www.telegraphherald.com Open in urlscan Pro
192.104.183.109 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Submission: On September 15 via manual (September 15th 2023, 4:49:17 pm UTC) from US — Scanned from DE

Summary HTTP 309 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 74 IPs in 8 countries across 53 domains to perform 309 HTTP transactions. The main IP is 192.104.183.109, located in United States and belongs to LEE-ASN, US. The main domain is www.telegraphherald.com. The Cisco Umbrella rank of the primary domain is 866413.
TLS certificate: Issued by GTS CA 1P5 on August 3rd 2023. Valid for: 3 months.

This is the only time www.telegraphherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	192.104.183.109 192.104.183.109	10668 (LEE-ASN) (LEE-ASN)
11	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
54	104.16.133.24 104.16.133.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	108.156.2.60 108.156.2.60	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	13.32.99.22 13.32.99.22	16509 (AMAZON-02) (AMAZON-02)
3	184.175.83.79 184.175.83.79	7393 (CYBERCON) (CYBERCON)
4	54.197.229.45 54.197.229.45	14618 (AMAZON-AES) (AMAZON-AES)
1 6	108.138.17.85 108.138.17.85	16509 (AMAZON-02) (AMAZON-02)
18	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
9	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
6	13.224.192.181 13.224.192.181	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3033::ac43:9fa2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:20e... 2600:9000:20eb:e00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	99.86.4.30 99.86.4.30	16509 (AMAZON-02) (AMAZON-02)
8	116.202.150.116 116.202.150.116	24940 (HETZNER-AS) (HETZNER-AS)
1	3.65.104.49 3.65.104.49	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:6000:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.239.18.118 18.239.18.118	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	18.203.57.57 18.203.57.57	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	172.64.149.180 172.64.149.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
11	13.226.175.128 13.226.175.128	16509 (AMAZON-02) (AMAZON-02)
8	44.210.28.246 44.210.28.246	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
8	34.241.108.134 34.241.108.134	16509 (AMAZON-02) (AMAZON-02)
1	3.216.232.229 3.216.232.229	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	13.225.78.11 13.225.78.11	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	104.77.32.87 104.77.32.87	16625 (AKAMAI-AS) (AKAMAI-AS)
1	162.55.144.217 162.55.144.217	24940 (HETZNER-AS) (HETZNER-AS)
2	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
1	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT)
1	13.32.121.35 13.32.121.35	16509 (AMAZON-02) (AMAZON-02)
1	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	172.64.148.101 172.64.148.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.58.45.126 52.58.45.126	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	13.32.119.77 13.32.119.77	16509 (AMAZON-02) (AMAZON-02)
1	35.160.35.184 35.160.35.184	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
309	74

14 192.104.183.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

www.telegraphherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.newyork1.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 108.156.2.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-60.mxp63.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-22.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.175.83.79 (United States)

ASN7393 (CYBERCON, US)
PTR: cf.thmedia.com

www.accessdubuque.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
archive.thonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.197.229.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-229-45.compute-1.amazonaws.com

embed.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.17.85 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-85.fra56.r.cloudfront.net

embed.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embedcdn.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:e00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 116.202.150.116 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy01.cl03.het.mrf.io

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.104.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-104-49.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:6000:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.18.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-118.ams58.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.57.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-57-57.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.226.175.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-175-128.mxp64.r.cloudfront.net

d29xw9s9x32j3w.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 44.210.28.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-28-246.compute-1.amazonaws.com

s2l.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.241.108.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-108-134.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yeet.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.232.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-232-229.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-11.fra2.r.cloudfront.net

player.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.77.32.87 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-32-87.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.144.217 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy05.cl03.het.mrf.io

compassdata.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-35.fra60.r.cloudfront.net

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.148.101 (United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.45.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-45-126.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.160.35.184 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-35-184.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

49ccac6acb6fee62c890c019af555273.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	townnews.com bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 17305	377 KB
26	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 8030 trends.revcontent.com — Cisco Umbrella Rank: 2550 img.revcontent.com — Cisco Umbrella Rank: 13098 cdn.revcontent.com — Cisco Umbrella Rank: 9388 images.revcontent.com — Cisco Umbrella Rank: 9446 yeet.revcontent.com — Cisco Umbrella Rank: 9031	285 KB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 49ccac6acb6fee62c890c019af555273.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 152	312 KB
19	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 pubads.g.doubleclick.net — Cisco Umbrella Rank: 412	216 KB
15	sendtonews.com 1 redirects embed.sendtonews.com — Cisco Umbrella Rank: 14127 embedcdn.sendtonews.com — Cisco Umbrella Rank: 15353 s2l.sendtonews.com — Cisco Umbrella Rank: 14150 player.sendtonews.com — Cisco Umbrella Rank: 14961	367 KB
14	telegraphherald.com www.telegraphherald.com — Cisco Umbrella Rank: 866413	198 KB
11	cloudfront.net d29xw9s9x32j3w.cloudfront.net	2 MB
11	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 337 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 675 aax.amazon-adsystem.com — Cisco Umbrella Rank: 418	134 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 388	184 KB
9	google.com ampcid.google.com — Cisco Umbrella Rank: 2819 region1.analytics.google.com — Cisco Umbrella Rank: 2787 www.google.com — Cisco Umbrella Rank: 2	2 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	671 KB
8	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 8334	4 KB
8	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2408	234 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56 imasdk.googleapis.com — Cisco Umbrella Rank: 501	358 KB
6	gstatic.com fonts.gstatic.com csi.gstatic.com	209 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44	42 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	284 KB
4	rubiconproject.com prebid-server.rubiconproject.com — Cisco Umbrella Rank: 967 eus.rubiconproject.com — Cisco Umbrella Rank: 669 token.rubiconproject.com — Cisco Umbrella Rank: 657	12 KB
4	segment.com cdn.segment.com — Cisco Umbrella Rank: 1907	34 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 887 id5-sync.com — Cisco Umbrella Rank: 427	62 KB
4	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 10520 compassdata.mrf.io — Cisco Umbrella Rank: 60349	50 KB
4	secondstreetapp.com embed.secondstreetapp.com — Cisco Umbrella Rank: 55897 api.secondstreetapp.com — Cisco Umbrella Rank: 49622	107 KB
3	google.de ampcid.google.de — Cisco Umbrella Rank: 71967 www.google.de — Cisco Umbrella Rank: 5677	889 B
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4447 buttons-config.sharethis.com — Cisco Umbrella Rank: 5278 l.sharethis.com — Cisco Umbrella Rank: 4833	47 KB
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 939	171 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 248	25 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 81	67 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 568 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 553	67 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 117	263 B
2	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1107 lexicon.33across.com Failed	16 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 946 bcp.crwdcntrl.net — Cisco Umbrella Rank: 963	12 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	187 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 678	539 B
2	accessdubuque.com www.accessdubuque.com	12 KB
1	thonline.com archive.thonline.com	12 KB
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 177	300 B
1	segment.io api.segment.io — Cisco Umbrella Rank: 1265	180 B
1	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 639	549 B
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 550	558 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 268	710 B
1	undertone.com hb.undertone.com — Cisco Umbrella Rank: 4047	525 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1246	17 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 331	17 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 406	396 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1143	357 B
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 5704	173 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 749	12 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1086	410 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 364	1 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1583	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1597	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 660	14 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1593	3 KB
309	53

