Script
General
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 04 Aug 2023 18:38:49 GMT
server
cloudflare
age
87272
etag
W/"64cd45b9-a13f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
80725c75bdf04522-TXL
expires
Mon, 18 Sep 2023 16:49:07 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1329857520488846&ev=PageView&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&rl=&if=false&ts=1694796547291&sw=1600&sh=1200&v=2.9.127&r=stable&ec=0&o=30&fbp=fb.1.1694796547275.1033576860&cs_est=true&it=1694796547036&coo=false&rqm=GET
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 15 Sep 2023 16:49:07 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/
105 KB
28 KB
Script
General
Full URL
https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e00c6ac4a08618cf6652f6f85a79aded49f44a64575a8e69672ef752b8c435dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
bgcRC1HNK.5R9aS.uVrpg21.Xb0wYGHs
content-encoding
br
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
date
Fri, 15 Sep 2023 16:48:48 GMT
x-amz-cf-pop
FRA6-C1
age
20
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 11 Sep 2023 18:58:34 GMT
server
AmazonS3
etag
W/"5924d8466ba0f8d645875cd19b686661"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
nGxDfJ50cegrno222twZIXsxGzPoeGjP4ts3e4bTudF1l-BGqL2XFQ==
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/
9 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d94edd219d965011aa7c423435675f8fc3aba340d1d2a45840c88592b922dbf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Sep 2023 16:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Nv59uF4L5Erbm99maFPLHA==
age
38474
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2612
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:22 GMT
server
cloudflare
etag
0x8DAAB42260C012D
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
bd2ca943-401e-0087-4609-e2aae6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80725c7508dd694c-FRA
otPcTab.json
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/v2/
63 KB
14 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33939bb9d827d73e58f184dd1b06e5024b34d62373bd41ce2aea6058d62aa902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Sep 2023 16:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
MrbBPvSp/nr/pc7Rs9pb+g==
age
38474
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14053
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:23 GMT
server
cloudflare
etag
0x8DAAB42272E5DAC
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
5df370d7-501e-007f-7ce2-e1f618000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80725c7508df694c-FRA
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/
5 KB
2 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Sep 2023 16:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
chhUbr1lo8VfhnCyj4C/QQ==
age
38474
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1767
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:23 GMT
server
cloudflare
etag
0x8DAAB4226B08D84
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
802faa02-f01e-016e-58e1-5a379a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80725c7508e5694c-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/
22 KB
5 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
B55i3ZY9miZIaUrwjufy0w==
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
6f5573a8-001e-00d5-7de1-5a903b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
80725c7508e6694c-FRA
publisher:getClientId
ampcid.google.com/v1/
74 B
445 B
XHR
General
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.telegraphherald.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
destination
www.googletagmanager.com/gtag/
253 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b856c515e96f86e2f9ff5418c119f5e5c00831ea28c60235115f25fd991edf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88609
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Sep 2023 16:49:07 GMT
764f46ed0012a3900512.js
sdk.mrf.io/statics/
45 KB
12 KB
Script
General
Full URL
https://sdk.mrf.io/statics/764f46ed0012a3900512.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35faab1d07b33795967a3a1ba80cb5f15a6986b031ae84cefc3a4338076c5b8d

Request headers

Referer
https://www.telegraphherald.com/
Origin
https://www.telegraphherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
content-encoding
gzip
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
MUC50-P1
age
1939
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
30
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 13 Sep 2023 09:50:56 GMT
server
cloudflare
etag
W/"ef3afb0961b22b67b10ea1548e874ec0"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
80725c754fb1bbd3-FRA
x-amz-cf-id
kFvwSpov-O3Xgd8hrO__xsepF4nya2jnomiflK93AosAZa1VK8yNlA==
destination
www.googletagmanager.com/gtag/
283 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-1KSYYTLTZT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ca99099e62044f90c611cc0afe309e4c21df12345d7b15aeefc3c2230352b08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95073
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Sep 2023 16:49:07 GMT
2466856
api.secondstreetapp.com/audience_signup_widgets/
3 KB
2 KB
Script
General
Full URL
https://api.secondstreetapp.com/audience_signup_widgets/2466856?callback=secondStreetOptinWidget_2466856
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e06c1b5835373a277ddc9b512293612f0cd5cb5cd876ee5fa3ef7833c91f6864
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 16:49:09 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
X-AspNet-Version
4.0.30319
Age
55
X-Powered-By
ASP.NET
X-SS
107
Connection
Keep-Alive
Content-Length
1379
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
X-StackifyID
V2|d1365cec-3782-466e-b803-b1b36e610d1c|C69601|CD66
Cache-Control
public, max-age=600
Accept-Ranges
bytes
Expires
Fri, 15 Sep 2023 16:58:13 GMT
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/7.23.0-A/
667 KB
185 KB
Script
General
Full URL
https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66a96f40edf674bec2e02e2f466a5c6f86ea97e857450831400bf74a799b64e0

Request headers

Referer
https://www.telegraphherald.com/
Origin
https://www.telegraphherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:48:46 GMT
x-amz-version-id
fXuli0NAL7F_NHrM7ls.O6svOuu_MIo_
content-encoding
br
last-modified
Tue, 12 Sep 2023 00:30:30 GMT
server
AmazonS3
age
22
x-amz-cf-pop
FRA56-P7
etag
W/"9b84d321fff5c2136f52d2ca98b7456b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
yQi-dgSTRALMWoan81OLSMgMRvG3TWbRP7b2l4CzUvGcSrzWbab_Uw==
publisher:getClientId
ampcid.google.de/v1/
3 B
374 B
XHR
General
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.telegraphherald.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
increment
id5-sync.com/api/esp/
0
332 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.telegraphherald.com
date
Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
/
www.telegraphherald.com/tncms/access/rules/
27 KB
4 KB
XHR
General
Full URL
https://www.telegraphherald.com/tncms/access/rules/
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/shared-content/art/tncms/api/access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
c6c2dadf2519b1a53072c243e563a27c55d28d46c8777856983f16b542d42b0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
X-TNCMS-Access-Version
2023-09-05 20:22:45
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 08:27:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30082
content-length
3549
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 15 Sep 2023 08:27:45 GMT
x-vcache
HIT
etag
W/cfb60643afaea26fac4441565be53896
x-frame-options
SAMEORIGIN
vary
X-TNCMS-Access-Version, Origin, Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://admin-newyork1.bloxcms.com
x-tncms
1.71.0; app11; 0.23s; 2.2M
cache-control
public, max-age=86400
accept-ranges
bytes
x-robots-tag
noarchive
access-control-allow-headers
X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User
/
www.telegraphherald.com/tncms/search/recommend/
52 KB
4 KB
XHR
General
Full URL
https://www.telegraphherald.com/tncms/search/recommend/?app=editorial&t=article&inline=summary&preview=1&k=grant-county-wis%2Ccassville-wis
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
676e0e6f7bc86b4026194972a4fc3545fcc8d907734ca93f4ca3de4d9e85483b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42
content-length
3791
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 15 Sep 2023 16:48:25 GMT
x-vcache
HIT
etag
W/ab746f6b99620d64d7a6f91572bb0773
x-frame-options
SAMEORIGIN
vary
X-IPCountry, Accept-Encoding
content-type
application/json; charset=UTF-8
x-tncms
1.71.0; app17; 0.23s; 3.3M
cache-control
public, max-age=600
accept-ranges
bytes
x-robots-tag
noarchive
map
bcp.crwdcntrl.net/6/
60 B
340 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.57.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-57-57.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5126ccf3097527765bf8adc3d53a9e9647b57684a495143e00832df6d12ed8b5

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:07 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache
x-server
10.45.23.70
access-control-allow-credentials
true
content-length
60
expires
0
collect
www.google-analytics.com/j/
3 B
214 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1329802374&t=pageview&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&dp=%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ul=en-us&de=UTF-8&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABAAQCACAAI~&jid=181945815&gjid=997523444&cid=288697255.1694796548&tid=UA-54716522-7&_gid=488461565.1694796548&_slc=1&gtm=45He39d0n71PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&cd15=3.155.0&cd16=true&cd17=Page%20View&cd20=4802ccae-4e6f-11ee-a910-f3fbe99ea3ee&cm1=358&z=1489847332
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
352 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54716522-7&cid=288697255.1694796548&jid=181945815&gjid=997523444&_gid=488461565.1694796548&_u=YGBAgUABAAQCAGAAI~&z=1327555324
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 15 Sep 2023 16:49:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
15 B
83 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1329802374&t=pageview&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&dp=%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ul=en-us&de=UTF-8&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAUABAAQCAGAAIAB~&jid=164116475&gjid=1142709741&cid=288697255.1694796548&tid=UA-1002501-1&_gid=488461565.1694796548&_r=1&_slc=1&gtm=45He39d0n71PDQV3N&z=1079800914
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
514010fa6b11f61340616503c07fc5c2e4951163e6dc26cc2b4a33c229cc38d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/
33 B
410 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
f3a66a18e4acc069bf082e67acf97c03aa3184dc0ce37977fad64fa37bf04ac0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.telegraphherald.com
date
Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
collect
region1.analytics.google.com/g/
0
260 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je39d0&_p=1329802374&_gaz=1&cid=288697255.1694796548&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&sid=1694796547&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.content_id=4802ccae-4e6f-11ee-a910-f3fbe99ea3ee&ep.canonical_url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ep.content_type=article&ep.canonical_content_id=4802ccae-4e6f-11ee-a910-f3fbe99ea3ee&ep.content_group=%2Fnews&ep.townnews_crm_group_id=216&ep.generator=BLOX&ep.generator_version=1.71.0&ep.content_author_id=7c1716e6-b03f-11ec-b276-c312f26f2490&ep.content_author_eh=2ef1bfd93cef32b5a8ee3f22846ac721a2a5f2187b77c965c1e27e2dd4ad5bc2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
47 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=288697255.1694796548&gtm=45je39d0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4T2EB147B8&cid=288697255.1694796548&gtm=45je39d0&aip=1&z=652217545
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
45 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-1KSYYTLTZT&gtm=45je39d0&_p=1329802374&_gaz=1&cid=288697255.1694796548&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&sid=1694796547&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.item_id=4802ccae-4e6f-11ee-a910-f3fbe99ea3ee&ep.author=Telegraph%20Herald&ep.published_time=2023-09-13T06%3A00%3A00Z&ep.cms_product=BLOX&ep.cms_version=1.71.0&ep.content_group=%2Fnews&ep.content_type=article
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-1KSYYTLTZT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
45 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1KSYYTLTZT&cid=288697255.1694796548&gtm=45je39d0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-1KSYYTLTZT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1KSYYTLTZT&cid=288697255.1694796548&gtm=45je39d0&aip=1&z=93699411
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/
222 KB
67 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:25:40 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=130639
accept-ranges
bytes
content-length
68444
expires
Sun, 17 Sep 2023 05:06:26 GMT
/
www.telegraphherald.com/tncms/search/mlt/
12 KB
4 KB
XHR
General
Full URL
https://www.telegraphherald.com/tncms/search/mlt/?origin=4802ccae-4e6f-11ee-a910-f3fbe99ea3ee&app=editorial&preview=1&type=article%2Ccollection%2Cvideo%2Cyoutube
Requested by
Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
0c84c498773a7bf8886f05dfe5f414e4b53fbd8aa2c448f5e26a4b83befdb232
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42
content-length
3444
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 13 Sep 2023 06:00:00 GMT
x-vcache
HIT
etag
W/66fd917e7bcba8de3634d4ba143f85a3
x-frame-options
SAMEORIGIN
vary
X-IPCountry, Accept-Encoding
content-type
application/json; charset=UTF-8
x-tncms
1.71.0; app14; 0.05s; 3.1M
cache-control
public, max-age=300
accept-ranges
bytes
x-robots-tag
noarchive
recirculation.php
events.newsroom.bi/
12 B
724 B
XHR
General
Full URL
https://events.newsroom.bi/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy01.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.telegraphherald.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
truncated
/
817 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/svg+xml
telegraph-herald-horizontal-masthead.jpg
cdn.cookielaw.org/logos/94c60bf3-3eae-413b-b590-8270e0fb8490/477ec75b-8127-4b20-a42e-9f01cab7d0bd/227d63ca-b0a4-4b6f-a3c9-2293cdd5a658/
43 KB
43 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/94c60bf3-3eae-413b-b590-8270e0fb8490/477ec75b-8127-4b20-a42e-9f01cab7d0bd/227d63ca-b0a4-4b6f-a3c9-2293cdd5a658/telegraph-herald-horizontal-masthead.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a99ab7cb2c846dc63dc21c00c8eab1f9bbae618ef4a3b2b648a86d9855f80b2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
9v2G71U22mhDtZ9aJ9vQDQ==
age
31417
content-length
43668
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 12 Aug 2022 19:22:29 GMT
server
cloudflare
etag
0x8DA7C97FF5221F9
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
6fa687f4-d01e-00f5-2ff5-5afcf7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80725c780a2e18e6-FRA
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/
3 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
LpuayL42jB78xRllx0vkOw==
age
38612
x-ms-lease-status
unlocked
last-modified
Thu, 14 Sep 2023 03:20:39 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
393cacc6-f01e-002b-0d56-e7b94f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
80725c780a3118e6-FRA
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aacede08eec2bdcf96fbd7e1d841798a95df694ae2a9975e151c4d4abde9c880
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /cspreport
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 15 Sep 2023 16:49:07 GMT
187621-164323601241456.js
js-sec.indexww.com/ht/p/
33 KB
12 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 15 Sep 2023 16:45:35 GMT
server
cloudflare
age
9
etag
W/"9048a3-856b-6056885921f84"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
80725c78e9fe58f6-TXL
expires
Fri, 15 Sep 2023 20:49:08 GMT
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7133c07da0d7df5ae3d5fe3ff8a67982a5af918e7ec147af765f1ba7e14b641
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 16:44:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Sep 2023 16:49:08 GMT
icon
fonts.googleapis.com/
569 B
439 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 16:49:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Sep 2023 16:49:08 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/
20 KB
4 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2065196
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3982
last-modified
Thu, 22 Jun 2023 11:13:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942ce5-f8e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDH0AjGP30ROexfCM%2Bw6CsiZjD0UTKCEp%2Bc9DWcSO3U65726EntE3RZgMyzdf8XGEyEvau3%2FdWPTitg40lfxEwGMqmSjEKq1eHAxgHWnVNBDvg3P3ydEJFfTOJpz9jyN1W45rM0xYZJJrP9QUzgM5AIs"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80725c790fb79232-FRA
expires
Wed, 04 Sep 2024 16:49:08 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame AA41
53 KB
21 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
21248621
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20502
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BsIMgYoBA2G0zeyusEm25SUZwg5qLXPZca%2BHku8qmDheSpetUoZdYTMON1vUdV%2FqCqLXQRK2F%2FHXZiWt4rGrKAvRhvSTp07udLR5Pf7JdUZ412nmghUkOnIM21RBWfGPm7GGWWC%2BytfH%2BJxotDJ83E9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80725c790fb89232-FRA
expires
Wed, 04 Sep 2024 16:49:08 GMT
prebid.js
embed.sendtonews.com/library/prebid/8.5.0/ Frame AA41
356 KB
113 KB
Script
General
Full URL
https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e53c57c02bc1893290ace288f875fb7f24ecd07008077da5e9751f51040907e