	Domain	Requested by
54	bloximages.newyork1.vip.townnews.com	www.telegraphherald.com
15	tpc.googlesyndication.com	tagan.adlightning.com
14	securepubads.g.doubleclick.net	www.telegraphherald.com tagan.adlightning.com securepubads.g.doubleclick.net
14	www.telegraphherald.com	www.telegraphherald.com bloximages.newyork1.vip.townnews.com
12	images.revcontent.com
11	d29xw9s9x32j3w.cloudfront.net	www.telegraphherald.com embed.sendtonews.com
11	cdn.cookielaw.org	www.telegraphherald.com cdn.cookielaw.org tagan.adlightning.com
9	www.googletagmanager.com	www.telegraphherald.com www.googletagmanager.com www.google-analytics.com
8	pagead2.googlesyndication.com	imasdk.googleapis.com securepubads.g.doubleclick.net tpc.googlesyndication.com tagan.adlightning.com
8	s2l.sendtonews.com	embed.sendtonews.com
8	events.newsroom.bi	sdk.mrf.io
8	tagan.adlightning.com	www.telegraphherald.com tagan.adlightning.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	c.amazon-adsystem.com	www.telegraphherald.com c.amazon-adsystem.com embed.sendtonews.com
5	www.googletagservices.com	tagan.adlightning.com
5	www.google.com	tagan.adlightning.com
5	fonts.googleapis.com	embed.sendtonews.com embed.secondstreetapp.com client tagan.adlightning.com
5	embed.sendtonews.com	1 redirects www.telegraphherald.com embed.sendtonews.com
4	yeet.revcontent.com	assets.revcontent.com
4	trends.revcontent.com	assets.revcontent.com
4	fonts.gstatic.com	fonts.googleapis.com
4	cdn.segment.com	www.telegraphherald.com cdn.segment.com tagan.adlightning.com
4	assets.revcontent.com	www.telegraphherald.com tagan.adlightning.com
3	aax.amazon-adsystem.com	c.amazon-adsystem.com
3	region1.analytics.google.com	www.googletagmanager.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	sdk.mrf.io	www.telegraphherald.com sdk.mrf.io tagan.adlightning.com
2	eus.rubiconproject.com	embed.sendtonews.com eus.rubiconproject.com
2	csi.gstatic.com	imasdk.googleapis.com
2	targeting.unrulymedia.com	embed.sendtonews.com
2	pubads.g.doubleclick.net	embed.sendtonews.com imasdk.googleapis.com
2	imasdk.googleapis.com	tagan.adlightning.com
2	cdnjs.cloudflare.com	tagan.adlightning.com embed.sendtonews.com
2	www.youtube.com	tagan.adlightning.com www.youtube.com
2	www.google.de	www.telegraphherald.com
2	id5-sync.com	cdn.id5-sync.com
2	api.secondstreetapp.com	tagan.adlightning.com
2	www.facebook.com	www.telegraphherald.com
2	cdn-ima.33across.com	tagan.adlightning.com www.telegraphherald.com
2	cdn.id5-sync.com	tagan.adlightning.com
2	config.aps.amazon-adsystem.com	tagan.adlightning.com c.amazon-adsystem.com
2	connect.facebook.net	www.telegraphherald.com connect.facebook.net
2	geolocation.onetrust.com	cdn.cookielaw.org
2	embed.secondstreetapp.com	www.telegraphherald.com tagan.adlightning.com
2	www.accessdubuque.com	www.telegraphherald.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	archive.thonline.com	www.telegraphherald.com
1	sb.scorecardresearch.com	www.telegraphherald.com
1	49ccac6acb6fee62c890c019af555273.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.revcontent.com
1	api.segment.io	cdn.segment.com
1	img.revcontent.com
1	hbopenbid.pubmatic.com	embed.sendtonews.com
1	tlx.3lift.com	embed.sendtonews.com
1	htlb.casalemedia.com	embed.sendtonews.com
1	ib.adnxs.com	embed.sendtonews.com
1	hb.undertone.com	embed.sendtonews.com
1	prebid-server.rubiconproject.com	embed.sendtonews.com
1	compassdata.mrf.io	sdk.mrf.io
1	secure.cdn.fastclick.net	www.telegraphherald.com
1	player.sendtonews.com	embed.sendtonews.com
1	s0.2mdn.net	imasdk.googleapis.com
1	match.adsrvr.org	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	js-sec.indexww.com	tagan.adlightning.com
1	ads.pubmatic.com	tagan.adlightning.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	cdn.jsdelivr.net	tagan.adlightning.com
1	tags.crwdcntrl.net	tagan.adlightning.com
1	invstatic101.creativecdn.com	tagan.adlightning.com
1	oa.openxcdn.net	tagan.adlightning.com
1	static.criteo.net	tagan.adlightning.com
1	cdn.prod.uidapi.com	tagan.adlightning.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	embedcdn.sendtonews.com	www.telegraphherald.com
1	platform-api.sharethis.com	www.telegraphherald.com
0	lexicon.33across.com Failed	cdn-ima.33across.com
309	82

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.youtube.com
instagram.com
dubuquetelegraphherald-ia.newsmemory.com
dubuque.bigdealsmedia.net
thmedia.newzware.com
www.biztimes.biz
www.firstcitizenaward.com
www.herdbq.com
myvacationland.com
store.telegraphherald.com
dubuquetelegraphherald.ia.newsmemory.com
jobs.accessdubuque.com
www.gofindmyhome.com
www.gofindmycar.com
portal.cityspark.com
telegraph.clickitrewards.com
twitter.com
wa.me
dbqfoundation.org
tinyurl.com
smeagol.revcontent.com
help.revcontent.com
www.revcontent.com
www.microsoft.com
www.google.com
www.mozilla.org
bloxcms.com
bloxdigital.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
telegraphherald.com GTS CA 1P5	`2023-08-03` - `2023-11-01`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-07-08` - `2024-08-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
accessdubuque.com ZeroSSL RSA Domain Secure Site CA	`2023-09-04` - `2023-12-03`	3 months	crt.sh
*.secondstreetapp.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-19` - `2024-07-21`	a year	crt.sh
assets.revcontent.com R3	`2023-09-08` - `2023-12-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-25` - `2023-09-23`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
ssl03.cert.cl03.k8s.mrf.io R3	`2023-08-30` - `2023-11-28`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-07-27` - `2023-10-25`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
*.segment.com Amazon RSA 2048 M01	`2023-02-24` - `2024-01-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
sendtonews.com Amazon RSA 2048 M02	`2022-11-21` - `2023-12-20`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.sendtonews.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
revcontent.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-16`	a year	crt.sh
securedvisit.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
ssl02.cert.cl03.k8s.mrf.io R3	`2023-08-31` - `2023-11-29`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.undertone.com Amazon RSA 2048 M02	`2023-08-03` - `2024-08-30`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
img.revcontent.com R3	`2023-09-09` - `2023-12-08`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M01	`2023-02-10` - `2024-02-10`	a year	crt.sh
cdn.revcontent.com R3	`2023-09-05` - `2023-12-04`	3 months	crt.sh
images.revcontent.com R3	`2023-09-02` - `2023-12-01`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
archive.thonline.com ZeroSSL RSA Domain Secure Site CA	`2023-09-04` - `2023-12-03`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Frame ID: 116875896FAF5AFDA7A2A60CDC0E520B
Requests: 229 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: AA4104085C371265909CF7FA4087F42D
Requests: 19 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4EF7404F67F91043334EF98CE61AE305
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,700
Frame ID: 1526C7E84376BE7BCD33689BBDB8340B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Frame ID: 174A0C32CA971F170FC433720A41FA09
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9FB7D0CE98EE8776C0AC4AAEA36FC5B5
Requests: 1 HTTP requests in this frame

Frame: https://49ccac6acb6fee62c890c019af555273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A2F99108EB9C3B2E85262BBA4E1CAE5E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DAA37F22305242BCE66D7BE1E05A6AB2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B1C09480BE5A9D47F57E637C49707290
Requests: 2 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Frame ID: 1A4DE3251A512C4DAB2015ADC7034A29
Requests: 8 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Frame ID: B982B12E7C0D4A7524A48FF0C98B0A02
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Frame ID: 745487D849DF7B6200E0D4743558B93E
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Frame ID: 2F3F06D9AF51DD71D9D9D3CD0B48E7A8
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,700
Frame ID: 37A31C2761D79B871D5A2EB6A297C165
Requests: 4 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Frame ID: 93B96EA28087A4394DC7043CF0C5A76F
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1YYN
Frame ID: 444248C7110206BE9F5C698A9A720038
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Public comment sought for draft of environmental assessment of Cardinal-Hickory Creek line | Tri-state News | telegraphherald.comBack ButtonFilter Button

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

309
Requests

99 %
HTTPS

41 %
IPv6

53
Domains

82
Subdomains

74
IPs

8
Countries

6451 kB
Transfer

15428 kB
Size

26
Cookies

53 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/TelegraphHerald/
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.twitter.com/telegraphherald
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/TelegraphHeraldDBQ
Title: YouTube

Search URL Search Domain Scan URL

URL: http://instagram.com/thphotodept/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://dubuquetelegraphherald-ia.newsmemory.com/
Title: Today's eEdition

Search URL Search Domain Scan URL

URL: https://dubuque.bigdealsmedia.net/
Title: Big Deals

Search URL Search Domain Scan URL

URL: https://thmedia.newzware.com/ss70v2/thmedia/common/template.jsp
Title: Subscriber Services

Search URL Search Domain Scan URL

URL: https://www.biztimes.biz/
Title: BizTimes.biz

Search URL Search Domain Scan URL

URL: https://www.firstcitizenaward.com/
Title: First Citizen Award

Search URL Search Domain Scan URL

URL: https://www.herdbq.com/
Title: HER Magazine

Search URL Search Domain Scan URL

URL: http://myvacationland.com/
Title: Vacationland

Search URL Search Domain Scan URL

URL: https://store.telegraphherald.com/product/your-neighbors/
Title: Your Neighbors