Request headers

Referer
https://www.telegraphherald.com/
Origin
https://www.telegraphherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
uMY2CXxBwlQN5uztKTa9X5zGVYToi.n.
content-encoding
gzip
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
date
Fri, 15 Sep 2023 05:50:45 GMT
last-modified
Tue, 25 Jul 2023 22:19:16 GMT
server
AmazonS3
age
39503
x-amz-cf-pop
FRA56-P7
etag
W/"1d52ceae543e767ce76cb49d8c52ac94"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
9jUFirdjIBPpO1KHq85LFJSroQo6Kk3MYIqh0ec5oIHtamtLNt-gyg==
comScore.gt.min.js
embed.sendtonews.com/library/streamsense/6.3.4.190424/ Frame AA41
335 KB
55 KB
Script
General
Full URL
https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Referer
https://www.telegraphherald.com/
Origin
https://www.telegraphherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
content-encoding
br
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
date
Fri, 15 Sep 2023 09:56:20 GMT
last-modified
Thu, 13 Apr 2023 16:36:13 GMT
server
AmazonS3
age
24768
x-amz-cf-pop
FRA56-P7
etag
W/"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
KZpRHKDTmSW7_j_9t_OTooUj0IWg6p4Wj31_h9H6Z3dPZ_3lRRX_2g==
ima3.js
imasdk.googleapis.com/js/sdkloader/
357 KB
123 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02f8c15ba65b0ae9db6f957d28f9ae1adbc048090cca772bec7301451a8c1dfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125468
x-xss-protection
0
expires
Fri, 15 Sep 2023 16:49:08 GMT
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/
1 KB
1 KB
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-128.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 10:48:57 GMT
via
1.1 a7d79448ea7ebb4dc0f6ccd1869d1444.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-C3
age
21611
etag
"cb93bb50e5d021cc38de445a672c18a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1094
x-amz-cf-id
FZIq8wbLfodKyQX6GjSN00vTd4hdO8kPuNSLuP-bdF5xLolYzIhALA==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/
322 B
655 B
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-128.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 15:04:05 GMT
via
1.1 a7d79448ea7ebb4dc0f6ccd1869d1444.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-C3
age
6304
etag
"311cf2edc46e82f2a6911332b7db54e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
322
x-amz-cf-id
P_XmlloGvXnP_KlIHQO_RBCVBm7i6Ja3ELmc0NgAQbDWglEthJNadg==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/
832 B
1 KB
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-128.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 20:37:01 GMT
via
1.1 a7d79448ea7ebb4dc0f6ccd1869d1444.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-C3
age
72728
etag
"8be584e844dabfe22970a0cb943c047e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
832
x-amz-cf-id
G-izVfnel7KpVMfA1la86OrsbNHBkJpX59vjvjbzXuDgOxPFQ20Lhw==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/
773 B
1 KB
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-128.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 09:15:48 GMT
via
1.1 a7d79448ea7ebb4dc0f6ccd1869d1444.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-C3
age
27201
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
wwEBlAf7WEFI3JdUM4HjQocj8rXg-dkjpgoIy71NmIDiZrjZpW5A_w==
apstag.js
c.amazon-adsystem.com/aax2/ Frame AA41
249 KB
61 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 15:59:34 GMT
content-encoding
gzip
via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront), 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Thu, 14 Sep 2023 19:03:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
2974
x-amz-server-side-encryption
AES256
etag
W/"c48a6ec54d501e77b70ec98cc7bfa1a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
6eM-e_02a8MM60LSVif1voY9qyDTbnfmJZ3bpJrk2y-IUxpSmUtl7g==
stn_trk.gif
s2l.sendtonews.com/
26 B
187 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=857196&version=7.23.0-A&age=230915&cmd=PRE_INIT&key=dtKKcuXb&seq=1&order=1&vIndex=0&absoluteTime=2084.2&relativeTime=0.3&canonical=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.28.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-28-246.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/
34 KB
6 KB
Fetch
General
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=OUuBIMfN8VCDtB3X&instance=857196&version=7.23.0-A&age=230915&ESG_key=dtKKcuXb&type=FULL&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-85.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
6b1e0c4d01987438c823ddada5028966cbb63bdbd65e1558304a9eb985c96136

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
gzip
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
FRA56-P7
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
alt-svc
h3=":443"; ma=86400
content-length
5707
x-amz-cf-id
pmFkR4TXQRAwUfztFifadakf98Wc7vWZFtmWYBUrwJ6-lXE1EwOssQ==
expires
Fri, 15 Sep 2023 16:49:09 GMT
js
www.googletagmanager.com/gtag/
287 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1KSYYTLTZT&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4bfbb6172286a6ab9314504a55dcd79217e35cc1c7319615a8995577af4c8a57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96926
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Sep 2023 16:49:08 GMT
/
www.telegraphherald.com/tncms/access/user/
736 B
993 B
XHR
General
Full URL
https://www.telegraphherald.com/tncms/access/user/
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/shared-content/art/tncms/api/access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
6aa2b1d1d1ee8541c2b2c169b34728afb06a08ca39e5f2d5a4ed145636440eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-TNCMS-Access-User
anonymous
Referer
https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
content-length
395
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
x-vcache
MISS
x-frame-options
SAMEORIGIN
vary
X-TNCMS-Access-User, X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://admin-newyork1.bloxcms.com
x-tncms
1.71.0; app18; 0.02s; 1M
cache-control
private, max-age=3600, must-revalidate
accept-ranges
bytes
x-robots-tag
noarchive
access-control-allow-headers
X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User
truncated
/
75 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
v2
id5-sync.com/gm/
276 B
844 B
XHR
General
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
685b6cce93fd4204c04645ec0077e93ba23660ebdb0cef27172ad9eee5664201
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.telegraphherald.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
64f8e299a8a86.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/3/d9/3d97e5c6-f555-55df-ac67-dfb20109ff8b/
11 KB
12 KB
Image
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/3/d9/3d97e5c6-f555-55df-ac67-dfb20109ff8b/64f8e299a8a86.image.jpg?resize=200%2C305
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c57a5c8635e32219c8cffb12844c6b620b036730aa16a900e4d340ed7aa43cc
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=11774
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="64f8e299a8a86.webp"
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Sep 2023 20:35:39 GMT
server
cloudflare
x-vcache
MISS
etag
"afc548d494d50bac9b637743539620d7"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
80725c79be282c7e-FRA
expires
Sat, 14 Sep 2024 06:07:03 GMT
64f78a5fe1599.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/c/34/c34ec588-4c27-11ee-a9a5-c7be81bce776/
7 KB
8 KB
Image
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/c/34/c34ec588-4c27-11ee-a9a5-c7be81bce776/64f78a5fe1599.image.jpg?resize=200%2C217
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c2d938226572319f1888ae1b0be2bad23d9dce1431180fcb5bf3f542fa4db56
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=7611, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
7518
cf-bgj
imgq:85,h2pri
last-modified
Tue, 05 Sep 2023 20:06:57 GMT
server
cloudflare
x-vcache
MISS
etag
"ff5ae13df472b50ca603155dafb36bd1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
80725c79be2a2c7e-FRA
expires
Wed, 04 Sep 2024 23:45:53 GMT
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/
3 KB
1 KB
Fetch
General
Full URL
https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc5c9d805c7cc14cbb1c2e1b3d9c7714e97176a0634ca2542a721aa6f87a350e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
UnK3Jzx82VjmkmXiPXCq1ZNpqTk7dOLW
content-encoding
gzip
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
date
Fri, 15 Sep 2023 14:40:02 GMT
x-amz-cf-pop
FRA6-C1
age
7747
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 29 Aug 2023 20:45:09 GMT
server
AmazonS3
etag
W/"bce4f760852ffc7e53a6ecc84f0a6d9b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
gQWvF9EZjSqrTq860AA3H9-BrxOPiYj2NJY0LrSsY17YYQQmsaVagg==
/
www.facebook.com/tr/ Frame 4EF7
0
78 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.telegraphherald.com
Referer
https://www.telegraphherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.telegraphherald.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 15 Sep 2023 16:49:08 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.telegraphherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:18:21 GMT
x-content-type-options
nosniff
age
81047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18628
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:36:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Sep 2024 18:18:21 GMT
64f8e299a8a86.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/3/d9/3d97e5c6-f555-55df-ac67-dfb20109ff8b/
3 KB
4 KB
Image
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/3/d9/3d97e5c6-f555-55df-ac67-dfb20109ff8b/64f8e299a8a86.image.jpg?crop=332%2C189%2C0%2C159&resize=150%2C85&order=crop%2Cresize
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30047215b0ae630d9b377ce7ed9c1568233256fc6d7c3dcc729d0de52a445af0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=4133
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="64f8e299a8a86.webp"
content-length
3578
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Sep 2023 20:35:39 GMT
server
cloudflare
x-vcache
MISS
etag
"7d7e567bc435a7552aaca86ec91f11ee"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
80725c7a4eda2c7e-FRA
expires
Sat, 14 Sep 2024 16:48:58 GMT
64f78a5fe1599.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/c/34/c34ec588-4c27-11ee-a9a5-c7be81bce776/
4 KB
4 KB
Image
General
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/c/34/c34ec588-4c27-11ee-a9a5-c7be81bce776/64f78a5fe1599.image.jpg?crop=999%2C564%2C0%2C259&resize=200%2C113&order=crop%2Cresize
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
516aac25ecedde23191fb756dc1175e4d43ff19efa51f4fd474bce6e560bee59
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=4174
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="64f78a5fe1599.webp"
content-length
3698
cf-bgj
imgq:85,h2pri
last-modified
Tue, 05 Sep 2023 20:06:57 GMT
server
cloudflare
x-vcache
MISS
etag
"30c96f1c0c495d7568847d22c6e098eb"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
80725c7a4edc2c7e-FRA
expires
Sat, 14 Sep 2024 02:00:33 GMT
/
www.telegraphherald.com/tncms/access/meter/
419 B
790 B
Fetch
General
Full URL
https://www.telegraphherald.com/tncms/access/meter/
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/shared-content/art/tncms/api/access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
0e48f0d912bb3db0ba23630fc04fe4c07393b4efe3227b49dc1314a661b0287c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
content-length
259
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
x-vcache
MISS
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
x-tncms
1.71.0; app18; 0.01s; 0.9M
cache-control
private, no-cache, no-store, max-age=0
vary
X-IPCountry, Accept-Encoding
x-robots-tag
noarchive
access-control-allow-headers
X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User
css
fonts.googleapis.com/ Frame 1526
2 KB
542 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Muli:400,700
Requested by
Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09430f3620f6c275e8b1549a197d320593921568230a827421e64ad31c2b9041
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 16:35:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Sep 2023 16:49:08 GMT
/
trends.revcontent.com/api/demand/
54 B
320 B
Fetch
General
Full URL
https://trends.revcontent.com/api/demand/?w=273646&us_privacy=1YYN
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.241.108.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-108-134.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-rc-region
eu-west-1c
date
Fri, 15 Sep 2023 16:49:08 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.telegraphherald.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
content-length
54
sync
trends.revcontent.com/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/sync?us_privacy=1YYN
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.241.108.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-108-134.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-rc-region
eu-west-1c
access-control-allow-origin
https://www.telegraphherald.com
date
Fri, 15 Sep 2023 16:49:08 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
ajs-destination.bundle.0f003b5e4b03680982b4.js
cdn.segment.com/analytics-next/bundles/
9 KB
3 KB
Script
General
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.0f003b5e4b03680982b4.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 01:33:37 GMT
x-amz-version-id
_H9yZPSmslU0Ha7Pi0hl0RDILCgEno6Z
content-encoding
br
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
5757332
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 11 Jul 2023 00:08:20 GMT
server
AmazonS3
etag
W/"5c08e208387787e375df16faad0e6cd2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
_eIXmiQ4do4WcS4yzs5sSYMQvC-uJMMOe3e3Gw-TjCvRa76VUGCqiw==
www-widgetapi.js
www.youtube.com/s/player/afd1b6e5/www-widgetapi.vflset/
209 KB
65 KB
Script
General
Full URL
https://www.youtube.com/s/player/afd1b6e5/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
200d2ad791858632f23e69eb768c5dd5bb8686158b5350c21f6237fc295b73ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:45:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
213
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65996
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 20:30:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 14 Sep 2024 16:45:35 GMT
/
id.sv.rkdms.com/identity/
2 B
173 B
XHR
General
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.telegraphherald.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.232.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-232-229.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.telegraphherald.com
date
Fri, 15 Sep 2023 16:49:08 GMT
access-control-allow-credentials
true
server
nginx/1.24.0
content-length
2
vary
Origin
content-type
application/json
identity
api.rlcdn.com/api/
44 B
357 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.telegraphherald.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/
63 B
396 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
f6834d2fcad7f7350612d2ab661502632e8cec741537b94ee67812c7298ec675

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.telegraphherald.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sun, 15 Oct 2023 16:49:08 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame AA41
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
date
Fri, 15 Sep 2023 05:33:42 GMT
x-amz-cf-pop
FRA2-C1
age
40527
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ARUHNxolwWpkGOpNyhmf8prjV3PwNhdKM3so27Dwv38tcq0N_l-qjg==
bridge3.589.0_en.html
imasdk.googleapis.com/js/core/ Frame 174A
722 KB
232 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ea746bcaeb49d78462db0b0740de88e2f00bf5f492e14e65a5e811b45ee0220
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegraphherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
120836
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236935
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 07:15:12 GMT
expires
Fri, 13 Sep 2024 07:15:12 GMT
last-modified
Tue, 12 Sep 2023 02:58:09 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 16:49:08 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9FB7
40 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 15 Sep 2023 17:22:16 GMT
6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
config.aps.amazon-adsystem.com/configs/ Frame AA41
537 B
801 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-30.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
1856d9b5b6bab37b309b28fe14f3de828d2997daa7e80b31da276ff234c3a8f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:37:05 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
723
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
G1jvgLCkl1aw8e2_to6y8azYYckCnT2vy8JSc17NEzBopiTFtFTMuA==
config
c.amazon-adsystem.com/cdn/prod/ Frame AA41
1 KB
1 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.telegraphherald.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
7d14d434794d4b7d3ec2cd2a97263773a8dd35b8da5302fe99d3dfb604c6fb91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 15:45:40 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
3807
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.telegraphherald.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1110
x-amz-cf-id
xjrBWD009b1kPCYR2676YmYOEL02dNof-bHTiaHyUSF6TcKjOn4NVA==
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=214857196&version=7.23.0-A&age=230915&cmd=GET&key=dtKKcuXb&c_id=13403&seq=1&order=2&vIndex=0&absoluteTime=2572.7&relativeTime=488.8&canonical=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&playerCfg=FP&playerType=FULL&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.28.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-28-246.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
0.js
player.sendtonews.com/bidderFiles/
5 KB
2 KB
Script
General
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-11.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba005884302c65983e86c49afd2e6bf0d3ca60166c861ee2888d716ceed13e02

Request headers

Referer
https://embed.sendtonews.com/
Origin
https://www.telegraphherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
UQ7kWi2taw0bordMiyKDP_I_ByXqD8Mm
content-encoding
br
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront), 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
date
Fri, 15 Sep 2023 03:43:36 GMT
x-amz-cf-pop
FRA56-P7, FRA2-C2
age
47137
x-cache
Hit from cloudfront
last-modified
Thu, 07 Sep 2023 23:03:22 GMT
server
AmazonS3
etag
W/"25b745fa0d93d47bf009a28d8bcdf8d6"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id
aoYxL-VqZIHWtGDlnJ2klo-OdbO1oVSpmnGmh8nbjz0xYKGRHzn7AA==
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/
125 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.telegraphherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:56:40 GMT
x-content-type-options
nosniff
age
283948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Sep 2024 09:56:40 GMT
cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/
28 KB
28 KB
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-128.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d25b6f68b62ccf7af555bfafedb3d5a4764a5563ca6f13f5492593bc42091555

Request headers

Referer
https://www.telegraphherald.com/
Origin
https://www.telegraphherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:58:47 GMT
via
1.1 7547a9346c879171aa25dbfdda694b20.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C3
age
42621
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
28378
last-modified
Fri, 15 Sep 2023 04:50:05 GMT
server
AmazonS3
etag
"1be2c645ae824059733921f72445310a"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
bIiI8bd5Aq4NO5ysg7-sHgrV9p21Md3FhPSlnogfvlegfJQUCz9bxw==
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=214857196&version=7.23.0-A&age=230915&cmd=RTP&key=dtKKcuXb&c_id=13403&seq=1&order=3&vIndex=0&absoluteTime=2595.7&relativeTime=511.8&sC_ID=4711&sm_id=3000503&load=1&status=LVFNSNIY&ac_id=2008&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&playerCfg=FP&playerType=FULL&DS=found
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.28.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-28-246.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
0n08o08on1s95660r3072825o1nq9p2nplaylist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/
291 B
871 B
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/0n08o08on1s95660r3072825o1nq9p2nplaylist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-128.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f84986cd37501551e51910f93ed011a5a0ca71eadd20b3618796212a89023fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:58:47 GMT
via
1.1 7547a9346c879171aa25dbfdda694b20.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C3
age
42622
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Fri, 15 Sep 2023 04:51:24 GMT
server
AmazonS3
etag
"7efdd61158e4e6c637db35b61a6eface"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
MzqIQe-T_mNkXzwV_KJ9LnogyFd5aHBe68xM_SKPyxvQt--rww1x5A==
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=214857196&version=7.23.0-A&age=230915&cmd=IMA&key=dtKKcuXb&c_id=13403&seq=1&order=4&vIndex=0&absoluteTime=2614.7&relativeTime=530.8&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&playerCfg=FP&recoveryMethod=NONE&imaVersion=3.589.0&blocked=false&recovered=false&hasAdParams=true
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.28.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-28-246.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
ads
pubads.g.doubleclick.net/gampad/
2 KB
2 KB
Fetch
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C55274853%2Ftelegraphherald-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2631244&vid=3000503&us_privacy=1YYN&cust_params=sessionKey%3D214857196-OUuBIMfN8VCDtB3X%26schain%3Dstnvideo.com%2CSTN_0004186%26content%3D4711%26placementType%3DPremium%26embed%3DdtKKcuXb%26domain%3Dtelegraphherald.com%26player_size%3Dsmall%26player_width%3D930%26player_height%3D523%26player_type%3Dfull%26version%3D7.23.0-A%26player_status%3DLVFNSNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00014%26rand%3D2%26uhr%3D18%26iris_id%3Diris_b2771a5f53336ec9%26iris_context%3Dic_5619313%2Cic_3332335%2Cic_9233810%2Cic_0858141%2Cic_3003652%2Cic_1295502%2Cic_2291553%2Cic_3572470%2Cic_6703731%2Cic_2407074%2Cic_8328276%2Cic_1543298%2Cic_0344266%2Cic_5043113%2Cic_3890383%2Cic_8555203%26us_privacy%3D1YYN%26keywchk%3Dok
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8df152316fe36d7897ebcd8b3e5d7930811c1907a80342cab545bb68bd023923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1024
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ospro135q92r5ns5o7n8s680582q8074base.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/
694 B
1 KB
TextTrack
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ospro135q92r5ns5o7n8s680582q8074base.en.vtt
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-128.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4369dba0d40345e88549c3e75afc75ab9b2b7eae4c5723f926d5910e9d87de87

Request headers

Referer
https://www.telegraphherald.com/
Origin
https://www.telegraphherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:58:47 GMT
via
1.1 7547a9346c879171aa25dbfdda694b20.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C3
age
42622
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
694
last-modified
Fri, 15 Sep 2023 04:52:23 GMT
server
AmazonS3
etag
"7d32e8fcc30cb98840564a94dbbb840b"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
7W9lJIylcdCpd5CwSgLQ8c3Y7v9_ajLvZVfhmCszPiSqKqdGHTi37Q==
0n08o08on1s95660r3072825o1nq9p2n.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/
324 B
902 B
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/0n08o08on1s95660r3072825o1nq9p2n.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-128.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dcf66f5ef082d7fd5259bc85352f7ce595fa2bf76fd51c2aec0ff6cb91db43c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:58:48 GMT
via
1.1 7547a9346c879171aa25dbfdda694b20.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C3
age
42621
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
324
last-modified
Fri, 15 Sep 2023 04:51:32 GMT
server
AmazonS3
etag
"e0caac5bdf0e177c69940dfe9e392727"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
JXVyRes1y3-pDeImkIqjOIEILb35zQooiVxVxdkS9Mxk7baW_dNqmA==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame AA41
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.32.87 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-32-87.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 15 Sep 2023 17:04:08 GMT
ima.js
cdn-ima.33across.com/ Frame AA41
24 KB
8 KB
Script
General
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e102f8fcda630190f1eaccad78339089dbdc4de850ac6bca7bd057db23d36e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 04 Aug 2023 18:38:36 GMT
server
cloudflare
age
87272
etag
W/"64cd45ac-60bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
80725c7d4c904522-TXL
expires
Mon, 18 Sep 2023 16:49:08 GMT
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/
2 KB
1 KB
Script
General
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 00:10:37 GMT
x-amz-version-id
MniMHHUYFjJc54scO3EWeBryCREtRHVz
content-encoding
br
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
14056712
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 06 Apr 2023 00:06:35 GMT
server
AmazonS3
etag
W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
dN6ojHaaELzt9ibniVbv33auwZGWtBAofZJWqfd3wB1p48_C9ZVeoQ==
/
trends.revcontent.com/api/delivery/
27 KB
15 KB
Fetch
General
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=273646&width=1600&us_privacy=1YYN&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&icr_url=&va=0&time=1694796548697&up=pc&bn=chrome&bv=117&widget_width=1306&style_id=0&an=false
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.241.108.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-108-134.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
1f5ea6a05d7b542f9e8517ee2ac65ab31e97a46aac3205aab1950acb713527bd
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-rc-region
eu-west-1c
date
Fri, 15 Sep 2023 16:49:08 GMT
strict-transport-security
max-age=931536000; includeSubDomains
content-encoding
gzip
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.telegraphherald.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
25
0n08o08on1s95660r3072825o1nq9p2n-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/
417 KB
419 KB
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/0n08o08on1s95660r3072825o1nq9p2n-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-128.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90e730b1fa0b9e32904fe429040d0be24a9f4dd191bdf1f74e5d39aa9e96cde2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:58:49 GMT
via
1.1 7547a9346c879171aa25dbfdda694b20.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C3
age
42620
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
427512
last-modified
Fri, 15 Sep 2023 04:51:32 GMT
server
AmazonS3
etag
"e618e031f607c5e5223ac92eac7e0b19"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
Qm8GQ9b7rs_1S5efOQXi2XLdhW2PlnBm90ncXiWJ3asP60xs_p6bxA==
recirculation.php
events.newsroom.bi/
12 B
724 B
XHR
General
Full URL
https://events.newsroom.bi/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy01.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.telegraphherald.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
rfv.php
compassdata.mrf.io/
27 B
479 B
XHR
General
Full URL
https://compassdata.mrf.io/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy05.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryQBcam6o7KjT1DvdA

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.telegraphherald.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
42
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.telegraphherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.telegraphherald.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 15 Sep 2023 16:49:08 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame AA41
184 B
481 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
58c232050c86885f1e4b27d778b2b66dfafaabe31212da2f01fd2b1fa00b28b5

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.129.0
Content-Type
application/json
access-control-allow-origin
https://www.telegraphherald.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
hb
hb.undertone.com/ Frame AA41
0
525 B
XHR
General
Full URL
https://hb.undertone.com/hb?pid=3590&domain=telegraphherald.com&ccpa=1YYN
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-35.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:08 GMT
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.telegraphherald.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
_QS3pyoJKIay7_e983U9eGAXY-zCJYJe-af9IgeyxfIQizDnjNMTAg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame AA41
138 B
710 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c5d5c4a03ef7b700744c0731c75469e307490817ae7a1f6f0c93b1fec08377e5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:08 GMT
an-x-request-uuid
cb93414f-df34-40ac-a3f1-76df4a12e209
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.215.132; 217.114.215.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame AA41
0
171 B
XHR
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.telegraphherald.com
pragma
no-cache
date
Fri, 15 Sep 2023 16:49:08 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame AA41
36 B
558 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=438214
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71019477e8e8312ac2b5e5558fafb61f28dd238a278eb400c98d03278783ac6

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpHISnzqaVInSDy0tuAxCWhRV%2B0ZLBLCSHLiwFnNyVn9WXpWK73%2BYtknW5DDI3pQ8S6Nk5u0%2FPfLRpVbVS0TsXdTSMHB%2FXTj%2FKtrTyCRPx7fnuoXLW0f9Jc%2Bz3OGw8H1VHEVed7k"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80725c7e6f6c44fe-TXL
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
auction
tlx.3lift.com/header/ Frame AA41
19 B
549 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&tmax=3000&us_privacy=1YYN
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.58.45.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-45-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:08 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status
16
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ Frame AA41
0
119 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.telegraphherald.com
date
Fri, 15 Sep 2023 16:49:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
aax.amazon-adsystem.com/e/dtb/ Frame AA41
23 B
469 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&pid=AWEkIU4c5RdAk&cb=0&ws=1600x1200&v=23.829.1852&t=2000&slots=%5B%7B%22kv%22%3A%7B%22irisid%22%3A%22iris_b2771a5f53336ec9%22%7D%2C%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!stnvideo.com%2CSTN_0004186%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
XD20390XTF2X1PG6CJCN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.telegraphherald.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
tSrsNP5WRX889w80whnWDF3N6wYzMyy-patjrEBQ87Wc4Wp5wVHW_Q==
envelope
lexicon.33across.com/v1/ Frame AA41
0
0