Search URL Search Domain Scan URL

URL: http://dubuquetelegraphherald.ia.newsmemory.com/marketplace.php
Title: Today's Print Ads

Search URL Search Domain Scan URL

URL: https://jobs.accessdubuque.com/
Title: AccessDubuqueJobs.com

Search URL Search Domain Scan URL

URL: https://www.gofindmyhome.com/
Title: GoFindMyHome.com

Search URL Search Domain Scan URL

URL: https://www.gofindmycar.com/
Title: GoFindMyCar.com

Search URL Search Domain Scan URL

URL: https://portal.cityspark.com/EventEntry/EventEntry/TelegraphHerald
Title: Submit an Event

Search URL Search Domain Scan URL

URL: https://store.telegraphherald.com/
Title: Store

Search URL Search Domain Scan URL

URL: https://store.telegraphherald.com/2023-telegraph-herald-trips/
Title: Trips

Search URL Search Domain Scan URL

URL: https://telegraph.clickitrewards.com/
Title: TH Perks

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0EFWeoruB88n346EpgFmPg
Title: Video Gallery

Search URL Search Domain Scan URL

URL: https://thmedia.newzware.com/ss70v2/thmedia/dist
Title: Carriers

Search URL Search Domain Scan URL

URL: https://store.telegraphherald.com/telegraph-herald-trips/
Title: Trips

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line&via=TelegraphHerald&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://thmedia.newzware.com/ss70v2/thmedia/nonsubscribers/core/ratelanding.jsp?edition=TH&delMeths=A,C,M,I
Title: SUBSCRIBE TODAY

Search URL Search Domain Scan URL

URL: https://dbqfoundation.org/giving-center/the-local-journalism-support-fund
Title: .st0{fill:#492E77;} Support Local Journalism

Search URL Search Domain Scan URL

URL: https://store.telegraphherald.com/product/th-article-reprint/?article_details=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%20-%20%20https://www.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Title: Purchase Article Reprint

Search URL Search Domain Scan URL

URL: https://tinyurl.com/rdue5tyt
Title: https://tinyurl.com/rdue5tyt

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/xYKNNTlm7hWuNA8IY39WOSTLcQhU9DjfzncMgXxCQhRpldKS7aO61E3gntoUtoldW7dDdD6dnsMiEYV8A6IjMvgpiwE7weK1NK3Q066iGXYeFzdYPLW59PIAtYJMbRIStfxWzpK1DEQ0ojSE_SIpEm7K1SNd7kZ0SnS6SLqxkYTnFgG6nYBBcHpyoSoU0blNhtmIWgKzWbWRZwxpnnTG9ZNJ8MGZxewY3iZL6i5jFawmCF24GLVFBf-4xGfNQdOHinKgyzN_rCd282ePbbsq5ieDITSYUThYgjKT2kQY2AJCE8LytIm4G7Z1NUrG8FWhiJNNctirp3VqPvPBbr64Qhqv6ov3glCTk0j_x057Ops0mYtOo0IRoxk9wklOAEmmARMgVn2sUMZCQMIIN_8VsSC0PvZ_2umI2c5U9NTv3A4dmTxYQxKZTvjNQgW81IbPfb_kbdgKbPleNJxs54O5hs2AqetSGk9zJwkBs6B4YMgARgXk5Q_H5avX09m73HC_fMFpvWnO-_wKbuuZHtpjzKLQ-T7diayHxGS0z6AfdD0VriZjI7d-obsmDzCuTV-eIdbrTchdE53FzyYfczpnc6lTCPPI4nLFgv8ARur_Egyjvyarw0vkc37G4EJfsnTam3_kUnzKodEFFXP9sURPXh7_JKZBMqng0WUMZfwb-UdrLXSe_e0_ybc8LpH8-0sIuKb7s3cCdTUxRryrG80lsSQeXvGQ5pVLXJHuWiACloNr67UrlxzZbs1qKyirn2jIeSKk1QHsmJ7WMED2KLnFw2r0X9OnUxRrxbJqajwP-fztzlHb4a-5eiYGccYgJlencJ1Scjd2zO629e4AoybN9B-eYcjS6SMXQbA-CIMD_ws_?p=GgFDMISWkqgGOiQxM2QzZWU5MC0wZGQ3LTQ4NjUtOTVmYy1mNmUyZDBlMDMzM2JCJDM5OGE4ZDA5LTgwYWUtNDFkMC1iMDZhLWIwMWU2MmFmNTc3NEoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABAdgBso7wAZEChetRuB6F6z-qAg8yMTcuMTE0LjIxNS4xMzLqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: Eine Einfache Methode Zur Kniearthrose – Probieren Sie Es AusKnee Osteoarthritis Treatment

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/Pzaittt_CZ5Gb5vIMx4cM59YaJwNJy5JhXuLyGNYzV7ciGGyRsegRLRtMf9N91RtHL1nMBtUbM2enTI0_EidopAK477B2rztSpqYnSA7aIElLK6iIxES_JyyS_gz57TWGfzoZeJeaK0Wj_uXaDftePxyQenIMSWJcBQf6h0fHm4acaWVkBDw5Uj6yBk0aiySW8dkvnBnACrMfPQWoKLJ5mVkz2EE0SfAKbMdfsqbxQaTz4NPVnb13QEZ1KHpdC_vigyzyMEW5wm_dnhuPA3FL6Y8eF2pQAcX9ubuVLgqPSe31-US6rwW7rUmOv6TtcGYh0yNtExzghhGH8mwEC20o2tCNvcoWQ5EvCWIUB3wYXwOSN1Gez6Dw8nkgT-j1Ggj8PpZM4_jrP5tx4zlHHi07-pzPzf5WYXqwZwdv0E1lcflBdGsz3pdGZINqehgZrZx2Q1bAJqqmGnHj0Z931VKati2ujSs6IdtMpSMJXai2RibLCiBsVPbw9_M2LwLjMTm9g1KGKOwYBrVOaOoh6gMzWcKkm6rEP5SXrJCuqTtJwpq7z4Nu7FuNVxaE_1IDX44TFcWfpr2F1VF3XRIMp-C8SUg_rS60Twha5uQs53Kfiy1wWfxbHaqVgnYy2KApskALRcctFWW39lOrf-HDrxZoldLgABFrkBrua6TSlg-EoFewDeMKkqxq8gLj-jyg6MOxVQ?p=GgFDMISWkqgGOiQxM2QzZWU5MC0wZGQ3LTQ4NjUtOTVmYy1mNmUyZDBlMDMzM2JCJDM5OGE4ZDA5LTgwYWUtNDFkMC1iMDZhLWIwMWU2MmFmNTc3NEoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABAtgBso7wAZEChetRuB6F6z-qAg8yMTcuMTE0LjIxNS4xMzLqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: Unsold Laptops in Local Area Could Be Distributed Almost for NothingLaptops | Search Ads

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/c31PL1QhdmNNmxoFx8c8h_sMEbCeyKyhyBV1OvhfW6Ge4mPYLQCGP1uZxZtn6j4Z0G63omcQbAohD3bT1AoYLR9htM4TV3dPFa39Puwf2E1VBCiwPqezjHPNaZBiO1g0-7MfX9BlX_FKx4kHzT82XZRE0P0TLXtOJgQXtIiIO5-rv5HdDyYb1qRBB8Pz1zvV65BoWcz5pbzbFKJkEwiwTqEzJsQWTx_xQSaiKKXhglKox_nc6Bs-k9PttMJECgXJwM2WW0pdSkQvdxaN_UKQXwiPvG1D4K5pVR9FH8cwohp8wdyW8Gs-L9VBJqOhJ8wEx1lMLrZ1bY9D0cDChTjBd0pNH2qn9F4SLEOy43d6BYXI1svWSu7do5dU7NysRcmP8mVgP_4mUYUUW44XIu_NpsJU5jNUH7KYBOHDwctv91zbRWT8Akl2_YhCq-1A9kbmQa-6T1sIhwsfrzDQQ0x-TMw4I_pFzUtEuck0zmC6ez6ejUBBhXeGYrpKDYGF1dK8DhZrYb8pJ-WzptSJEn1XarCRsN_rcLVsC2gvm00kR-JCW2zgnisuQrwzosQY2Re7UeZwZIiWjpNV__PLbypHnjRiaRKPjYuyH6piAH8?p=GgFDMISWkqgGOiQxM2QzZWU5MC0wZGQ3LTQ4NjUtOTVmYy1mNmUyZDBlMDMzM2JCJDM5OGE4ZDA5LTgwYWUtNDFkMC1iMDZhLWIwMWU2MmFmNTc3NEoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABA9gBso7wAZEChetRuB6F6z-qAg8yMTcuMTE0LjIxNS4xMzLqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: Eine Senior-dating-seite, Die Tatsächlich Funktionieren KannSenior Dating | Search ads