ingest.php
events.newsroom.bi/
2 B
788 B
Ping
General
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy01.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.telegraphherald.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
61
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
/
www.telegraphherald.com/tncms/dmp/segment_audiences/
80 B
525 B
Fetch
General
Full URL
https://www.telegraphherald.com/tncms/dmp/segment_audiences/?anonymous_id=d211a82a-067a-492c-a945-c9ddc970d327
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
313f39f8b90f51fd04e2708370e21674be8444df480db62d87382f85ad4e77cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
X-Requested-Feature
geoip
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
content-length
85
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 15 Sep 2023 16:49:08 GMT
x-vcache
MISS
etag
W/de410bf82e3d4a75bb273aecdd45e609
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=UTF-8
x-tncms
1.71.0; app19; 0.31s; 1M
cache-control
public, max-age=300
accept-ranges
bytes
x-robots-tag
noarchive
/
www.telegraphherald.com/tncms/dmp/segment_audiences/
80 B
524 B
Fetch
General
Full URL
https://www.telegraphherald.com/tncms/dmp/segment_audiences/?anonymous_id=d211a82a-067a-492c-a945-c9ddc970d327
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
313f39f8b90f51fd04e2708370e21674be8444df480db62d87382f85ad4e77cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
X-Requested-Feature
geoip
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
content-length
85
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 15 Sep 2023 16:49:08 GMT
x-vcache
HIT
etag
W/de410bf82e3d4a75bb273aecdd45e609
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=UTF-8
x-tncms
1.71.0; app19; 0.31s; 1M
cache-control
public, max-age=300
accept-ranges
bytes
x-robots-tag
noarchive
impression
trends.revcontent.com/event/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.241.108.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-108-134.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region
eu-west-1c
date
Fri, 15 Sep 2023 16:49:08 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
access-control-allow-origin
https://www.telegraphherald.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
css2
fonts.googleapis.com/
5 KB
694 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7fd7424a4c35368a1f74b59332c21ad08e4570bf827d921c0af2dda5cec60bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 16:43:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Sep 2023 16:49:08 GMT
defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/
30 KB
8 KB
Script
General
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
5480b146acd3834e1ae343058731a655cb7d708e01727c910052e645b98ece3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
gzip
last-modified
Tue, 29 Aug 2023 18:58:37 GMT
server
AmazonS3
x-amz-request-id
NR9QQ56BZRE4KFFF
etag
"36936ca54bdfacb78b91268c99a7c8a0"
x-amz-server-side-encryption
AES256
x-hw
1694796548.cds286.fr8.hn,1694796548.cds154.fr8.c
content-type
text/javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
8353
x-amz-id-2
F8ffZmVhCqX6VOdQlv3/TZEMt5taaCRmOTQ3l2AkhDUVYbv9sT22K9YEqD6iSZWaDMyjkPIZY+c=
defaultWidget.delivery.js
assets.revcontent.com/master/
18 KB
7 KB
Script
General
Full URL
https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
68cf129e93209a063b51097aa1b40c2a4149ba79a99f7e6d4d485623fe535b9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
gzip
last-modified
Tue, 29 Aug 2023 18:58:37 GMT
server
AmazonS3
x-amz-request-id
2077NNB2F05VMEKB
etag
"ac82eecb05f5ff2b22ce8c6902242989"
x-amz-server-side-encryption
AES256
x-hw
1694796548.cds286.fr8.hn,1694796548.cds280.fr8.c
content-type
text/javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
6452
x-amz-id-2
KoKQxIPhPPpK4vceSziDKF9rYizwveprgVkAGpIE2RkemayvhpbZ7zZuPgXn/FQddlIkNCZuW+Y=
commonModal.delivery.js
assets.revcontent.com/master/
3 KB
2 KB
Script
General
Full URL
https://assets.revcontent.com/master/commonModal.delivery.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
f2153bde5c6d6551519feebc9ee20ad074dc4ed6baa1f0d483792fc03a7c24dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
content-encoding
gzip
last-modified
Tue, 29 Aug 2023 18:58:36 GMT
server
AmazonS3
x-amz-request-id
W6BGS8T1VXWQKF9R
etag
"7916ca1cce66f75b7ad11bb917bc1cfb"
x-amz-server-side-encryption
AES256
x-hw
1694796548.cds286.fr8.hn,1694796548.cds204.fr8.c
content-type
text/javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
1666
x-amz-id-2
3B0VP+i3o+944LdwuiLdeLgX9xxlhnyTY6NDjXgZdCqepAwVttbzz8TNGxhLjCe8znNtErJqbkM=
/
img.revcontent.com/
1 KB
1 KB
Image
General
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
last-modified
Thu, 02 Jun 2022 15:22:42 GMT
etag
"1654183362"
x-hw
1694796548.cds334.fr8.hn,1694796548.cds272.fr8.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1351
multimedia.php
events.newsroom.bi/
12 B
0
Fetch
General
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/764f46ed0012a3900512.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy01.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Sep 2023 16:49:08 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.telegraphherald.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
p
api.segment.io/v1/
21 B
180 B
Fetch
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-35-184.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.telegraphherald.com
date
Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJWBF3J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Sep 2023 15:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3565
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 15 Sep 2023 17:49:43 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1329802374&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ul=en-us&de=UTF-8&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25%25&el=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&_u=aGDAAUABAAQCAGAAIAB~&jid=&gjid=&cid=288697255.1694796548&tid=UA-1002501-1&_gid=488461565.1694796548&gtm=45He39d0n81KJWBF3J&z=487315241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 18:33:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
80162
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
rc-logo.png
cdn.revcontent.com/assets/img/
2 KB
2 KB
Image
General
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
last-modified
Thu, 01 Jun 2023 15:43:57 GMT
etag
"1685634237"
x-hw
1694796549.cds320.fr8.hn,1694796549.cds337.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=7
accept-ranges
bytes
content-length
2091
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=214857196&version=7.23.0-A&age=230915&ldt=BIDS&key=dtKKcuXb&c_id=13403&seq=1&order=5&vIndex=0&absoluteTime=3121.3&relativeTime=1037.4&sm_id=3000503&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=4711&load=1&status=LVFNLNIY&ac_id=2008&bidIndex=1&prebid.cid=0&prebid.bidders.rubicon.time=185.2&prebid.bidders.undertone.time=223.1&prebid.bidders.appnexus.time=143.2&prebid.bidders.unruly.time=232&prebid.bidders.ix.time=216&prebid.bidders.triplelift.time=210.6&prebid.bidders.pubmatic.time=163.1&prebid.start=2876.8&prebid.time=243.6&prebid.timeout=3000&adIndex=-1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.28.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-28-246.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
0n08o08on1s95660r3072825o1nq9p2n.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/
326 B
903 B
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/0n08o08on1s95660r3072825o1nq9p2n.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-128.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4455371fc3773f5c1738b4aabd050eeb99bfb4c6278698a5e6f2fa3b99ebf43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:58:50 GMT
via
1.1 7547a9346c879171aa25dbfdda694b20.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C3
age
42620
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
326
last-modified
Fri, 15 Sep 2023 04:51:32 GMT
server
AmazonS3
etag
"dacaae32767109092a002ecaffbfcb25"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
oUpc7qd993eprynaUs0AmkrZ5fffz5btRNdQGvkWBDtHVPKAp1nMDQ==
64f9a5bb888212-37359274.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
21 KB
22 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/64f9a5bb888212-37359274.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
d1a2da045d78c4ed73d71581e1607e7ea958d598ff919dfb7fb72d53fb18b43e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-fastly;mitm=po;dur=357;cpu=0;start=2023-09-07T12:23:44.357Z;desc=miss,rtt;dur=0,content-info;desc="width=420,height=315,owidth=1000,oheight=600,obytes=1425416",cloudinary;dur=256;start=2023-09-07T12:23:44.411Z,cld-id;desc=1f488e604c264b9b64cfdce2349bbed6
content-length
21668
x-request-id
1f488e604c264b9b64cfdce2349bbed6
last-modified
Thu, 07 Sep 2023 12:23:38 GMT
server
Cloudinary
etag
"bf2c86c633d37454e6b075514d4799e2"
x-hw
1694796549.cds227.fr8.hn,1694796549.cds219.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
5c96ca4a23d4b6ac9d3ed86aed32085a.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
17 KB
18 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/5c96ca4a23d4b6ac9d3ed86aed32085a.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
98bd2a42c83491e583293867e9e89e789573302e9df065122643d8cef9d83116
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=490;start=2023-07-16T20:41:38.765Z;desc=miss,rtt;dur=1;cloudinary;dur=17;start=2023-07-16T20:41:39.098Z
content-length
17667
last-modified
Sun, 16 Jul 2023 20:41:37 GMT
server
cloudflare
etag
"47be6e1fdf49e4a464e26cc6705de8f2"
x-hw
1694796549.cds227.fr8.hn,1694796549.cds252.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
cf-ray
7e7d11314a7a1e5a-FRA
timing-allow-origin
*
1d5be089949e2d65349836b0106b764c.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
18 KB
18 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/1d5be089949e2d65349836b0106b764c.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
dbb6d7e8adfe681502d6023f30e242ed75cafca1ecd356ffffb4ac7de1b3d360
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=133;start=2023-09-04T04:22:25.053Z;desc=miss,rtt;dur=1,content-info;desc="width=420,height=315,owidth=600,oheight=400,obytes=471047;";cloudinary;dur=28;start=2023-09-04T04:22:25.113Z
content-length
18054
last-modified
Mon, 04 Sep 2023 04:22:07 GMT
server
cloudflare
etag
"fabe4160f1be2a9a5dbc340cd2ebe902"
x-hw
1694796549.cds227.fr8.hn,1694796549.cds203.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
cf-ray
801373868efc18ff-FRA
timing-allow-origin
*
6cb956d9f6145d45ea0264fdc8b1cb04.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
17 KB
17 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/6cb956d9f6145d45ea0264fdc8b1cb04.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
f1344d269f3c1728ddfd5278601c670241faaee7a16095228b5624cbadffc6ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=1241;start=2023-09-13T08:45:23.560Z;desc=miss,rtt;dur=1,content-info;desc="width=420,height=315,bytes=17002,owidth=867,oheight=648,obytes=481927;";cloudinary;dur=1128;start=2023-09-13T08:45:23.618Z,cld-id;desc=2c31d566156dcb4e12bc2f90f2878f16
content-length
17002
x-request-id
2c31d566156dcb4e12bc2f90f2878f16
last-modified
Wed, 13 Sep 2023 08:45:25 GMT
server
cloudflare
etag
"79cc5a956d081d6d5e79e1b464786350"
x-hw
1694796549.cds227.fr8.hn,1694796549.cds201.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
cf-ray
805f1d1e3e57690f-FRA
timing-allow-origin
*
c8162845e6860df4bb56954b5fec837b.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
18 KB
18 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/c8162845e6860df4bb56954b5fec837b.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
2b511d3f44c895e063c6aa0f6829d2809af3ee9ec13ddc514ea8d1e6d9fecece
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-fastly;mitm=po;dur=319;cpu=0;start=2023-09-13T08:45:42.263Z;desc=miss,rtt;dur=0,content-info;desc="width=420,height=315,bytes=18289,owidth=474,oheight=367,obytes=34799",cloudinary;dur=223;start=2023-09-13T08:45:42.314Z,cld-id;desc=6ccdfc62490b7edce01dd82a17aaea13
content-length
18289
x-request-id
6ccdfc62490b7edce01dd82a17aaea13
last-modified
Wed, 13 Sep 2023 08:45:33 GMT
server
Cloudinary
etag
"925cf6ff9b785264dbcc314f969e6e31"
x-hw
1694796549.cds227.fr8.hn,1694796549.cds341.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
80f3a132b2a9502092a4625be5613017.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
20 KB
20 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/80f3a132b2a9502092a4625be5613017.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
f6a8e74bed77ce6685a87979a1a6fa75deac0194b365e9958361124cd8b88cf1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-fastly;mitm=po;dur=346;cpu=0;start=2023-09-13T08:45:32.865Z;desc=miss,rtt;dur=0,content-info;desc="width=420,height=315,bytes=20407,owidth=1024,oheight=682,obytes=124365",cloudinary;dur=243;start=2023-09-13T08:45:32.918Z,cld-id;desc=920f241c80309bfa19ac989615e31bdb
content-length
20407
x-request-id
920f241c80309bfa19ac989615e31bdb
last-modified
Wed, 13 Sep 2023 08:45:33 GMT
server
Cloudinary
etag
"20ac84a6117b8893a0d43a611bcf70da"
x-hw
1694796549.cds227.fr8.hn,1694796549.cds164.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
9e95fb25a6941c30a7b49a5fb815b158.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
9 KB
10 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/9e95fb25a6941c30a7b49a5fb815b158.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
2e22d2b0c82ef8e52f4b8efab90fe97ce91f7bfc71ef520009000b43a7aedaf5
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=136;start=2023-09-13T08:46:20.618Z;desc=miss,rtt;dur=9,content-info;desc="width=420,height=315,bytes=9703,owidth=867,oheight=648,obytes=588644;";cloudinary;dur=20;start=2023-09-13T08:46:20.689Z
content-length
9703
last-modified
Wed, 13 Sep 2023 08:45:48 GMT
server
cloudflare
etag
"40c0b74e883ad9355a5dca555a7af26e"
x-hw
1694796549.cds227.fr8.hn,1694796549.cds259.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
cf-ray
805f1e82dfaeb357-PRG
timing-allow-origin
*
a5187246ad22103231a2a0d05336af91.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
15 KB
15 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/a5187246ad22103231a2a0d05336af91.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
b9a1492be256f52d3e6274e5fd8124d8c7a3cb6dd1de205cb1ce0fa64a031ca6
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Thu, 08 Jun 2023 15:39:27 GMT
server
Cloudinary
etag
"8bb9b05bf92b6d4db74c4a4145b182ef"
x-hw
1694796549.cds227.fr8.hn,1694796549.cds251.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
cld-fastly;mitm=po;dur=493;cpu=0;start=2023-09-04T09:12:06.189Z;desc=miss,rtt;dur=0,content-info;desc="width=420,height=315,owidth=432,oheight=316,obytes=204462",cloudinary;dur=137;start=2023-09-04T09:12:06.500Z
accept-ranges
bytes
timing-allow-origin
*
content-length
15421
61bc300dd86842bf1fb68f400aa0f3ae.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
10 KB
10 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/61bc300dd86842bf1fb68f400aa0f3ae.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
e3f50b0cae939f3b13520a85641d2e719dbe122ec0108f1cd19f061e056911e8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Sun, 16 Jul 2023 17:11:02 GMT
server
Cloudinary
etag
"2d168921a26c01586b2ad02e06ddb28b"
x-hw
1694796549.cds227.fr8.hn,1694796549.cds149.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
cld-fastly;mitm=po;dur=2;cpu=0;start=2023-07-16T17:12:44.295Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
10435
ads
pubads.g.doubleclick.net/gampad/ Frame 174A
156 B
143 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Ftelegraphherald-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214857196-OUuBIMfN8VCDtB3X%26schain%3Dstnvideo.com%2CSTN_0004186%26content%3D4711%26placementType%3DPremium%26embed%3DdtKKcuXb%26domain%3Dtelegraphherald.com%26player_size%3Dlarge%26player_width%3D930%26player_height%3D523%26player_type%3Dfull%26version%3D7.23.0-A%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D0%26excl_cat%3Dstl_id00014%26rand%3D14%26uhr%3D18%26iris_id%3Diris_b2771a5f53336ec9%26iris_context%3Dic_5619313%2Cic_3332335%2Cic_9233810%2Cic_0858141%2Cic_3003652%2Cic_1295502%2Cic_2291553%2Cic_3572470%2Cic_6703731%2Cic_2407074%2Cic_8328276%2Cic_1543298%2Cic_0344266%2Cic_5043113%2Cic_3890383%2Cic_8555203%26us_privacy%3D1YYN%26keywchk%3Dok&url=https%3A%2F%2Fwww.telegraphherald.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.62%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=250000&vrid=1263268&us_privacy=1YYN&hl=en&cmsid=2631244&vconp=2&video_doc_id=3000503&vpa=auto&vpmute=1&cnc=55274853&kfa=0&tfcd=0&sdkv=h.3.589.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=445&ptt=20&adk=130015200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.589.0&sid=50AD20B1-832D-4BFE-967F-4164195D1AEE&a3p=EhsKDDMzYWNyb3NzLmNvbRivifzNqTFIAFICCGQSGQoKdWlkYXBpLmNvbRiuifzNqTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJKP_M2pMUgAUgIIahIcCg1jcndkY250cmwubmV0GK-J_M2pMUgAUgIIZBIZCgpwdWJjaWQub3JnGIiM_M2pMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiuifzNqTFIAFICCGQSFwoIcnRiaG91c2UYqYz8zakxSABSAghqEhQKBW9wZW54GJKM_M2pMUgAUgIIbw..&nel=0&eid=44747319%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44800470&top=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&loc=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&dlt=1694796546318&idt=2377&dt=1694796549071&cookie_enabled=1&correlator=3048688646332941&scor=4385386030555922&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1944e3890dd35b5406683aa4776a7e76.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
17 KB
17 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/1944e3890dd35b5406683aa4776a7e76.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
2e85bef6daad2a4e58352f93881c671a125dbad6b1a787cf7afd31e28b97d278
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Thu, 20 Jul 2023 22:12:19 GMT
server
Cloudinary
etag
"3f7625d41d49463ebd62718360e82c41"
x-hw
1694796549.cds227.fr8.hn,1694796549.cds151.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
cld-fastly;mitm=po;dur=2;cpu=0;start=2023-07-20T22:12:26.959Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
17613
aac355d2f9a91d181fd5429c48fa06dd.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
17 KB
17 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/aac355d2f9a91d181fd5429c48fa06dd.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
a1877b0614160be67154a711c4e67bc314c75bd78f1bb83415512beffbd4e3fe
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Thu, 08 Jun 2023 15:28:07 GMT
server
Cloudinary
etag
"58aa9c2ea6c87926a16df41d7751af4f"
x-hw
1694796549.cds227.fr8.hn,1694796549.cds106.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
cld-fastly;mitm=po;dur=413;cpu=1;start=2023-06-22T16:18:53.064Z;desc=miss,rtt;dur=0,cloudinary;dur=52;start=2023-06-22T16:18:53.377Z
accept-ranges
bytes
timing-allow-origin
*
content-length
17638
646e42a24a57c8-25266498.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
15 KB
15 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/646e42a24a57c8-25266498.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
01549885139728f060cdd5891523659dcb934c9ddc7154bedf6bb195a4cd211c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Thu, 13 Jul 2023 08:17:00 GMT
server
Cloudinary
etag
"c6d4c3b9c4bd6160625ebbae65dd0fd6"
x-hw
1694796549.cds227.fr8.hn,1694796549.cds334.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
cld-fastly;mitm=po;dur=107;cpu=0;start=2023-07-13T08:17:05.256Z;desc=miss,rtt;dur=0,cloudinary;dur=14;start=2023-07-13T08:17:05.305Z
accept-ranges
bytes
timing-allow-origin
*
content-length
14948
/
www.telegraphherald.com/tncms/access/meter/
419 B
790 B
Fetch
General
Full URL
https://www.telegraphherald.com/tncms/access/meter/
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/shared-content/art/tncms/api/access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
ba8098c1b5a9e2fab5ad67b12da0b4a2337a9ed8e078edc71b5eada7fc615188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
content-length
259
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
x-vcache
MISS
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
x-tncms
1.71.0; app21; 0.01s; 0.9M
cache-control
private, no-cache, no-store, max-age=0
vary
X-IPCountry, Accept-Encoding
x-robots-tag
noarchive
access-control-allow-headers
X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1329802374&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&dp=%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ul=en-us&de=UTF-8&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=subscription&ea=free%20view&el=access%20first%20view&ev=1&_u=aGDAAUABAAQCAGAAIAB~&jid=&gjid=&cid=288697255.1694796548&tid=UA-1002501-1&_gid=488461565.1694796548&gtm=45He39d0n71PDQV3N&z=922465613
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 18:33:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
80163
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/
64 B
508 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&pid=rqa1hHB5C1fpK&cb=0&ws=1600x1200&v=23.829.1852&t=2000&slots=%5B%7B%22sd%22%3A%22tnt-smart-ad-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%2C%222x1%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-1009963%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-554570%22%2C%22s%22%3A%5B%22960x60%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-1009946%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-1009948%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-1009951%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-559358%22%2C%22s%22%3A%5B%22500x500%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%5D&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
MC6YT80YERJ87V6ZH68A
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.telegraphherald.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
focKwegArn2yPaZQCMfr3-tvYD0eFoIOuHxB8k00mcnmNVmJ5Zdm3w==
ads
securepubads.g.doubleclick.net/gampad/
216 KB
32 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4051752591592005&correlator=4265274489875514&eid=31077099%2C31077231%2C31070232%2C21065725&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fifs&us_privacy=1YYN&iu_parts=132916964%3A55274853%2Ctelegraphherald.com%2Cnews%2Ctri-state&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C300x250%7C2x1%2C1x1%2C960x60%2C300x250%2C300x250%2C300x250%7C300x600%2C500x500&fluid=height%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&didk=3056683171~3106112522~2002308561~3106112711~3106112709~3106112553~1954143341&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694796549370&lmt=1694577600&adxs=321%2C800%2C120%2C1180%2C1180%2C1180%2C150&adys=854%2C56%2C127%2C734%2C1004%2C1274%2C3990&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&vis=1&psz=930x1%7C1600x1%7C1360x60%7C300x250%7C300x250%7C300x250%7C1310x500&msz=930x0%7C1600x1%7C1360x60%7C300x250%7C300x250%7C300x250%7C1310x500&fws=4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=930%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=288697255.1694796548&ga_sid=1694796549&ga_hid=1329802374&ga_fc=true&ga_cid=488461565.1694796548&a3p=EhsKDDMzYWNyb3NzLmNvbRivifzNqTFIAFICCGQSGQoKdWlkYXBpLmNvbRiuifzNqTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJKP_M2pMUgAUgIIahIcCg1jcndkY250cmwubmV0GK-J_M2pMUgAUgIIZBIZCgpwdWJjaWQub3JnGIiM_M2pMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiuifzNqTFIAFICCGQSFwoIcnRiaG91c2UYqYz8zakxSABSAghqEhQKBW9wZW54GJKM_M2pMUgAUgIIbw..&dlt=1694796546318&idt=895&prev_scp=pos%3Dfixed_automatic_ad%2Cfixed_automatic_ad1%26amznbid%3D2%26amznp%3D2%7Cpos%3Dsticky-anchor%2CTHFlex-Footer-Anchor-Ad%2Cimpact-sticky-anchor%26amznbid%3D2%26amznp%3D2%7Cpos%3DTHFlex-Homepage-Slider%2CATF%26amznbid%3D2%26amznp%3D2%7Cpos%3Drectangle-one%26amznbid%3D2%26amznp%3D2%7Cpos%3Drectangle-two%26amznbid%3D2%26amznp%3D2%7Cpos%3Drectangle-three%26amznbid%3D2%26amznp%3D2%7Cpos%3DTHFlex-Sticky-Note%2CATF%26amznbid%3D2%26amznp%3D2&cust_params=browser%3DChrome%26asset_id%3D4802ccae-4e6f-11ee-a910-f3fbe99ea3ee%26k%3Dgrant-county-wis%252Ccassville-wis%26page%3Dasset%252Carticle%252Capp-editorial%26las%3Danonymous&adks=3578395192%2C1863230483%2C3697841261%2C2240819703%2C2240819705%2C2988551167%2C1850785976&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64fdfc6f5adaeb9dd4f850aec979b88c28075957f0e8937416795e3642d96aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33100
x-xss-protection
0
google-lineitem-id
6024601394,-2,-2,6362298122,6373692197,6361719787,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138392610027,-2,-2,138443369440,138444937542,138443371780,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c3c26716335cdc27f18d1712d8f7b57f7cab4330c7d84c4285740f598640065
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12070
x-xss-protection
0
container.html
49ccac6acb6fee62c890c019af555273.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A2F9
6 KB
3 KB
Document
General
Full URL
https://49ccac6acb6fee62c890c019af555273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegraphherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Sep 2023 16:49:09 GMT
expires
Sat, 14 Sep 2024 16:49:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
page-view
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.241.108.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-108-134.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.telegraphherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.telegraphherald.com
content-length
0
date
Fri, 15 Sep 2023 16:49:09 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
5
x-rc-region
eu-west-1c
widget-loaded
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.241.108.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-108-134.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.telegraphherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.telegraphherald.com
content-length
0
date
Fri, 15 Sep 2023 16:49:09 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
eu-west-1c
page-view
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.241.108.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-108-134.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
eu-west-1c
access-control-allow-origin
https://www.telegraphherald.com
date
Fri, 15 Sep 2023 16:49:09 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.241.108.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-108-134.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
eu-west-1c
access-control-allow-origin
https://www.telegraphherald.com
date
Fri, 15 Sep 2023 16:49:09 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
Origin
csi
csi.gstatic.com/ Frame 174A
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmku3ub2&c=6753155524736&slotId=3376577762368&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=214857196&version=7.23.0-A&age=230915&ldt=NO_IMP&key=dtKKcuXb&c_id=13403&seq=1&order=6&vIndex=0&absoluteTime=3534.3&relativeTime=1450.4&sm_id=3000503&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=4711&load=1&status=LVFNLNIY&ac_id=2008&adIndex=-1&DS=found
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.28.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-28-246.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
p
sb.scorecardresearch.com/ Frame AA41
43 B
300 B
Image
General
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1694796548488&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30067&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=3000503&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1694796549425&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=937&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&c8=&c9=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
J4SN2obOLh_Jv5cZaAI_kClB9XhTLzf8fO0OcjakjuuJViT_NY49nQ==
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=214857196&version=7.23.0-A&age=230915&cmd=INV&key=dtKKcuXb&c_id=13403&seq=1&order=7&vIndex=0&absoluteTime=3542.4&relativeTime=1458.5&alt=0&sC_ID=4711&sm_id=3000503&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&playerCfg=FP&playerType=FULL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.28.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-28-246.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=214857196&version=7.23.0-A&age=230915&cmd=PLAY&key=dtKKcuXb&c_id=13403&seq=1&order=8&vIndex=0&absoluteTime=3542.9&relativeTime=1459&alt=0&sC_ID=4711&sm_id=3000503&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&playerCfg=FP&playerType=FULL&pposition=float&floattype=s
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.28.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-28-246.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Sep 2023 16:49:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DAA3
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegraphherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5139
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Sep 2023 15:23:30 GMT
expires
Sat, 14 Sep 2024 15:23:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B1C0
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cf9fdae1e80d1d8105b1adb8f159dbacd4ccff2cf56dd186df25b9d086b5376e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kA2nQ6fhrs3D-9wABY7DIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.telegraphherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-kA2nQ6fhrs3D-9wABY7DIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Sep 2023 16:49:09 GMT
expires
Fri, 15 Sep 2023 16:49:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
pagead2.googlesyndication.com/bg/ Frame DAA3
37 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 09:37:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
25917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14603
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 09:37:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B1C0
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309120101&jk=4051752591592005&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame DAA3
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?n75J1Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csi
csi.gstatic.com/ Frame 174A
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmku3uwc&c=6753155524736&slotId=3376577762368&ghmsh_eids=44747319%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44800470
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recirculation.php
events.newsroom.bi/
12 B
724 B
XHR
General
Full URL
https://events.newsroom.bi/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy01.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Sep 2023 16:49:09 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.telegraphherald.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
recirculation.php
events.newsroom.bi/
12 B
724 B
XHR
General
Full URL
https://events.newsroom.bi/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy01.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Sep 2023 16:49:10 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.telegraphherald.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
b-e09f10f-34756dc3.js
tagan.adlightning.com/townnews/ Frame 1A4D
81 KB
31 KB
Script
General
Full URL
https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-60.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 07:16:44 GMT
content-encoding
gzip
via
1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
x-amz-version-id
vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop
MXP63-P4
age
3835947
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30930
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:26:34 GMT
server
AmazonS3
etag
"bd7974ac83b1adc649e5e24a01f74b12"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
zL7y7gKr1bHRi5MWvnlZ9OXqJYoBYvZ26DEQHh3_jtGugkIWzquvYA==
optin.js
embed.secondstreetapp.com/Scripts/dist/ Frame 1A4D
177 KB
52 KB
Script
General
Full URL
https://embed.secondstreetapp.com/Scripts/dist/optin.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d6f235c0ae26135f22383f4adf497677205319471b09ee53ab9d8b2b4a364fc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 16:49:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Sep 2023 15:34:46 GMT
Server
Microsoft-IIS/10.0
ETag
"02f227ec5e4d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-SS
106
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
52552
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A4D
182 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 16:49:10 GMT
b-e09f10f-34756dc3.js
tagan.adlightning.com/townnews/ Frame B982
81 KB
31 KB
Script
General
Full URL
https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-60.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 07:16:44 GMT
content-encoding
gzip
via
1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
x-amz-version-id
vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop
MXP63-P4
age
3835947
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30930
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:26:34 GMT
server
AmazonS3
etag
"bd7974ac83b1adc649e5e24a01f74b12"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
qCnLia8doUVRdRzlFLld23yrTElmMtc_a3Rc5dEc4DJ6F63auRTvJA==
541022182829069026
tpc.googlesyndication.com/simgad/ Frame B982
24 KB
24 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/541022182829069026
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d795b5d4b6e0c653d737ab44957ada4c5b302fce657a5c9ad74eb9e233a8be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 12:32:41 GMT
x-content-type-options
nosniff
age
101789
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24943
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 20:57:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Sep 2024 12:32:41 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame B982
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 21:00:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
71348
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Sep 2023 21:00:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame B982
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 15:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
5149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 15:23:21 GMT
l
www.google.com/ads/measurement/ Frame B982
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-0HSggm3pVE6aJbq8WC0vs9y3mOhNQBy0pV40fcIa2eDpGJI89i2heYpoL0uy0A51WAUU
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B982
182 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 16:49:10 GMT
b-e09f10f-34756dc3.js
tagan.adlightning.com/townnews/ Frame 7454
81 KB
31 KB
Script
General
Full URL
https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-60.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 07:16:44 GMT
content-encoding
gzip
via
1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
x-amz-version-id
vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop
MXP63-P4
age
3835947
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30930
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:26:34 GMT
server
AmazonS3
etag
"bd7974ac83b1adc649e5e24a01f74b12"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
-T-C6TWA-UqwRa3FFV3xLCjXwJt5dQY4rQWEZfW8cGMMXVIjDrwVGA==
4159524897651612409
tpc.googlesyndication.com/simgad/ Frame 7454
131 KB
131 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4159524897651612409
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a5058aa7e0090827fb2c2e9816c697909bc88d06cf6f8191e6333e053a16ce6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 19:43:50 GMT
x-content-type-options
nosniff
age
335120
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133742
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 21:50:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Sep 2024 19:43:50 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 7454
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 21:00:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
71348
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Sep 2023 21:00:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 7454
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 15:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
5149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 15:23:21 GMT
l
www.google.com/ads/measurement/ Frame 7454
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTmy7nxLu02QCQz0-lhSiB81n5lF3ADnqYmEiydxRaTUkYalJ-cmGeSH19EDePWdOu4H0s
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7454
182 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 16:49:10 GMT
b-e09f10f-34756dc3.js
tagan.adlightning.com/townnews/ Frame 2F3F
81 KB
31 KB
Script
General
Full URL
https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-60.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 07:16:44 GMT
content-encoding
gzip
via
1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
x-amz-version-id
vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop
MXP63-P4
age
3835947
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30930
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:26:34 GMT
server
AmazonS3
etag
"bd7974ac83b1adc649e5e24a01f74b12"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
IxtNQHwI92104ZeorBM-I3_hjC1EP9AT-nOHg7N7kQ1soElW7m1qNw==
14679568334586638181
tpc.googlesyndication.com/simgad/ Frame 2F3F
26 KB
26 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14679568334586638181
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ddd83effd6074abee838166695da6463438ba68e7956bbfa4d1ccf58b6a40c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 02:02:53 GMT
x-content-type-options
nosniff
age
312377
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26247
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 21:34:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Sep 2024 02:02:53 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 2F3F
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 21:00:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
71348
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Sep 2023 21:00:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 2F3F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 15:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
5149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 15:23:21 GMT
l
www.google.com/ads/measurement/ Frame 2F3F
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPLHEpZawlAB1nhmmO93MStRm_blnDPzeRd1G0rMVeC4fCQDbtErgJd4Jco_8id4AhyvuK
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2F3F
182 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 16:49:10 GMT
bid
aax.amazon-adsystem.com/e/dtb/
23 B
468 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&pid=rqa1hHB5C1fpK&cb=1&ws=1600x1200&v=23.829.1852&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1009921%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%5D&cfgv=1&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:10 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
1QXBAQ9AF5HYM89XG6F0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.telegraphherald.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
G3SK1NsWy52sne88OKD_KjVpzx6UW8po4XDYQlqxQTUuUkYptel4wA==
view
securepubads.g.doubleclick.net/pcs/ Frame 1A4D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujNm7lgCAkX0pSYfPV6bGYwClYNqbQaAzPs0Xotn1BO9aiyaTsPLRE0ohEcfGbj84A05PwfhIp8kuu7iTdXMFbhu3-keADIcJVdKqpjiDxu3hOTMuej2AJfitj_fv3Aj1dhFsV_ZdJ2wb9GMhN7GbCN9REPjVn1Zq46OecrSw5MlNtHiTnS4cjXf9Lt0x7FKcgFX_TR0dlWXj438kDyixVr49k4F5nOR5ADLmegjBGBFkPEr-7tmvQeM0EzLrUAYWuy3RLHgbLL-fscIqkSRTOfreuhwmjwISRqHwTY8-TfYAlbomGTqde9K3PY8WfiKxgCFtNFqnI7yK_Q2k-_1XY3qss51Yp6kiAsis2Fevz6hRLSRM&sai=AMfl-YQOHQ9Q4I-ca4vWAL_p0O-MKDWTB1FqIroZ-3PjySKFY20tEAD_PBhkAO1aUbe7x79UfvtHkyKf-OUBHw_6tnIVodN3Sla25tZzjreZwPr2Jx0pqUJ8DsdB9WE7JpE&sig=Cg0ArKJSzB_YN3pDA-xoEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame B982
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstD2Z3X9WXPlCdPQHjZXqfFde99ShgsZrvw2lseQueA7J5QDMTcTYlGN-qsjj3bvEwcG-SHTTpWUkYNkXWjvhF7_H6cb-1eYf25YNMYodTMgIzNesyQEl0a0MggkH6ncsWpnFaU6JibTc7qzSXl-67fKkq5VTgWU2xIrszqqB8CHbdVvXTqFlGarhgPKXVp7nTuqY269qEFX4zOSCCd4vJB3T-4pO6WCX4uk8PF-SwsrwiO6VstrZnB-SN0Fq04RPVcAOeC53xthZ1DTYtb3fmAx2SB2HKw5EoDfdPiuJCleHYdzl8SJV6nwRIvKtRVXxtEZdyEl5mKlJN4uyhm9TzV5xOLLI445FzN2pDHF2tRNffA54_EAP8&sai=AMfl-YSK2PxOIFmQIFVTgNMn-RZsHIjIDamvljDvpOzfOhD5W77fCWvFozyO0ou5Jwb9gCRbh-1F7oFuw1UPeAbz-SJpLDNZoF-SoRMDEGnwWvapr6eI7THvfiUYvG9nap4&sig=Cg0ArKJSzGnZncYvcVSHEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame B982
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4aa725adaf778ba87d0592e62b2b6b2f4909bb818d79c720ba58c0f0ebe79c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2F3F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9dgoUldwOrbMIoXfhn1Mex54Q-8yCRMZGOsKGo6-h4SpjPe0pktFwmJq92DovdFb1B6vxDMxNeOxexeKu69spzcVTBQIUNlkMd2kQbn-suV76nHTlw8a-ASus6C4N8QD5aNRLhLgBcLXFDzlw1OsUBJeBBWEiafATOcRXsDeI2gFSTmuUNI9x1KALPJHPEzuFNSSbGisFVK5FdOsyczG7FqOd5WcaROdJnNBu0VQbTPemxK8B7kxAsHoNUEH0S4-NwN_hJ-7AzI148tc-WHjrrfkU0iUF5cV0POD6Fk2bVCcOsfeRZjhdaetI5tF7SdXReqZJTNLJSQ_tikMh0uLBvQtqW0UmA825uURuEJEeQ35k7T49Klg&sai=AMfl-YRWQqqcNN2kbK8egYZG0g8Baw7kPR_ini3_-sMSEJ4TFuEtUuMvjb5VIn0RPtEpT-oyALwSAJmf3YuZExhKfdmnnMyzdkf959dtGyXc94ta1-Rrg_8pXGm3V8XIV5k&sig=Cg0ArKJSzDZK1yUr0HWEEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 2F3F
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29e72bf40eb96eeb8ed4ff10748e5bdfebeb38552404bb0270eaad7e9ac4da1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/
62 KB
23 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4051752591592005&correlator=660611966249051&eid=31077099%2C31077231%2C31070232%2C44800855%2C21065725&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fifs&us_privacy=1YYN&iu_parts=132916964%3A55274853%2Ctelegraphherald.com%2Cnews%2Ctri-state&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&ifi=8&didk=3106113153&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dada30539d6737d75%3AT%3D1694796549%3ART%3D1694796549%3AS%3DALNI_MYnBwSUFennhDJhN1Lf3Ue_JsdEsw&gpic=UID%3D00000c762145dbb7%3AT%3D1694796549%3ART%3D1694796549%3AS%3DALNI_MbPKrg5i7CghfkIUqFvpsUgB3Im2A&abxe=1&dt=1694796551382&lmt=1694577600&adxs=1180&adys=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsnuIcCK25hT-83z_Hn2jZV-Zm7xUuGiAsJnkEfmMzVAXggdQtnfFOzDvSjdAmhOa9CPvfCuc76G7U1H9gqro3VNGf3QONHC%2CAOrYGslSki9FbwTOCiZBBjhFLqwn8HOUEmuroYztcjJ8X4h3zs2e9XdO7OgihhEB3pcIhLiFYfxAMYV_BJuj6S6xnL_6VD-9DCvS%2CAOrYGsltZggbR2E0kH36pqah2qXIjCkfXijSPKsXaaawAQJ8WmryhNbvnv4DKxm8ouo9F-oR4zgWMMA5hILLweRCgsSlvq_0Mg8o%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsk_IyZZRfdXNScbNLBJR5FogA2HwgA75h5VKOsQeg21tXzUy4Z_1nwmbv8CZbTq9GGjb4VWQZGutqKVVE8bGQvrsTmKdNRl&ga_vid=288697255.1694796548&ga_sid=1694796549&ga_hid=1329802374&ga_fc=true&ga_cid=488461565.1694796548&a3p=EhsKDDMzYWNyb3NzLmNvbRivifzNqTFIAFICCGQSGQoKdWlkYXBpLmNvbRiuifzNqTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJKP_M2pMUgAUgIIahIcCg1jcndkY250cmwubmV0GK-J_M2pMUgAUgIIZBIZCgpwdWJjaWQub3JnGIiM_M2pMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiuifzNqTFIAFICCGQSFwoIcnRiaG91c2UYqYz8zakxSABSAghqEhQKBW9wZW54GJKM_M2pMUgAUgIIbw..&dlt=1694796546318&idt=895&prev_scp=pos%3Dsticky-side-rail%26amznbid%3D2%26amznp%3D2&cust_params=browser%3DChrome%26asset_id%3D4802ccae-4e6f-11ee-a910-f3fbe99ea3ee%26k%3Dgrant-county-wis%252Ccassville-wis%26page%3Dasset%252Carticle%252Capp-editorial%26las%3Danonymous&adks=2196492607&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92603d67d0718a258c604685ca9759145f186ba603e9c4fd9f0b3515b5b8285a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24027
x-xss-protection
0
google-lineitem-id
6186000154
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138431169595
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309120101&jk=4051752591592005&bg=!OjmlOXbNAAZQjyUVcI87ADQBe5WfOKc5J7xp8aeBkuW6yr1ri80Pdkfo7PZRWCZJ3sKkVGkxIWyxeQx6vVKgDlgqVkxRAgAAAG1SAAAAB2gBBwoAAyUM7JkC_rooxB6TTiyLenb0hrjys_RAUvcLq7VA4ccncdDr4r3-uIRqSObagyY2qL3mcWHmzPPysFgRCvJMrVMuIR1MG7rdWyEkFgCqKTHEg3p5l7tqOgnJDV4l1MBAO2KUIaNFMLjZ-tPcbHQP0twvXF0gGKv7uIi0cXmuhTF-0VUyeDN9wg_ZsxDdj_MjwGbl04FmRT66LhFJW4v8bgiSa5GAsjKwBh0KwCkgxVfCFjKdm10jXu0ptT76AaS1CGPYGXAni-LpPbo_KesM-Fjx_AYNZPqEaoguCX8zsSO24NQH8INik2R2k0C7o6LXH2KEXCFqSUKHGMs4zQnBzhX3NBIx9w47DHcyOFieQ_ZzrEtQwU9IfEVWCT3jncQ_UlqYAIchWJ4rNKrMeMdNbb2tRJsusvAc3wTbvGb-j6eM2nJnBPusz3Uw2b6_XVwzR0YV0Md1Xl3FQJWj_MV8rpzl-UPKH9D6zl1V9EpXsDJ2GiQw-QE646cwW899SmtQs73wEe4HHK_eaWcw-4928taXudWX7rAYucSwzKbfxHAFn3BKBmd-D7tx4JxF47Ur1SbzD6xkjVRhs2QCi8sDMC4LJuj8FEYc2oSO3p7LJ-L9jkCURhoZnv33kA5QY0QJJqArmBojuhJkkq7Tp5SEAkQKJw8rH6mD27wR8d6Jo3m13gbrCqd0vHV3Y-Q7VHvm74wztUn899J8cEe57GZ6e8Szlz9AubTenvSC6vtnt6qMW7Ggg8cxoHV4F_xWoCR-OhgEBiO-SaoXvIUdIGbyYaZqzdyBL1dtF4GQXmotOqUW_JKe-iDwitZQwUxixBPgE8kNMTq0KoYdAqIIJXxNut42e5LnjNlSvDmdCv3K20gs1wU1kebXYeZxDVRGcDzjXxUZnZARljmpZLn49FNJ49pKcJNgYPocGt4AjjJBFyWVryeEALHcsxurh14-FvoY1fZr0kWCM2lb3YI56Ajz17Cz73m9RvAcMLkUrtG9CuI_w1yrA1-QHgye1FFLPCgEi0syiGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

view
securepubads.g.doubleclick.net/pcs/ Frame 7454
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_bYJE0-_PdBIHYfEbo_5euLUQ6pqFY0vscLsjGCd5blAkeCOKHXP5huKJ-zaRGevkn2-bCC68a1fM7sgUtgvhT2eK3MlKQrMbZVo4wjdLEzGPYNF9ZS0IqQUT0t8yaEBzF2IUe7qAnQwsZia-HqNe-ejf4FUjV8mqYmvtPv8_Vr5FDvw6BlGQJUNAaVZ6sAoaUV6BHea-UUxrlv0liKK6i5TY1fgs1qvcwUqffMDrmgWtPPaxIkPGPf-aP4Lrg1bZ7FgA2NJEagHN4q2SOx4HuWa-KXUzIzYuZnpg3hZqQta4RuvQwyFbErCmRqKkN6rbPHiuKuN6PuIahmpos6aK_G3bNZ1PxJSfT97J-aUhLzgxQHqO4WY&sai=AMfl-YR-UDunB4ims4yReE0c0ImWmqMhVq6SBjqP0LglBZnOMhgZ45N-ttzt7_NJVnbToE5PJo0jqphc1QECFpsSulQQZrvwN2xuzpTxUcLeRnxQLR6QiWW_AAFKrkV2VWk&sig=Cg0ArKJSzO6URlJA0Jj8EAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 7454
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5eee5c73f462c4f429b8d577f737ca4bded0bb1ea455db1413ab06d91c25e254