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/6JjrsT4KdOabbZ8fZj34jw21m0JC7znUjAvhg6GH1zJMGS3LzJ0BOVTJHOEAOb677mo8vkBgv5DeYy7BnUiG9ons1fPw4z00Dbcsh8VjMtfOBYMj_e3y4eeMYpUeNZkkJNLmwvSqwnpP7uxl5oIoW9DPdfnWwltIJTqW4T2hLvflYoKUEMOGoROB1155ItsXjs2IlgTrFgbA5CL3zELXYKFKS8sqzUGviYTktB_GGGO1M4ASXGuODU3hFdjCx9HFa8NS2n2RcNJgDBABzxy5df12U5IjxXDcw2Id2lVgiivFs7Y0rVpSYE1dkzA9iYgvbCmT_KzYnj_EMhZa3mc44Jm6BMYxubHndL15RGmEcEY90lTmQlFyxjHAQWiq0ayvKPnhubgpyPetYq27SdKk4IUjED6ppq4jhpWEr_U1f4aMvHDeGXoLi30S16b3elc9Ndh31h-BatZ2immlfN85-O0oX57QnDCSDPj2dpNwg4Y3MlqNhmxkjl09MpNOEhmGKe7Yq74ziKKwQ_bkmXo52A4Y9DIa6lt_Al2sEu_nxDf6hyFgPEa9-wjVwF8heTheoXv4O3ufxnPZPmbb7fpq6zQr7E4rNI_pPwdnIIqlQMpeFpLNlsLzcF9mBHNZ?p=GgFDMISWkqgGOiQxM2QzZWU5MC0wZGQ3LTQ4NjUtOTVmYy1mNmUyZDBlMDMzM2JCJDM5OGE4ZDA5LTgwYWUtNDFkMC1iMDZhLWIwMWU2MmFmNTc3NEoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABBNgBso7wAZEChetRuB6F6z-qAg8yMTcuMTE0LjIxNS4xMzLqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: Local Area: Innovativer Mobiler Treppenlift, Der Keine Montage Erfordert!Stair Lift

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/mbymqhY6D3ed6ydGiXx2qWThE__kvwZrA_bqyO8tCUp5PUfEs1imC5mBrnwLhlAgAsJItGViuyC5Mr6qeCPSZNsxWASacmFVpX4jU95jbsf5itwvzVW1oKQ-ExzEvk1qBV-aDDlHVQCZbZbanFrbh37LXc1mGweXgl5mGvl23zDpJLaUnD7PP-YvYNtH4fl677YN6s4pKLOZIdAv0X5NP6eSQU-vlYQsPdfu4VhnalMm46eyvVPTxiHrvkeWYaGeFXIACL1S444glCOPln8bdOFGPoTcfT3n3elPod8L9i4BfIzIZf5_qr8X90EXdfCBpVfXSaBlV58QTNM6b0Q1tyYqNJPnFEMB_jDaR4ORPoB3G7X82-bxjQNKHOYdHvQoIHz45HP0J5s0vQXyyZQ8Ch98UO5n0DZ6XmL0T2ohiQ_y5152UPLtmV3-mDNdDspLmUshrRJhQYVj9V9m1L5xHzwPfEJfvGYbCumQdDQKHXcGmc7mwzglBcXxensgrdUkgzLWNUxnhu2CI2ThtaXdxtculmdWPYu5ENe4-kUQlr7MSjWmSfMSjpv8UzTPcRFFgwrEBd0vlbasliKX_fW2QS4?p=GgFDMISWkqgGOiQxM2QzZWU5MC0wZGQ3LTQ4NjUtOTVmYy1mNmUyZDBlMDMzM2JCJDM5OGE4ZDA5LTgwYWUtNDFkMC1iMDZhLWIwMWU2MmFmNTc3NEoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABBdgBso7wAZEChetRuB6F6z-qAg8yMTcuMTE0LjIxNS4xMzLqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: Local Area: Unverkaufte 2022-suvs Fast Umsonst: Siehe Preise!SUV Deals

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/WufWAqzQWbQvbBBPBRrsyRoG1oqlfG-q9fnht-DtFlFpp5JPnKQTd1sQ6Z9dDPiKprUsmA5SE-NxdPG3nmIyAHWcGw8piQOUCPvOhNYrbI8wBaAsdA0fo6pFI8OgZH6PuG-cZODH9Fp1EA3s4Bpwx15rgoUtj4EXIaKalZrF-Hlu8dnVLJ7QRm034rxqSmWgwtn8KEK44qG4G81QpnHf_8mcyUMxZRHDio-ZDbjZJQkONwJ5cmdXADc38ltHCJpaCsxb1dQfuWP7VYrmqBUn5BZA8eeYOVVVYzeuPFOS90WYhHJRQcfkGnjqN-GJV1UQhukd2NGR0gV_9aw88L1JTfbc5ITHtLR_7FQtgwlb0KVqrLb-unGCPmBa9ccqVi0jxWzjlJTDNNPNqIR34EpMtaRVcVrwj1EMis98Cy1II15aHgS9VOx3FBDsvRWlvN1JBlGSZ3bZUq14awbAy_EcXwHk8MLUPHo7Zh5A5_qf8tZ3InTNwdZBokJxhPzZPwAn3yAxhIDA_7IJWMVPHXfErA-2eMTFFOQ45tSb9PzqHhHBFglhFrHSClPbzJBf2FqDBPp5tWkFTmbJ-F21So_Kt4OQuMq-zE7JPlw_W6d9Zc2FwR-K8OtMu76fq9xNzZ4fT_e84Q?p=GgFDMISWkqgGOiQxM2QzZWU5MC0wZGQ3LTQ4NjUtOTVmYy1mNmUyZDBlMDMzM2JCJDM5OGE4ZDA5LTgwYWUtNDFkMC1iMDZhLWIwMWU2MmFmNTc3NEoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABBtgBso7wAZEChetRuB6F6z-qAg8yMTcuMTE0LjIxNS4xMzLqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: Wie Eine Feuerbestattung Funktioniert, Sehen Sie Sich Das an (hier Klicken)Cremation Services

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/wMxSkqEdt2BHP0Rub-K1-tYjFPiik0tRyeKqHqnlYS6HLIiw88FfG-ObFpOGMUPAsxy8xgm6oegqeyCww1oX_3JZKhs0lwt3XCvDHMAmVGqDBlK-BxexRfQz18uWoWg0HIKZi7Lz38jDJHud4wnp3ao0NT3dQoy_zgpA4_Itt38QSWHwG3jk5vU0mt2gwYDaQsHiZ5BmUtC8oHPdhOCdZDB3b9uDexqu5iKJxBOHImCINxvqCBq6F9aKBfaWYe2xLaI98z7X3tmuLzmwzLCzdVizukMmFXD1l20QWNZGqixRZ2Nd7vJnAkTCacQFkSRxAyouNewR2uBWWbc_oXsrLWgPJrQ1c5NxbPV0WufSExDz3uOGTJL8nKsi8Kv37YkHl2Jt5YDGx1DdjrJHNwwDwxAEeLGQUTIG3lnqKpBG-ghukuYBXDJHnD3E1D0-AakPzOrCIHgm8GLtV8zBqfEvYepTzJdBc0miJYH76oqHim6flA8H-ajoH2JyHX2pohtHtbbik-Mtfwz7877jIaRf9BmEeh_ni4GnGo3mt-yrlIcDFD7HeTJckLplsNuvsN_dw9lhmekOzSfeD7lzBK1djKpKHl9jBBnIruv_S-X-R4cjBZYq-1bnYKTrPiTa1u8fI-vXo44?p=GgFDMISWkqgGOiQxM2QzZWU5MC0wZGQ3LTQ4NjUtOTVmYy1mNmUyZDBlMDMzM2JCJDM5OGE4ZDA5LTgwYWUtNDFkMC1iMDZhLWIwMWU2MmFmNTc3NEoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABB9gBso7wAZEChetRuB6F6z-qAg8yMTcuMTE0LjIxNS4xMzLqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: Zahnimplantate in {Stadt} Kann Billiger Sein, Als Sie Denken! (Siehe Preise)Dental Implants

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/5T-yMmg1QsFybtbNHLJBHJfNtHblqde0eaXOwO93PE85Swfnfve0B9hI7GHyK0pm9wN4M371QD9zTfa1NJCZMxWTgD7RjZGKzSSpq4OmEGycRDSFIoQWhcWNaHGau_mniAnnOUVJ45mMY0-Te5hUvg35629GI8xis2ZKr1LdqQmINCmpgSRo7rsBBHl_UyAJj--_r4bhAI_cGL6APtc4GIiV1fijI-s4PQv-7sSUXitLgDi_bekBnZTRo-_LFYCWl9xS9BicA11wtyeB8sgN2VW4WdK0OIiw3FcQqtAPp_Yms5sXMRxksOaYno1GMqNAjyaw8MYIwVq_SawejHlNV-XRM-1IMe3Km2LsBbHVyNRMX86pvnm2VfKj9IcSE9Z4ipWsY8V5mJ4R1KGrv_GVac2VaUx1_i4zYZ5WDc4mFk35G2FU1a5U6LaqsJhmOd8l14K9pr3m5TysTlWQeW32U9E-3imHpZ3ikCMI1vX9r3gfhH4FNQWPom9yORGVTC9qrhtTTBSS6xv9cNGoZ9Ix5iTJN7EdwpJb-T190-QqEa4mwoMsSdfFBDbIFJV6zHsE0Pu9CaEUIlLoDWxIVl6TowRkQkyeel63rSS3gKldOOgrW-1GwREzxcCWe1CtBOU?p=GgFDMISWkqgGOiQxM2QzZWU5MC0wZGQ3LTQ4NjUtOTVmYy1mNmUyZDBlMDMzM2JCJDM5OGE4ZDA5LTgwYWUtNDFkMC1iMDZhLWIwMWU2MmFmNTc3NEoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABCNgBso7wAZEChetRuB6F6z-qAg8yMTcuMTE0LjIxNS4xMzLqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: Abendessen: 10 Lebensmittel, Die Sie Niemals Abends Essen SolltenHealth Natural

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/E2LTASV1oy6ZsZ3x2r0bKBkCy_qD8Ctn6mt01ls4hlDe6kbh1DlW1WVwacdS-IISjh-HoOmWrDEYug5i6fid2udacgGZjY0YIiJ3ItT0YG6N3Si5vXTpTq6zvKb9FO3juPp8ts8eARetLiZTi0tpzdx0GP0mfqklFMyuZVif5zU6WGFVF0GYAM7Fq8inSONf7oPWAEC98ChcmBCEAiw5-IQ2lFWQ6CLa0_ii_jk4oBidhI4umH8New06-DXF2WliMuAvG81dkr7olQnzavIGeSmvfR7hhJFHnBjjtVjQZeO5T9NZ5dyyy9XawA3S9Zv-U2w1pe57cETTZhUgwWjEYY9fxIIg1m8_y42gcXquFgkDdHC3GuS48eVbKlWm0r9aSXSmUtmhymwYRal-kF6NFvfgXIyem3lf_NBOvuZcaXSKlfZaw4WwVAgOyv2MGAg_Zmn5XMRVzR7_jyrkHnL4FiEoCVV2LXRmq190FlRQKwA2c_28oj5J5mk_8QytO7ZqJJnO--tRZvJ3LbeVsVuJofLh93grmECqYyuAkqvGXpgetX0wx5uwAbdxr8HCW4hwgzeyUmShXZStCIbRbRymmfGCYLMIEvtbB934CZ3fxrQIbHprkjoGGBHh9S7NKKPxo8Njd7egohswuMheSx2Nl7kNiUSRlK2-CggnuO0CWkfTFq9n_4o?p=GgFDMISWkqgGOiQxM2QzZWU5MC0wZGQ3LTQ4NjUtOTVmYy1mNmUyZDBlMDMzM2JCJDM5OGE4ZDA5LTgwYWUtNDFkMC1iMDZhLWIwMWU2MmFmNTc3NEoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABCdgBso7wAZEChetRuB6F6z-qAg8yMTcuMTE0LjIxNS4xMzLqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: Internet Without Landline: Prices in 2023 Might Surprise YouInternet Providers | Search Ad

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/56FuWlcLmBrZetK88sR9yLFwntSXcEpnqTSKafduOuGbWbH1y_Il56cv5n3uhqc0JRB28m1MSmkgVvo74wTELOj4snOHNjpFXOj6mExR0tyN43bsL_eqFPHF5CJRmTMY5EKZmNuMDMCcTfVYT20WEodrEYiJ6HwSFFz1uwOTw9b-WXLkdEQmgnosL8yv-_3RpMlMzt1lD2NU8zoa5_qAyLwdwyJxGnvnw46pF-y08OU0MSJ_E5xEKGbetPdbTKX921ghdPUBn1bJOezavUUULhTqwgZpRQb-gCuirPJ1alSvfSzoOj9TAXWz5gx06BTqLG2eT2P7Ua8e25HDtqX8Le76ZtbpezgHYsgrQ4U6vd5Vcuoi0-AJ9sYsb-C7KanjHhNalg_-RzzTzZgbirk90VN1WDOhbNDoq1DSUgPId4gcuXk-FQ-2ZO7m7mrOQcra4rHgPNnuBtqYj3D7ZD7DGyhMOzPoBCe4GamGYfCN__npj8qjYPjJDxw6NELqEtObbia35viGFKxE1bzC-J3-LEEzgnN6BksmW9oegas_JZpXqmo1242QGaXnab6ADRXxwqjuYTYS4kSS-HBM6IcGvoynNjLB8jiK8_YMTR_domJP8m6MDp2SxuMiGxaaOD10qHW-zG30Uvgynnr1pLcgILIeG27j-Tp9YU6nFnBIKrLsPbzyUmcIeckQple_QrZFSKSOOWKpuyXcBX0?p=GgFDMISWkqgGOiQxM2QzZWU5MC0wZGQ3LTQ4NjUtOTVmYy1mNmUyZDBlMDMzM2JCJDM5OGE4ZDA5LTgwYWUtNDFkMC1iMDZhLWIwMWU2MmFmNTc3NEoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABCtgBso7wAZEChetRuB6F6z-qAg8yMTcuMTE0LjIxNS4xMzLqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: Local Area Mattress Stores Could Offer Surprising Discounts (Take Note)Mattress Deals | Search Ads

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/DcmFG8W7cZ6lZ93TWh8SvPY315tSgWUDNJF-OcuTULWn5v9M2cjgfyT__XHPR2cwIT6RlZXJI158Bg4AhXySECsdh5q6z_5ysA0EGuQrisrZ0i-joToSLDjTpGdia1YqLmRHVdAHt3m_z18BG51hXaQJzVZJ-LPAQkhTOyh7zQkpQUr30aIKZBW-Q37Gphv6q_QtViC7qDREnZjHl2OJjylf2FokA9J2UDgurIo7spW-0bYSup0LDPO9nNRJYqSKj_uITSc6zFeP_D4ASmj_iZbt-nsURV4_iDC-CM3d4-r7mkKA2qcqv_h7BvSeIUgkXrVYG4GL2DkM-nTC8gZ9NrhytDp95SwvYWK8ZZedPIgTAWXbR7NCo6ALlF4PfAJOHwPEj-oE-8wl-VTuReegRYy58KbEkvHyt2dMoLP7l2sjdJpm5IabRTcc6a5D3uhPF8X0g36453CeIz18FWIpUOWjYQk8owNb7ao4CmKmF9pzOl9Yb-uRx3vn7xtqoPsc6ytoaxK25LSYrUsY3TMJ5BG6h1V6w7OeYL9RLSX5BwFNZcZi1hMS5mzeoF9ASHV6MkjmawpD6BOFOBKFCA5GhMWxUyIFylfQuldq9W4RkcpOW7od2UiyZXE26A_UWGI8_yrXWch0iz-pXyanYhqnDseAq0_kW8KPQYeY0bZcPw1YeHwmMsg?p=GgFDMISWkqgGOiQxM2QzZWU5MC0wZGQ3LTQ4NjUtOTVmYy1mNmUyZDBlMDMzM2JCJDM5OGE4ZDA5LTgwYWUtNDFkMC1iMDZhLWIwMWU2MmFmNTc3NEoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABC9gBso7wAZEChetRuB6F6z-qAg8yMTcuMTE0LjIxNS4xMzLqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: How Much Do Electricians in the US Make in 2022? (See Salaries)Electrician's Job | Search Ads