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
1987373
api.secondstreetapp.com/audience_signup_widgets/ Frame 1A4D
4 KB
2 KB
Script
General
Full URL
https://api.secondstreetapp.com/audience_signup_widgets/1987373?callback=secondStreetOptinWidget_1987373
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4385a7720880cdd5031fe75803209a9303453a1094abdf103f6fb6170e79b723
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 16:49:13 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
X-AspNet-Version
4.0.30319
Age
4
X-Powered-By
ASP.NET
X-SS
107
Connection
Keep-Alive
Content-Length
1513
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
X-StackifyID
V2|a1360e47-ffd3-4707-866f-c467d771b446|C69601|CD66
Cache-Control
public, max-age=600
Accept-Ranges
bytes
Expires
Fri, 15 Sep 2023 16:59:07 GMT
truncated
/ Frame 1A4D
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc8f50aa837575aa859a04ecaf8914db15cf4e8c77f3bcda79dcf16f4856637c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B982
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubOU-pfe79z7S1BaOOGntg3FLI1dD8jC314SCX40gVJxn3paMh3LCqbHEn-pS5a7uBm6-OgkTJYUuRWQ9mW7jucDiD0HmJWBcggF95lnZYVq3LyGnBUaKF66mkRrSDnB9ENezHRKQzmJWKfzewZDVp91IAAuz5HXs1Mrh6f2Ilr2HaOAAXeuuWjkBEHe7q-i4pNs1Yl04flYeGNHpL3ndZS3KSZarDTJAMEvp-OhdGnLn_sVjxrR2pivE4Rz7015QdzkvcTWv6TKmQCuY3EWIGbOKgftlf5XTW4W11csQlcSUvrUHEcLfVWnCUytKYZoS82jCJxFl6SFK_bS4b7MOL-exAD3G8Y7k2-DOmhj3NWnlebgnX_PDpZw&sai=AMfl-YS45BZ8j682DvYaVyE5Xld4g314QCKfD3dbcGzIl9cLMa0zn-ME7LP1Ub7beCgLc9KG7PZjFRBBwol7zfdp-hLrApHoXD6309fbYjnPN7zFiMOSvnrSFMmF8WjyBxo&sig=Cg0ArKJSzARm_dX6EJ1NEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 15 Sep 2023 16:49:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7454
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZxbyCWbZp8WNiEZ6-C0NCew1erfQSKqZNzFSc5OnHl77LLTAib8XtTaNzUxNYA3ALTNeARa2zFfRCAp09fsXUJT7BRh1CQCKnzXBoTgfMdMQXzZcQ7Uppqms1xNMKz3sXrqt8DRWQ4O8WWZGHxZnBQyf_IH7ueWjO5b2HAtHjyc_6gfdtKDjUtnSQWoH0fba1e_U2TIX8fpumjrfiW9FD38izy0ok6ctr1xdNVptYaCwVnyJlG7mQLvToFLiUB8jw-3hIdERodR1I_RSMoZp9fzua901jQaH_eO47siBQhYBJm-N43sm6TxgwMmPHgSwcoBmkLW7o2MYdygdd0_Za7fgDWia0rpnxzX1PrzdqR1L05kWWrq1xbg&sai=AMfl-YR9y3itBqZe1brkUqToagtL9dbwjxrW2N13xidyB8QIJEg1i76SfmihPoJd_dXF3amoopdfPHymCLEEwgZlu37PjmPmg2TiptiWhVBQoPdJ2WY8kflvM0eijtpoEfQ&sig=Cg0ArKJSzGHRKWrxYBBuEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 15 Sep 2023 16:49:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2F3F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2_LT1_nG6O8L21iXRBuD-LlYj4dTlFXosM7q_QcGZH3RrnDFQRywpuEva6oozCrPhFqlbnURaE9Gra9fENs2j53rIsmaSeNTq_BBqgsF12mtDJ-NJHGPRTWKRQzepGJlcQ6BVakygFG4Im048_dHHzor1_FGzqxod0Is_e5mTqoio9N146OnAoKWJ12-8kxBGddOpcFGVwsr8RP7P0riWp5r4uQ2hElvkVu253ZAg2z4ABsWUTM4RWFe0NZVYjctwqHgPO6p8jkMB8vkFgbxJndupxDYFUqgyfU-feGiZlUvQP6XeIEkwYkVsGjbd-MC6FpSx1RNPPnKw51gBluuMR03QC1hnKWXoXxA1m4uQlayXXCePzBEIaA&sai=AMfl-YTjjJq8AWm33Dqg6-bYdeJ5RRhjGPSzjcVYOOTM6uuSTUkwko7C12qUzQVFNo1JfwScQeWUpI1tbt8NkDMWyiRwqr7i51nGSTFceTcdIHg2CKyX_7k8-icmAvhptvk&sig=Cg0ArKJSzL-dQPaK6957EAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 15 Sep 2023 16:49:11 GMT
css
fonts.googleapis.com/ Frame 37A3
2 KB
469 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Muli:400,700
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09430f3620f6c275e8b1549a197d320593921568230a827421e64ad31c2b9041
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Sep 2023 16:49:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 16:07:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Sep 2023 16:49:11 GMT
THLogo.png
archive.thonline.com/syncronex/images/ Frame 37A3
12 KB
12 KB
Image
General
Full URL
https://archive.thonline.com/syncronex/images/THLogo.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.175.83.79 , United States, ASN7393 (CYBERCON, US),
Reverse DNS
cf.thmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
94c437b53ea9f9f159c59a8d194eed20f75e0d91bfbbf6c4a45b156390000f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 16:49:11 GMT
Last-Modified
Tue, 22 Feb 2022 15:18:54 GMT
Server
Microsoft-IIS/10.0
ETag
"ae4e6081ff27d81:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
11838
view
securepubads.g.doubleclick.net/pcs/ Frame 1A4D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbb7q0tjQF6yTzl2mFOipNnpzg6W-W8QX2avjZTBSm0YVaWMvyAfqeD2OVAR57uY0bh-Voc0nffUN5qNYAfa1AEk7w0PePYiQUHa_OceadTqUMywQIWgRKFL1s_R2mRICdTkkgFc3HnCyrnSZt04W9v-6Ebh-h-bCkM93DwaQRks7WoEHQLDUQjPTjEq-0HH-XWEu2klX_3OdxLZzuHLHP9DekZ4EQs6x0TOZ4wLm0i82Iw7DTsdn5wvzlw6DS8WV-bggYBGAmObNwYkU-OEwV3J5gzBKJ4GuwDsh8Ws0NFKCvaf9Z11HdBHs8iT--z8i6yKU2-FDYJvGAX2MT_7OrmK-U7fEav-S7P1vTPQwSFfkb845zCw&sai=AMfl-YTDRieFjZwh-K8sL-sMV6JPFJ_2tIFaoOk3-_NmwytuPLTzSlEZeltJvZipTtn6Cwoeutz0fFWYDe-nsMFUD-MUcw_dEp4FvSlspYNnVzGEMaIwmluSxlqRswMP_SA&sig=Cg0ArKJSzHTfNvR7ZUtqEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 15 Sep 2023 16:49:11 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ Frame 37A3
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.telegraphherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:35:15 GMT
x-content-type-options
nosniff
age
80036
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32796
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:41:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Sep 2024 18:35:15 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ Frame 37A3
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.telegraphherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:35:15 GMT
x-content-type-options
nosniff
age
80036
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32796
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:41:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Sep 2024 18:35:15 GMT
b-e09f10f-34756dc3.js
tagan.adlightning.com/townnews/ Frame 93B9
81 KB
31 KB
Script
General
Full URL
https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-60.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 07:16:44 GMT
content-encoding
gzip
via
1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
x-amz-version-id
vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop
MXP63-P4
age
3835948
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30930
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:26:34 GMT
server
AmazonS3
etag
"bd7974ac83b1adc649e5e24a01f74b12"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
b7Z4dkxz6yMmCkGr6swJlfxyYjuJqELHU_gU7-0qF9EOhshXXRjB7w==
6586040974430877014
tpc.googlesyndication.com/simgad/ Frame 93B9
35 KB
35 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/6586040974430877014
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95ad6a3c2d11d5a3c188ad7c06cb4cac712934b9302197cbfb0a1869a18d0b21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 04:14:10 GMT
x-content-type-options
nosniff
age
304501
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35769
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 16:55:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Sep 2024 04:14:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 93B9
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 21:00:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
71349
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Sep 2023 21:00:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 93B9
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 15:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
5150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 15:23:21 GMT
l
www.google.com/ads/measurement/ Frame 93B9
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFgvhtj0kcn5UkLbnRHy9jOq9bhIx8NfDQYx7f4Z1GU25N2EbVMjFz-angXzQhq6D_LKb-
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 93B9
182 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 16:49:13 GMT
usync.html
eus.rubiconproject.com/ Frame 4442
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1YYN
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.telegraphherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Sep 2023 16:49:12 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 93B9
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviS27C8MZgEsriBebG9FUdEi3wcdTqDrSVlE5kRM6ifpJAkWVa9wRL8N9UcFnX4vljsKq0NDrWLltpzokzdJBX6KGGxfsmob01-rxdvHTWd2w7BS6heGn9xXuiL2zPmYe0GjPDp5nLVHBhJC3TAlyYnPaVc1hmeBxMxreH1Q4bCJ7QNxUyYD3NBM_Fl2hxfUOkCYZehKBtRLWSxX54BELW9dlZG6NoLCQrXltpsQe8yQaELOH-iFVlsn0lJYoteOpbT_a4hYf4z3VvCAcM1vuvxtL7Ryps2xMKNRf9sTi5yiqQdM9SsFIBEsDstA4BX4SzvLiEol6jobkP5UIDy7NQQ4B1iikhAb5w1uZ9epz17oVyLvWNJHo&sai=AMfl-YTuVJjM1JGBHtlaZHRDSoq4-eYNUSXalR11F22DrfhVlEsYkdno6_zay0ndLxHACdNwA03fkDP1-CvUMUphQUo1HCeRHcXWK6DLIx0va0uyOgwpr47Eco-IDvXGD04&sig=Cg0ArKJSzAIXW8p5kaoYEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 93B9
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e892934718b572f17a56e83647ec4a83ebce42b536de31cf83891d81361b4d21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 4442
36 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1YYN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f27d2c5f66b94230e004d6c66655d01a1cd15174edb43a04feced5daf4d5315f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1YYN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 16:49:12 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:37:22 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82075
Connection
keep-alive
Content-Length
10521
Expires
Sat, 16 Sep 2023 15:37:07 GMT
khaos.json
token.rubiconproject.com/ Frame 4442
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1YYN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7454
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2kiBrldR33buhNy0WPAQ05FA7r56qyiu0V8vD8xFxfMgLWGjdWsGETO7wUTZdL03sljlrrAp-3QHhHUSGSmAnsNEOBSeLdu01gYFnaGHh5AjKUNyk4ji13hDDRhQa&sig=Cg0ArKJSzII-CmXmxQ2DEAE&id=lidar2&mcvt=1001&p=885,1180,1135,1480&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2240819705&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694796550473&rpt=1227&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B982
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGgubko5uwH_2KXCWKcJPRvCv80v7PDkCpEvT0q1ZPZLFBQDv3p6RYa_Ia9-z59ZalUx_TfHW3Hy9LEXx3RaWIqk9_llrxAzU4u4vLBtpsJ0F7wKep5gi8-IE8LxuW&sig=Cg0ArKJSzMOXn8k2w3CYEAE&id=lidar2&mcvt=1005&p=615,1180,865,1480&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2240819703&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694796550334&rpt=1339&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A4D
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsteF5eUvvSJx1hvjfnxTdPwRcvQphk1Ok6dnUhMiX9uxG9PrOzrKbGpT1T7Ctiu5DUH4TCb3Sctlom7rwjfa7h9Hnazi2sBEkEpUxPpCEiqVUHiBxTsSoC1NQSwuiOM&sig=Cg0ArKJSzJJ4HV9Qw_jREAE&id=lidar2&mcvt=1000&p=735,535,985,835&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3578395192&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694796550148&rpt=1679&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 93B9
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAGuZr2a0lDxIsV59gwrwRNYl4MI7Rtbe1QUo5opLXCiiUc2H_Qo6Up0RSlpbGR7xOWjBenpiFpp7IFcg3Z-ki9y-G4fjMs3fe9KaZQ7UtYmzzetIq6O-cvlWXq7gR5RnaSILQdxFR-3VzQC4DfGAgJVekwccSz7DQymQlAMV7G6HV6VNBCrjJYG21Ck1SIZeTPnIpkHzi2EPp_BTaZkJZPEviiH7OO0hGhvM1QHm43zMYpffK1IkrEKftoQItYeiHltVNs6T6-EPvyLnZbaLqbqUAKWpsgDphI1vArPoi14QmHcDCWIN4vQe3kOFtIG_KUI0paqdOWYbqn4kGOXPN86R8nyV-PzdvfkAHIjy9w3yXr5oNp4t10Q&sai=AMfl-YSh8cIEtQ84GZfW0NFngQEolb2sl9zpF2ioowbkXlLg1aVwwG6Dgw8GJXbMar8rr4Er4G6y9EessIgL41KwqNfQTgtrxF4w7Sa6x1QjsW1xBmV8JdSIIryrgZwXbxQ&sig=Cg0ArKJSzEzwTH8kvD35EAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 16:49:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 15 Sep 2023 16:49:13 GMT
multimedia.php
events.newsroom.bi/
12 B
0
Fetch
General
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/764f46ed0012a3900512.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy01.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Sep 2023 16:49:13 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.telegraphherald.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
0n08o08on1s95660r3072825o1nq9p2n-00002.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/
1 MB
1 MB
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/0n08o08on1s95660r3072825o1nq9p2n-00002.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-128.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
deaf6910b8470d51fefd3ff88a1e8b0cf018b9eb2e019c17dbd755f2ebb9c070

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:59:24 GMT
via
1.1 7547a9346c879171aa25dbfdda694b20.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C3
age
42591
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
1361120
last-modified
Fri, 15 Sep 2023 04:51:32 GMT
server
AmazonS3
etag
"50bc2aec215f7b3964e640259612f38b"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
JkoYtEPH5Lk_-PvIu80WuDYL0hiLsMB8v3eabRJfpkq-4FTQKhf5nQ==
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je39d0&_p=1329802374&cid=288697255.1694796548&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEIE&sid=1694796547&sct=1&seg=0&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telegraphherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 16:49:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lexicon.33across.com
URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.0.1&us_privacy=1YYN
Domain
s2l.sendtonews.com
URL
https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=214857196&version=7.23.0-A&age=230915&ldt=QUARTILE&key=dtKKcuXb&seq=1&order=9&vIndex=0&absoluteTime=11161.9&relativeTime=9078&sm_id=3000503&visiblestatecd=I&soundcd=OFF&quartile=1&pposition=float&floattype=s

Verdicts & Comments Add Verdict or Comment

332 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| documentPictureInPicture object| dataLayer object| OneTrustStub boolean| tncms_access_control_sync object| TNCMS function| $ function| jQuery function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| tnSaveAsset object| logProductListViewed object| logProductClicked object| logProductViewed object| logProductAdded object| logProductRemoved object| logCheckoutStarted object| logCheckoutStepViewed object| logCheckoutStepCompleted object| logPaymentInfoEntered object| logOrderCompleted object| DkJ8aj2 function| DkJ8aj3 object| xop object| googletag object| 7dkfsoclngg object| g9hkhwxysjk object| gptAdSlots object| apstag function| e function| t object| marfeel number| _sf_startpt function| showBuyPhotoBtn function| fbq function| _fbq function| TNStats_Tracker object| TNTracker function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| G96jEu2 function| G96jEu3 function| xblocker object| qPYByg function| qPYByN object| xblacklist object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields object| __otccpaooLocation object| _aps boolean| apstagLOADED object| apscustom object| google_tag_manager object| google_tag_data object| ggeac boolean| google_plmetrics object| google_js_reporting_queue object| webpackChunk_marfeel_marfeel_sdk object| tp object| __mrfCompass string| GoogleAnalyticsObject function| ga boolean| creativeVendorLibraryLoaded undefined| google_measure_js_timing object| Optanon object| OneTrust object| analytics object| gaplugins object| cancelEventType object| cancelEventLocation object| cancelEventDetails object| item object| myKeywordList object| webpackChunk_marfeel_compass_multimedia_sdk object| tntSignup object| userStatus function| __tntSubscriptionAccessRecaptchaOnloadCallback boolean| checkedForPromoCode object| tntPurchase object| tntOfferPopulateModal object| tntPayment object| paymentPromisesSpreedly function| SpreedlyIdentifyPaymentCard function| SpreedlyallowSubmit function| SpreedlyPayment function| submitPaymentFormSpreedly function| enableFormForKnownUserSpreedly function| selectedContinueWithEmailSpreedly function| copyLink object| __uid2SecureSignalProvider object| __uid2 object| pbjs function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| regeneratorRuntime object| ox_esp function| setImmediate function| clearImmediate object| ID5 function| withinviewport string| sMode_1034732 number| iAttempt number| iMaxAttempt boolean| bDmpTrack string| sImpressionPx object| socialReferrers string| referrer function| getRecommendations_1034732 function| shuffle_1034732 function| trackImpression function| stick_in_parent object| gaGlobal object| gaData object| __id5_instances object| _33across object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| wpJsonRciWidget object| ua_result object| revcontent function| renderRCWidget object| criteo_pubtag object| criteo_identitytag_141 object| Criteo object| Criteo_identitytag_141 number| __mobxInstanceCount undefined| __mobxGlobals string| theFingerprint string| theURL string| theByline object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| owpbjsChunk object| owpbjs object| PWT function| dspCriteoRTUSCallback function| dspCMCallback object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| headertag object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog object| closure_lm_129641 object| closure_lm_555736 object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ string| sUserId number| google_unique_id object| GoogleGcLKhOms boolean| DFPMessageEnabled object| google_image_requests

26 Cookies

Domain/Path Name / Value
.telegraphherald.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1694796547%2C%22currentVisitStarted%22%3A1694796547%2C%22sessionId%22%3A%22b5a9f11f-759f-4224-a57b-8d4c5da2570b%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html%22%2C%22referrer%22%3A%22%22%7D
.telegraphherald.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1694796547%2C%22userId%22%3A%22e70bcdf8-d048-4953-babd-c69d1ec47b58%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1694796547%2C%22timesVisited%22%3A1%7D
.telegraphherald.com/ Name: compass_uid
Value: e70bcdf8-d048-4953-babd-c69d1ec47b58
events.newsroom.bi/ Name: 2738_u
Value: e70bcdf8-d048-4953-babd-c69d1ec47b58
events.newsroom.bi/ Name: 2738_lv
Value: null
events.newsroom.bi/ Name: 2738_ut
Value: 0
.telegraphherald.com/ Name: _fbp
Value: fb.1.1694796547275.1033576860
www.telegraphherald.com/ Name: usprivacy
Value: 1YYN
.telegraphherald.com/ Name: lotame_domain_check
Value: telegraphherald.com
.telegraphherald.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.telegraphherald.com/ Name: _gid
Value: GA1.2.488461565.1694796548
.telegraphherald.com/ Name: _dc_gtm_UA-54716522-7
Value: 1
.telegraphherald.com/ Name: _gat_UA-1002501-1
Value: 1
.telegraphherald.com/ Name: _ga_1KSYYTLTZT
Value: GS1.1.1694796547.1.0.1694796547.60.0.0
.telegraphherald.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Fri+Sep+15+2023+18%3A49%3A07+GMT%2B0200+(Central+European+Summer+Time)&version=202209.1.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0
.youtube.com/ Name: YSC
Value: 46GlVzObTCY
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: aXYPo3X4Gws
.id5-sync.com/ Name: id5
Value: 0
www.telegraphherald.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.telegraphherald.com/ Name: ajs_anonymous_id
Value: d211a82a-067a-492c-a945-c9ddc970d327
.telegraphherald.com/ Name: _ga
Value: GA1.2.288697255.1694796548
www.telegraphherald.com/ Name: tncms:meter:assets6639bb10-c083-11ea-ae08-af90189f6992
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUn_t6a_fvh21tyA_G9do1CWKGeCoZvcPjFpGusM95tTFASNhc20NzWbBB1jDWI
.telegraphherald.com/ Name: __gads
Value: ID=ada30539d6737d75:T=1694796549:RT=1694796549:S=ALNI_MYnBwSUFennhDJhN1Lf3Ue_JsdEsw
.telegraphherald.com/ Name: __gpi
Value: UID=00000c762145dbb7:T=1694796549:RT=1694796549:S=ALNI_MbPKrg5i7CghfkIUqFvpsUgB3Im2A
.telegraphherald.com/ Name: _ga_4T2EB147B8
Value: GS1.1.1694796547.1.0.1694796551.56.0.0

7 Console Messages

Source Level URL
Text
security warning URL: https://tagan.adlightning.com/townnews/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning URL: https://tagan.adlightning.com/townnews/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/townnews/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/townnews/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/townnews/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/townnews/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