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/OcXlmlFFu8adYD5_zZV3kabFT6vbfkbm5dnvJNlr0Z-66rsLow_uwwoTf0eM1Q0ZpcgX7LJp0vzj22Rr1aLPk-c15pa6WqNnd6pCDGjzhIMIhJePiHPMKvYQbO5PXKoa8pPZLwN5ZdPb1ZU2qeEJwQWoDieH6EKw9yAg9qgdr7uizdYvEcuGj9aFJIGTuDIAAAOC7tqRYAofacmANQFjhGuzqXK9WkGe0qsFmzJm6OgFKNXAxPpKr-fGGLsiyzSoF5Zfjn4b182KFm-7Aft5PelSaBo0I_ZmNmg9KAbNsBtTS0JSft764lpJyiz9y6ZZep5zPNZ7HOne7Wn9CnDzg8zzUMKpTliVULNSKLZU3AE8HlfymY6-hM3Eo74Vpatr8AqcQRuFQCpgcktXQehm_rylYFcK11gfvfbjUYLKcQUBlZaQkLOlbmb4KedH4q0ZLSZD0QFjift8OtWR-n2UNNI6KZMG2xDPj-gIyQ?p=GgFDMISWkqgGOiQxM2QzZWU5MC0wZGQ3LTQ4NjUtOTVmYy1mNmUyZDBlMDMzM2JCJDM5OGE4ZDA5LTgwYWUtNDFkMC1iMDZhLWIwMWU2MmFmNTc3NEoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABDNgBso7wAZEChetRuB6F6z-qAg8yMTcuMTE0LjIxNS4xMzLqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: The 50 Most Romantic Hotels in the World for 2023Best Hotel

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/revcontent-privacy-policy
Title: Revcontent's Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/popup?utm_source=ads&utm_medium=organic&utm_term=signup
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TelegraphHeraldDBQ
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/edge
Title: Microsoft Edge

Search URL Search Domain Scan URL

URL: https://www.google.com/chrome/
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/
Title: Firefox

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://bloxdigital.com/
Title: BLOX Digital

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://embed.sendtonews.com/player2/embedcode.php?fk=dtKKcuXb&cid=13403 HTTP 302
https://embedcdn.sendtonews.com/easy-stn-player/7.23.0-A/embed.js

309 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html Show response
www.telegraphherald.com/news/tri-state/ 583 KB
141 KB 423ms
206ms Document
text/html 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

3494d17a7eddcc1f2157db72d2b64d0255b3b1a4e83314207fb34f4f2edf9ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 42
cache-control: public, max-age=300
content-encoding: gzip
content-length: 142443
content-type: text/html; charset=UTF-8
date: Fri, 15 Sep 2023 16:48:24 GMT
etag: W/a0ed64bf25ae8f65a9e6600752db57a1
last-modified: Wed, 13 Sep 2023 06:00:00 GMT
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://cdn.cookielaw.org/scripttemplates/otSDKStub.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
vary: X-IPCountry, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.71.0; app5; 0.36s; 6.7M
x-ua-compatible: IE=edge
x-vcache: HIT
x-xss-protection: 1; mode=block

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 95ms
43ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7EncTFplbWDUpOxlbB9/Qg==
age: 82897
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6836
x-ms-lease-status: unlocked
last-modified: Tue, 12 Sep 2023 06:30:39 GMT
server: cloudflare
etag: 0x8DBB359C864B571
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 84b29714-201e-0007-16b2-e555e0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80725c6edc0318e6-FRA

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
34 KB 122ms
54ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 624098
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e609f2-1882c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6f1f5e2c7e-FRA
expires: Thu, 25 Jul 2024 08:30:46 GMT

GET
H2 200 user.js Show response
www.telegraphherald.com/shared-content/art/tncms/user/ 3 KB
2 KB 191ms
191ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telegraphherald.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:44:19 GMT
content-encoding: gzip
last-modified: Thu, 07 Sep 2023 15:06:26 GMT
x-vcache: HIT
age: 286
etag: W/"64f9e6f2-c46"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1437
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 121ms
54ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 6205242
cross-origin-resource-policy: cross-origin
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6f1f692c7e-FRA
expires: Wed, 27 Mar 2024 10:56:11 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 32 KB
12 KB 117ms
51ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 4765357
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:17 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137065-8154"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6f1f5a2c7e-FRA
expires: Thu, 21 Mar 2024 07:31:20 GMT

GET
H2 200 tnt.ee95c0b6f1daceb31bf5ef84353968c6.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 11 KB
4 KB 97ms
31ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2629013
cross-origin-resource-policy: cross-origin
last-modified: Thu, 10 Aug 2023 18:23:36 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64d52b28-2d77"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6eff382c7e-FRA
expires: Wed, 14 Aug 2024 19:01:20 GMT

GET
H2 200 application.3c64d611e594b45dd35b935162e79d85.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 138ms
73ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

076f281a9257ad662f34badb12393195fdca0dc2fde9acd1f1628b9674a96aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 566785
cross-origin-resource-policy: cross-origin
last-modified: Fri, 23 Jun 2023 18:40:28 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6495e71c-10fa"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6f1f5b2c7e-FRA
expires: Sat, 22 Jun 2024 19:01:48 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
969 B 136ms
71ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 624098
cross-origin-resource-policy: cross-origin
last-modified: Mon, 17 Jul 2023 20:19:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64b5a23c-9b8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6f1f682c7e-FRA
expires: Thu, 25 Jul 2024 10:14:23 GMT

GET
H2 200 bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 97ms
33ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 588444
cross-origin-resource-policy: cross-origin
last-modified: Thu, 11 May 2023 20:00:28 GMT
x-vcache: MISS
server: cloudflare
etag: W/"645d495c-1ac2e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6eff2d2c7e-FRA
expires: Wed, 15 May 2024 15:01:11 GMT

GET
H2 200 layout.c16df073a4f45c16eb2b8a91ceb7b785.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 154 KB
28 KB 97ms
34ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.c16df073a4f45c16eb2b8a91ceb7b785.css

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38a8c69764cb608dd9ab1a715c2bcc582d8ffdf33ea486a8926234bf68d5733c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1244025
cross-origin-resource-policy: cross-origin
last-modified: Wed, 26 Jul 2023 20:07:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64c17cf0-26681"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6eff2e2c7e-FRA
expires: Wed, 31 Jul 2024 19:01:29 GMT

GET
H2 200 theme-basic.a7351649a9c39f0af7c6d288a87ef140.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 41 KB
8 KB 101ms
37ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.a7351649a9c39f0af7c6d288a87ef140.css

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5069584ce49d3443299d9a275b0924a94f054ec25dabfcbc2118d2425dda672

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 566785
cross-origin-resource-policy: cross-origin
last-modified: Thu, 15 Jun 2023 22:05:00 GMT
x-vcache: MISS
server: cloudflare
etag: W/"648b8b0c-a506"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6eff372c7e-FRA
expires: Wed, 19 Jun 2024 19:01:35 GMT

GET
H2 200 tnt.access.offers.e83899ab184df30a9837c1688f1e5fa1.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/styles/ 21 KB
4 KB 94ms
31ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/styles/tnt.access.offers.e83899ab184df30a9837c1688f1e5fa1.css

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e87afb07bae07c473cd2c18190936b19be8925b8f47e94ff7cb8f477c3c9ffbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 101889
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:16:02 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa12-5327"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6eff302c7e-FRA
expires: Wed, 07 Aug 2024 19:01:29 GMT

GET
H2 200 datepicker3.9f2593097fc3849b80bb9d187a12b345.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 31 KB
3 KB 95ms
32ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/datepicker3.9f2593097fc3849b80bb9d187a12b345.css

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62864dfc09682e01eedffa6de15991cab27064828cb39a1831059ab9a7bb735b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 180059
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:40:15 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6413709f-7b02"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6eff332c7e-FRA
expires: Thu, 21 Mar 2024 07:34:33 GMT

GET
H2 200 flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 960 B
521 B 113ms
50ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33d27a2237dd1e05c016cffdd6e7f19af210d5ab0f278a1090d0c342ee151a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 602093
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:40:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137098-3c0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6eff322c7e-FRA
expires: Thu, 21 Mar 2024 06:59:11 GMT

GET
H2 200 flex-card-promo-boxes.ed1a8e3c93ef8d80d23b903d016790fa.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 1 KB
778 B 93ms
30ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-card-promo-boxes.ed1a8e3c93ef8d80d23b903d016790fa.css

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0bb12bc1cb0dd34d2c3db06e0e376e55d14453983513e9670973e39ea2b7f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 180059
cross-origin-resource-policy: cross-origin
last-modified: Fri, 21 Apr 2023 12:44:28 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6442852c-4a6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6eff312c7e-FRA
expires: Fri, 10 May 2024 02:43:59 GMT

GET
H2 200 access.js Show response
www.telegraphherald.com/shared-content/art/tncms/api/ 87 KB
35 KB 188ms
186ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telegraphherald.com/shared-content/art/tncms/api/access.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 955becd6590ca9099279669e95771cf8d4d519ff8643dc8c398b6daaba6061a8

Request headers

Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:44:12 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 14:49:50 GMT
x-vcache: HIT
age: 293
etag: W/"64f8918e-15cd7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 35387
service-worker-allowed: /

GET
H2 200 bootstrap-datepicker.2b28bee684315ebcadec4a6b63cc146d.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 26 KB
8 KB 115ms
52ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/bootstrap-datepicker.2b28bee684315ebcadec4a6b63cc146d.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

883aa8eae3e60fb3293982ea005b7d0825faf153e68b7495fc6fe5893c38cb8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 101889
cross-origin-resource-policy: cross-origin
last-modified: Thu, 23 Feb 2023 14:47:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63f77c7a-6931"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6f1f642c7e-FRA
expires: Mon, 26 Feb 2024 07:53:36 GMT

GET
H2 200 jquery.mask.84bef41f682a27dac3fd6e812c06365d.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 3 KB
1 KB 133ms
71ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.mask.84bef41f682a27dac3fd6e812c06365d.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5bf9da61f9d4956b20577fe79038e5bd6dd8db076059155b18d8f4f2f8d6b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 194726
cross-origin-resource-policy: cross-origin
last-modified: Wed, 24 May 2023 17:14:47 GMT
x-vcache: MISS
server: cloudflare
etag: W/"646e4607-c0b"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6f1f632c7e-FRA
expires: Sat, 25 May 2024 08:06:02 GMT

GET
H2 200 tnt.access.log.3a08a9e5cc9ffa7f4c54ed2c8a09a1a2.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 10 KB
2 KB 133ms
71ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.3a08a9e5cc9ffa7f4c54ed2c8a09a1a2.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4502a3093838e13382b726c462761c6f8d75ace126ecccebc1f051f0beb3a11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 194726
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:15:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa0e-2638"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6f1f662c7e-FRA
expires: Wed, 07 Aug 2024 19:01:29 GMT

GET
H2 200 tnt.access.status.828de94349981272665c0fb0107f3e49.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 925 B
420 B 115ms
53ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.status.828de94349981272665c0fb0107f3e49.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4530108a7846e31d33b46c776fcd52a54aa52c879577dee1cd75dbae68dc0585

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 232550
cross-origin-resource-policy: cross-origin
last-modified: Fri, 19 May 2023 18:36:42 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6467c1ba-39d"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6f1f5f2c7e-FRA
expires: Thu, 23 May 2024 11:08:54 GMT

GET
H2 200 user-controls.578df3df79d812af55ab13bae47f9857.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 533 B
465 B 62ms
48ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

448e1a4179ffa476609ed1e8909867082486239c06fb2e277f7843e3269d427b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 157217
cross-origin-resource-policy: cross-origin
last-modified: Mon, 17 Jul 2023 20:19:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64b5a23c-215"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70fa1f2c7e-FRA
expires: Thu, 25 Jul 2024 10:08:09 GMT

GET
H2 200 sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 1 KB
782 B 73ms
59ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 306018
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Feb 2023 20:57:54 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63ee98d2-5bb"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70fa222c7e-FRA
expires: Thu, 22 Feb 2024 12:05:29 GMT

GET
H2 200 tnt.dynamic.navigation.2c31f97f685c80e6b8dde49bcd628fd6.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
843 B 63ms
50ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f1cfc02cb95103ce088d49e98ba6dfa4eaadb10fe50939f8b0cbca742a0802f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 731458
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:33:53 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64246871-6d3"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70fa232c7e-FRA
expires: Tue, 02 Apr 2024 18:17:29 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/townnews/ 48 KB
19 KB 132ms
35ms Script
application/javascript 108.156.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/op.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-60.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2d5da788f85f6c7606a2ce6b73ffdc5bbae4f1c94718b3682e614317a97ed0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: XA6dViIncsajw.9xT0BwO90kJFc7NvVx
content-encoding: gzip
via: 1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 16:07:02 GMT
x-amz-cf-pop: MXP63-P4
age: 2532
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19170
x-amz-meta-git_commit: e09f10f
last-modified: Wed, 13 Sep 2023 15:33:43 GMT
server: AmazonS3
etag: "f6b54ac76ca5c2f94afd76e0d00f9e5e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: JvNpnJwlBiYpuWPdx9dDjocSEY5TGfiKOknzimVXDYU8sXZhkppu3Q==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 197ms
102ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d7b31298b1677591809a6dd1fc186edf3ea2215e5a715b50fb7a31017dba949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29352
x-xss-protection: 0
server: cafe
etag: 760 / 19615 / m202309120101 / config-hash: 4208450176701668025
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:49:06 GMT

GET
H2 200 tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/ 4 KB
2 KB 79ms
66ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1f33558d1045531b408a422d50e71ad01b0b33984d74d6a3a06d97e4cfd3d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 194725
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Apr 2023 14:41:39 GMT
x-vcache: MISS
server: cloudflare
etag: W/"643814a3-1151"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70fa242c7e-FRA
expires: Wed, 17 Apr 2024 20:53:25 GMT

GET
H2 200 tnt.followed.notifications.5c3f8754f8cc2a7e270984c98de1d1c9.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/search/resources/scripts/ 3 KB
1 KB 166ms
153ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/search/resources/scripts/tnt.followed.notifications.5c3f8754f8cc2a7e270984c98de1d1c9.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a59df0e9bd45c2897db8be1409882ef4ebb7508ed14cd742c75160e5256f845e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
last-modified: Thu, 15 Jun 2023 22:04:06 GMT
x-vcache: MISS
server: cloudflare
etag: W/"648b8ad6-d35"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70fa252c7e-FRA
expires: Wed, 19 Jun 2024 19:01:35 GMT

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 207 B
277 B 115ms
54ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 4765357
cross-origin-resource-policy: cross-origin
last-modified: Mon, 17 Jul 2023 20:19:10 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64b5a23e-cf"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c6f1f622c7e-FRA
expires: Thu, 18 Jul 2024 20:42:52 GMT

GET
H2 200 tracking.js Show response
www.telegraphherald.com/shared-content/art/tncms/ 3 KB
1 KB 188ms
187ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telegraphherald.com/shared-content/art/tncms/tracking.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:47:09 GMT
content-encoding: gzip
last-modified: Thu, 07 Sep 2023 15:06:26 GMT
x-vcache: HIT
age: 116
etag: W/"64f9e6f2-a3a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1157
service-worker-allowed: /

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 52ms
39ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 39805
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80725c70df0c18e6-FRA

GET
H2 200 fontawesome.b2419fcc3201a1f4e3293248c643da08.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 268 KB
97 KB 80ms
68ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.b2419fcc3201a1f4e3293248c643da08.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

389f438844f7135c2be70a4a9f6654443a8c76482f1f0fbbea73b903c0d5cfad

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 591662
cross-origin-resource-policy: cross-origin
last-modified: Thu, 15 Jun 2023 22:03:56 GMT
x-vcache: MISS
server: cloudflare
etag: W/"648b8acc-430b9"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70fa262c7e-FRA
expires: Wed, 19 Jun 2024 19:01:35 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 203 KB
46 KB 116ms
28ms Script
text/javascript 13.32.99.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-22.fra60.r.cloudfront.net

Software

Resource Hash

cb9c4209cb9614d749efa807c0f454fc51136f7d5914ca629945cadad984edf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:39:07 GMT
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 599
etag: W/"32bd5-ML7JuoX3RQAdwjY+/7SzPPb0+Vo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: RTtYXOg96FsrClG2FGNjViyrkffu-Lhlg4VV0CnXdil1CQw-UBPY-Q==

GET
H2 200 tracker.js Show response
www.telegraphherald.com/shared-content/art/stats/common/ 9 KB
3 KB 188ms
187ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telegraphherald.com/shared-content/art/stats/common/tracker.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:44:12 GMT
content-encoding: gzip
last-modified: Wed, 22 Mar 2023 14:02:33 GMT
x-vcache: HIT
age: 293
etag: W/"641b0a79-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 f4444c72-43dc-11eb-b69b-e72b84364643.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/ 17 KB
18 KB 169ms
157ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/f4444c72-43dc-11eb-b69b-e72b84364643.jpg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