49ccac6acb6fee62c890c019af555273.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ads.pubmatic.com
ampcid.google.com
ampcid.google.de
api.rlcdn.com
api.secondstreetapp.com
api.segment.io
archive.thonline.com
assets.revcontent.com
bcp.crwdcntrl.net
bloximages.newyork1.vip.townnews.com
buttons-config.sharethis.com
c.amazon-adsystem.com
cdn-ima.33across.com
cdn.cookielaw.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.revcontent.com
cdn.segment.com
cdnjs.cloudflare.com
compassdata.mrf.io
config.aps.amazon-adsystem.com
connect.facebook.net
csi.gstatic.com
d29xw9s9x32j3w.cloudfront.net
embed.secondstreetapp.com
embed.sendtonews.com
embedcdn.sendtonews.com
eus.rubiconproject.com
events.newsroom.bi
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.sv.rkdms.com
id5-sync.com
images.revcontent.com
imasdk.googleapis.com
img.revcontent.com
invstatic101.creativecdn.com
js-sec.indexww.com
l.sharethis.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
oa.openxcdn.net
pagead2.googlesyndication.com
platform-api.sharethis.com
player.sendtonews.com
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
region1.analytics.google.com
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
sdk.mrf.io
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tagan.adlightning.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trends.revcontent.com
www.accessdubuque.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.telegraphherald.com
www.youtube.com
yeet.revcontent.com
lexicon.33across.com
s2l.sendtonews.com
104.16.133.24
104.77.32.87
108.138.17.85
108.156.2.60
116.202.150.116
13.224.192.181
13.225.78.11
13.226.175.128
13.32.119.77
13.32.121.21
13.32.121.35
13.32.99.22
141.95.98.64
151.139.128.10
162.19.138.117
162.55.144.217
172.64.148.101
172.64.149.180
172.64.152.89
18.203.57.57
18.239.18.118
184.175.83.79
185.64.189.112
192.104.183.109
2001:4860:4802:32::3
2001:4860:4802:34::36
23.32.184.192
2600:9000:20eb:e00:c:abe:f440:93a1
2600:9000:2250:6000:a:e047:753:6381
2606:4700:10::6816:3456
2606:4700:3033::ac43:9fa2
2606:4700:4400::6812:2089
2606:4700::6810:5714
2606:4700::6811:180e
2606:4700::6812:82ec
2a00:1450:4001:802::2004
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:813::2001
2a00:1450:4001:827::2001
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2006
2a00:1450:400c:c00::9c
2a02:2638:3::3
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.216.232.229
3.65.104.49
34.102.146.192
34.120.133.55
34.241.108.134
34.96.70.87
35.160.35.184
37.252.171.85
44.210.28.246
46.228.174.115
52.223.40.198
52.58.45.126
54.197.229.45
69.173.144.137
69.173.144.139
95.101.149.233
99.86.4.30
99.86.8.175
01549885139728f060cdd5891523659dcb934c9ddc7154bedf6bb195a4cd211c
02f8c15ba65b0ae9db6f957d28f9ae1adbc048090cca772bec7301451a8c1dfd
03aa80580b402aebc5e486b943a2da82ee76790993dfffc4f4a421592e2d6f57
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076f281a9257ad662f34badb12393195fdca0dc2fde9acd1f1628b9674a96aee
07a170a7411835031a08ba9a8499c88b73eb0e9ca71729ad3bdcfce3c4332242
07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8
09430f3620f6c275e8b1549a197d320593921568230a827421e64ad31c2b9041
098febc0d0ea7ff5edd7991f8ea8db5997c8f2ca32bbeb0ab2da5b28f0c96c35
0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9
0c84c498773a7bf8886f05dfe5f414e4b53fbd8aa2c448f5e26a4b83befdb232
0e48f0d912bb3db0ba23630fc04fe4c07393b4efe3227b49dc1314a661b0287c
0e53c57c02bc1893290ace288f875fb7f24ecd07008077da5e9751f51040907e
0f84986cd37501551e51910f93ed011a5a0ca71eadd20b3618796212a89023fc
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1856d9b5b6bab37b309b28fe14f3de828d2997daa7e80b31da276ff234c3a8f6
197d57973f476d5a90adbeb556aa75d0dd3b0de064773b87e9ac4315858a03a7
1bf00649d48931a37df34de72bd5f3fdeb35dd731cb30b0083bf356ad6b01050
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f5ea6a05d7b542f9e8517ee2ac65ab31e97a46aac3205aab1950acb713527bd
200d2ad791858632f23e69eb768c5dd5bb8686158b5350c21f6237fc295b73ea
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
29e72bf40eb96eeb8ed4ff10748e5bdfebeb38552404bb0270eaad7e9ac4da1e
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2b511d3f44c895e063c6aa0f6829d2809af3ee9ec13ddc514ea8d1e6d9fecece
2c1d2122bde8e57c6a0d64d3ae5ab9311b92a90d939505522ea8017a0332afed
2c3c26716335cdc27f18d1712d8f7b57f7cab4330c7d84c4285740f598640065
2c57a5c8635e32219c8cffb12844c6b620b036730aa16a900e4d340ed7aa43cc
2ca99099e62044f90c611cc0afe309e4c21df12345d7b15aeefc3c2230352b08
2e22d2b0c82ef8e52f4b8efab90fe97ce91f7bfc71ef520009000b43a7aedaf5
2e85bef6daad2a4e58352f93881c671a125dbad6b1a787cf7afd31e28b97d278
30047215b0ae630d9b377ce7ed9c1568233256fc6d7c3dcc729d0de52a445af0
30e4d1e0f46d3af24c1b100040fa413fd22cc1e0260bbc63017f6fbd69fa7eb5
313f39f8b90f51fd04e2708370e21674be8444df480db62d87382f85ad4e77cf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4
3328bd9037407076ea9796475ce6b141b3123ebaaedbc56efdc43ee07cd43dc1
33939bb9d827d73e58f184dd1b06e5024b34d62373bd41ce2aea6058d62aa902
33d27a2237dd1e05c016cffdd6e7f19af210d5ab0f278a1090d0c342ee151a69
3494d17a7eddcc1f2157db72d2b64d0255b3b1a4e83314207fb34f4f2edf9ba0
34fc4e7529fac73aeaa0c93e5d6c40dcf6dc896aa0df459fac69542fb8a2a547
35faab1d07b33795967a3a1ba80cb5f15a6986b031ae84cefc3a4338076c5b8d
37b564138a8c782c7ef7f804054712a1bb75a63677dca0e6e186b82102aebb93
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
389f438844f7135c2be70a4a9f6654443a8c76482f1f0fbbea73b903c0d5cfad
38a8c69764cb608dd9ab1a715c2bcc582d8ffdf33ea486a8926234bf68d5733c
39d6835ee4b7c5b33295b8e6ca78c56ce6fbcf44d80e79d218d528a2453fb185
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3c2d938226572319f1888ae1b0be2bad23d9dce1431180fcb5bf3f542fa4db56
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403b2909c28a9ec15859414656330bb266efccf0a660631faa249fe3945c2971
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
426113221b8ffe09c48f255a2be770815d1f6d4256ff677eff1c1de5009f0488
4369dba0d40345e88549c3e75afc75ab9b2b7eae4c5723f926d5910e9d87de87
4385a7720880cdd5031fe75803209a9303453a1094abdf103f6fb6170e79b723
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448e1a4179ffa476609ed1e8909867082486239c06fb2e277f7843e3269d427b
4502a3093838e13382b726c462761c6f8d75ace126ecccebc1f051f0beb3a11c
4530108a7846e31d33b46c776fcd52a54aa52c879577dee1cd75dbae68dc0585
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a96fa4f8b7be243cc0f92c4f877dfc84490eac8cba15ef27bbd4a1ae79c221
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549
485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4b856c515e96f86e2f9ff5418c119f5e5c00831ea28c60235115f25fd991edf7
4bfbb6172286a6ab9314504a55dcd79217e35cc1c7319615a8995577af4c8a57
4d950bcf10ea02125f7e203a9d96b3589a74558d66b33171845e4fa3d0a18d25
4ddd83effd6074abee838166695da6463438ba68e7956bbfa4d1ccf58b6a40c8
5126ccf3097527765bf8adc3d53a9e9647b57684a495143e00832df6d12ed8b5
514010fa6b11f61340616503c07fc5c2e4951163e6dc26cc2b4a33c229cc38d9
516aac25ecedde23191fb756dc1175e4d43ff19efa51f4fd474bce6e560bee59
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5480b146acd3834e1ae343058731a655cb7d708e01727c910052e645b98ece3b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5829a4bb2db7aa971395872851eae5fb07ce0196772c09fa9fd1576f5852b0df
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
58c232050c86885f1e4b27d778b2b66dfafaabe31212da2f01fd2b1fa00b28b5
5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08
5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd
5c01b4ea39d41a159cae309e742b5cd4dcbfb24d99456a6ab3822f426120f765
5c4a23a217e269ad2451e4668ad319a23ad3c70ec0d3d84a43d3a2564f0d3287
5e601d8d6f7a7e9ea77b0779587ac065677343a89df058a6638129e9b0f1ebdd
5eee5c73f462c4f429b8d577f737ca4bded0bb1ea455db1413ab06d91c25e254
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62864dfc09682e01eedffa6de15991cab27064828cb39a1831059ab9a7bb735b
62fa775e491874d7e0eb6dc4293d4920d156c6d04eb9d2cbc62519115822ae44
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
64fdfc6f5adaeb9dd4f850aec979b88c28075957f0e8937416795e3642d96aa0
6509b47e7d2ae329dbfd211c5e0f6816b368cb30b00c8e93c502b32792d3f4a9
66a96f40edf674bec2e02e2f466a5c6f86ea97e857450831400bf74a799b64e0
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
676e0e6f7bc86b4026194972a4fc3545fcc8d907734ca93f4ca3de4d9e85483b
685b6cce93fd4204c04645ec0077e93ba23660ebdb0cef27172ad9eee5664201
68cf129e93209a063b51097aa1b40c2a4149ba79a99f7e6d4d485623fe535b9f
6aa2b1d1d1ee8541c2b2c169b34728afb06a08ca39e5f2d5a4ed145636440eec
6b1e0c4d01987438c823ddada5028966cbb63bdbd65e1558304a9eb985c96136
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6b69de612111c26b096a1f30502688185e5bd0fcb1681c9fd7a9a1b89fa9d82e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6edd42686ddddc5cc5a5ad6e45305a1e0cf72a0c3e1790d59091ffb26070259e
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7a5058aa7e0090827fb2c2e9816c697909bc88d06cf6f8191e6333e053a16ce6
7d14d434794d4b7d3ec2cd2a97263773a8dd35b8da5302fe99d3dfb604c6fb91
7e29e7a53319f0f692a359d1dd23f412bebb653718dd3a9435ff2d12081b8cef
7f84a292e0721d3de1fed900349151e455ca5a03561747a4d58088693729efa5
7fd7424a4c35368a1f74b59332c21ad08e4570bf827d921c0af2dda5cec60bfd
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
870028f088733265a28509511a09579ac83710b15ab1141ac8a58fe625cb2eb8
883aa8eae3e60fb3293982ea005b7d0825faf153e68b7495fc6fe5893c38cb8c
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8df152316fe36d7897ebcd8b3e5d7930811c1907a80342cab545bb68bd023923
8f1cfc02cb95103ce088d49e98ba6dfa4eaadb10fe50939f8b0cbca742a0802f
90e730b1fa0b9e32904fe429040d0be24a9f4dd191bdf1f74e5d39aa9e96cde2
92603d67d0718a258c604685ca9759145f186ba603e9c4fd9f0b3515b5b8285a
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94c437b53ea9f9f159c59a8d194eed20f75e0d91bfbbf6c4a45b156390000f24
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
955becd6590ca9099279669e95771cf8d4d519ff8643dc8c398b6daaba6061a8
95ad6a3c2d11d5a3c188ad7c06cb4cac712934b9302197cbfb0a1869a18d0b21
9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
98bd2a42c83491e583293867e9e89e789573302e9df065122643d8cef9d83116
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9bfb4a2c4f974120f57a48cc57f7937f8045abe2bfb1f78b6683dab126091464
9d7b31298b1677591809a6dd1fc186edf3ea2215e5a715b50fb7a31017dba949
9ea746bcaeb49d78462db0b0740de88e2f00bf5f492e14e65a5e811b45ee0220
9f6114de4e1f9c80ad04cc403b8472320d5604ac43816db5c1540a17101e93dc
9fb252a7b0f03225554f0781925db4039148977f4731567d3d161a7b2f8bac64
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a0bb12bc1cb0dd34d2c3db06e0e376e55d14453983513e9670973e39ea2b7f65
a1877b0614160be67154a711c4e67bc314c75bd78f1bb83415512beffbd4e3fe
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a59df0e9bd45c2897db8be1409882ef4ebb7508ed14cd742c75160e5256f845e
a6519b2e757cd863fa5d0fd7476b99cd8983f6b34cda36b65b0ef6791b9bd60c
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a99ab7cb2c846dc63dc21c00c8eab1f9bbae618ef4a3b2b648a86d9855f80b2f
aa05997ea2c6a549852ad57323ba29ddf9cc361a636871be8fe52617d1b2cd7c
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
aacede08eec2bdcf96fbd7e1d841798a95df694ae2a9975e151c4d4abde9c880
af6bea70dc94c86467e3682e344566a3f7097d677b5329fe22fd41abb9a443bd
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b33206bcdd3dc06f5d13265b61a6afc0b61a09b366c9f7b84b7a869274dd2654
b398ca5776a86c9873f15b54b0e4f51a30b844915c2286630072d2410f4ced00
b4455371fc3773f5c1738b4aabd050eeb99bfb4c6278698a5e6f2fa3b99ebf43
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b9a1492be256f52d3e6274e5fd8124d8c7a3cb6dd1de205cb1ce0fa64a031ca6
ba005884302c65983e86c49afd2e6bf0d3ca60166c861ee2888d716ceed13e02
ba8098c1b5a9e2fab5ad67b12da0b4a2337a9ed8e078edc71b5eada7fc615188
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc1009104ffcf20bdd8170964316315eb915d2d565aebc9d8f21b8b8f8e94150
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bc8f50aa837575aa859a04ecaf8914db15cf4e8c77f3bcda79dcf16f4856637c
c1f33558d1045531b408a422d50e71ad01b0b33984d74d6a3a06d97e4cfd3d81
c4f4a1449fff0e667a601b7c2a9a4e3dbe306903c3047b9d21b2f6a7b05ca2e5
c5bf9da61f9d4956b20577fe79038e5bd6dd8db076059155b18d8f4f2f8d6b34
c5d5c4a03ef7b700744c0731c75469e307490817ae7a1f6f0c93b1fec08377e5
c6c2dadf2519b1a53072c243e563a27c55d28d46c8777856983f16b542d42b0f
c71019477e8e8312ac2b5e5558fafb61f28dd238a278eb400c98d03278783ac6
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb9c4209cb9614d749efa807c0f454fc51136f7d5914ca629945cadad984edf7
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
cf9fdae1e80d1d8105b1adb8f159dbacd4ccff2cf56dd186df25b9d086b5376e
d06b0e662cfd11cf87c4c75d9a1c22bb7f710d0d1b9c6d5dfc099e52672a4246
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d795b5d4b6e0c653d737ab44957ada4c5b302fce657a5c9ad74eb9e233a8be
d1a2da045d78c4ed73d71581e1607e7ea958d598ff919dfb7fb72d53fb18b43e
d25b6f68b62ccf7af555bfafedb3d5a4764a5563ca6f13f5492593bc42091555
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2d5da788f85f6c7606a2ce6b73ffdc5bbae4f1c94718b3682e614317a97ed0d
d34178fd2e5a63ee1aeada7c11ef3f65639935fee58ba0eafa99b2b1dbd67ee3
d5040a141549518c773b0d75420b0d4d316b26c029e4c94946d60d5d3afac7cf
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d6f235c0ae26135f22383f4adf497677205319471b09ee53ab9d8b2b4a364fc7
d7133c07da0d7df5ae3d5fe3ff8a67982a5af918e7ec147af765f1ba7e14b641
d94edd219d965011aa7c423435675f8fc3aba340d1d2a45840c88592b922dbf2
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da779586ab94abb7d4cc76ee20bdee72681057173160798962835e2758746dfb
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dbb6d7e8adfe681502d6023f30e242ed75cafca1ecd356ffffb4ac7de1b3d360
dcf66f5ef082d7fd5259bc85352f7ce595fa2bf76fd51c2aec0ff6cb91db43c0
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deaf6910b8470d51fefd3ff88a1e8b0cf018b9eb2e019c17dbd755f2ebb9c070
e00c6ac4a08618cf6652f6f85a79aded49f44a64575a8e69672ef752b8c435dc
e06c1b5835373a277ddc9b512293612f0cd5cb5cd876ee5fa3ef7833c91f6864
e102f8fcda630190f1eaccad78339089dbdc4de850ac6bca7bd057db23d36e94
e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f50b0cae939f3b13520a85641d2e719dbe122ec0108f1cd19f061e056911e8
e4aa725adaf778ba87d0592e62b2b6b2f4909bb818d79c720ba58c0f0ebe79c9
e6f9679b4a3f1b11233b36ccc9728ee7db25cffd51542ce046c82f1f368a6740
e87afb07bae07c473cd2c18190936b19be8925b8f47e94ff7cb8f477c3c9ffbc
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e892934718b572f17a56e83647ec4a83ebce42b536de31cf83891d81361b4d21
ecadd5e05e21cee2f29ac9136fc2dfa15269b78b8be566bae9f08a061f3422e5
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef363fc8d14e4cdfc401792ea044108d84aa709594566611808f8e5aa0779c4c
ef545107e05d08ac455ec0a3b36290ef3d3a5e7b49d2ed8f5f1499398b58fc43
f1344d269f3c1728ddfd5278601c670241faaee7a16095228b5624cbadffc6ba
f180d76be4fe3072f5c29b64ac56aa850f4ee0bfc2fcfe33541f918cd2801ad4
f2153bde5c6d6551519feebc9ee20ad074dc4ed6baa1f0d483792fc03a7c24dd
f27d2c5f66b94230e004d6c66655d01a1cd15174edb43a04feced5daf4d5315f
f3a66a18e4acc069bf082e67acf97c03aa3184dc0ce37977fad64fa37bf04ac0
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38
f5069584ce49d3443299d9a275b0924a94f054ec25dabfcbc2118d2425dda672
f6834d2fcad7f7350612d2ab661502632e8cec741537b94ee67812c7298ec675
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
f6a8e74bed77ce6685a87979a1a6fa75deac0194b365e9958361124cd8b88cf1
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fc5c9d805c7cc14cbb1c2e1b3d9c7714e97176a0634ca2542a721aa6f87a350e