870028f088733265a28509511a09579ac83710b15ab1141ac8a58fe625cb2eb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=37309
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="f4444c72-43dc-11eb-b69b-e72b84364643.webp"
content-length: 17692
cf-bgj: imgq:85,h2pri
last-modified: Mon, 21 Dec 2020 22:36:23 GMT
server: cloudflare
x-vcache: MISS
etag: "5fe12367-91bd"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 80725c70fa272c7e-FRA
expires: Thu, 05 Sep 2024 19:25:38 GMT

GET
H2 200 9139213c-5b44-11eb-9746-8b8866e9f2ff.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/ 4 KB
4 KB 72ms
60ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/9139213c-5b44-11eb-9746-8b8866e9f2ff.jpg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b69de612111c26b096a1f30502688185e5bd0fcb1681c9fd7a9a1b89fa9d82e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 507810
cf-polished: qual=85, origFmt=jpeg, origSize=4605
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="9139213c-5b44-11eb-9746-8b8866e9f2ff.webp"
content-length: 3756
cf-bgj: imgq:85,h2pri
last-modified: Wed, 20 Jan 2021 17:26:01 GMT
server: cloudflare
x-vcache: MISS
etag: "600867a9-11fd"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 80725c70fa292c7e-FRA
expires: Thu, 15 Aug 2024 17:59:21 GMT

GET
H2 200 84062fc8-a3fe-11ed-9545-938ccd782e2c.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/ 8 KB
9 KB 166ms
154ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/84062fc8-a3fe-11ed-9545-938ccd782e2c.jpg?resize=750%2C63

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

098febc0d0ea7ff5edd7991f8ea8db5997c8f2ca32bbeb0ab2da5b28f0c96c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=10687
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="84062fc8-a3fe-11ed-9545-938ccd782e2c.webp"
content-length: 8512
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Feb 2023 20:08:25 GMT
server: cloudflare
x-vcache: MISS
etag: "a076aaa44296e3449d9be9ce9c5169e2"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 80725c70fa2a2c7e-FRA
expires: Fri, 26 Jul 2024 06:26:15 GMT

GET
H/1.1 200
OK cancellations-js-data.cfm Show response
www.accessdubuque.com/TownNews/data/ 136 B
393 B 563ms
124ms Script
text/html 184.175.83.79
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.accessdubuque.com/TownNews/data/cancellations-js-data.cfm
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.175.83.79 , United States, ASN7393 (CYBERCON, US),
Reverse DNS: cf.thmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e6f9679b4a3f1b11233b36ccc9728ee7db25cffd51542ce046c82f1f368a6740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:49:06 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Length: 179
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK turpin-logo-clean-200x51.png
www.accessdubuque.com/ 11 KB
11 KB 537ms
123ms Image
image/png 184.175.83.79
CYBERCON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.accessdubuque.com/turpin-logo-clean-200x51.png
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.175.83.79 , United States, ASN7393 (CYBERCON, US),
Reverse DNS: cf.thmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b33206bcdd3dc06f5d13265b61a6afc0b61a09b366c9f7b84b7a869274dd2654

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:49:06 GMT
Last-Modified: Fri, 21 Jan 2022 21:47:32 GMT
Server: Microsoft-IIS/10.0
ETag: "4d5aaf7e10fd81:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11462

GET
H2 200 60f1e118a9d82.image.png
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/media/e/cf/ecfff66c-e66d-11eb-95f9-4b43aeaae19e/ 7 KB
7 KB 72ms
61ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/media/e/cf/ecfff66c-e66d-11eb-95f9-4b43aeaae19e/60f1e118a9d82.image.png

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d950bcf10ea02125f7e203a9d96b3589a74558d66b33171845e4fa3d0a18d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 587489
cf-polished: origFmt=png, origSize=12536
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="60f1e118a9d82.webp"
content-length: 6884
cf-bgj: imgq:85,h2pri
last-modified: Fri, 16 Jul 2021 19:42:16 GMT
server: cloudflare
x-vcache: MISS
etag: "60f1e118-30f8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 80725c70fa2b2c7e-FRA
expires: Fri, 06 Sep 2024 05:38:27 GMT

GET
H/1.1 200
OK optin.js Show response
embed.secondstreetapp.com/Scripts/dist/ 177 KB
52 KB 498ms
118ms Script
application/javascript 54.197.229.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.secondstreetapp.com/Scripts/dist/optin.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-197-229-45.compute-1.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d6f235c0ae26135f22383f4adf497677205319471b09ee53ab9d8b2b4a364fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:49:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Sep 2023 15:34:46 GMT
Server: Microsoft-IIS/10.0
ETag: "02f227ec5e4d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 106
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 52552

GET
H2

200

embed.js Show response
embedcdn.sendtonews.com/easy-stn-player/7.23.0-A/
Redirect Chain

https://embed.sendtonews.com/player2/embedcode.php?fk=dtKKcuXb&cid=13403
https://embedcdn.sendtonews.com/easy-stn-player/7.23.0-A/embed.js

7 KB
3 KB

52ms
24ms

Script
application/javascript

108.138.17.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embedcdn.sendtonews.com/easy-stn-player/7.23.0-A/embed.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Server: 108.138.17.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-85.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3328bd9037407076ea9796475ce6b141b3123ebaaedbc56efdc43ee07cd43dc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:47 GMT
x-amz-version-id: R.2AvLLqDMEiBlSkHE87hNbIdl1IN7Po
content-encoding: br
last-modified: Tue, 12 Sep 2023 00:30:31 GMT
server: AmazonS3
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"5cc2c452879a57020145e8cdc91535cf"
age: 20
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 2_iDDS95ILQW-k7e31cZbqWNQ_OoBCnlKEphPOWAsZoNrdbgXRK77w==

Redirect headers

date: Fri, 15 Sep 2023 16:49:06 GMT
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P7
x-cache: FunctionGeneratedResponse from cloudfront
location: https://embedcdn.sendtonews.com/easy-stn-player/7.23.0-A/embed.js
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: y2dsTbahHxQzWHmX6pX-kXGXvYbydR0lfJXMZhMOVuagjbaDOhG1Og==

GET
H2 200 64528a8d95831.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/media/d/e0/de0a808a-e9ce-11ed-8900-4be12711b57b/ 17 KB
18 KB 73ms
62ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/media/d/e0/de0a808a-e9ce-11ed-8900-4be12711b57b/64528a8d95831.image.jpg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa05997ea2c6a549852ad57323ba29ddf9cc361a636871be8fe52617d1b2cd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 1289830
cf-polished: qual=85, origFmt=jpeg, origSize=29480
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="64528a8d95831.webp"
content-length: 17840
cf-bgj: imgq:85,h2pri
last-modified: Wed, 03 May 2023 16:23:41 GMT
server: cloudflare
x-vcache: MISS
etag: "64528a8d-7328"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 80725c70fa2c2c7e-FRA
expires: Sat, 08 Jun 2024 17:41:20 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 163 KB
52 KB 121ms
28ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 7f84a292e0721d3de1fed900349151e455ca5a03561747a4d58088693729efa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 18:58:37 GMT
server: AmazonS3
x-amz-request-id: YWDJFC07RCWWYXGA
etag: "a9aebf0b520fad8d9f454f7e1ed59efd"
x-amz-server-side-encryption: AES256
x-hw: 1694796546.cds286.fr8.hn,1694796546.cds055.fr8.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 52533
x-amz-id-2: XZBxZQH2glWsNkpwYeNER40pm0+Mb38Sv3Zphhek6dsKDKILw0nPiEXp9Km3y8CkQbJ0WneoielISnOouItyrA==

GET
H2 200 2765012a-43ae-11eb-b69b-9b615e72b007.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/ 10 KB
10 KB 436ms
425ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/2765012a-43ae-11eb-b69b-9b615e72b007.jpg?resize=540%2C187

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fb252a7b0f03225554f0781925db4039148977f4731567d3d161a7b2f8bac64

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=14995
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="2765012a-43ae-11eb-b69b-9b615e72b007.webp"
content-length: 10340
cf-bgj: imgq:85,h2pri
last-modified: Mon, 21 Dec 2020 17:01:22 GMT
server: cloudflare
x-vcache: MISS
etag: "5ba692d20d23ce7a861173f51ffd3891"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 80725c70fa2d2c7e-FRA
expires: Fri, 13 Sep 2024 18:37:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 229 KB
77 KB 171ms
81ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

426113221b8ffe09c48f255a2be770815d1f6d4256ff677eff1c1de5009f0488

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79028
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Sep 2023 16:49:06 GMT

GET
H2 200 62f59fd0-d7e3-438f-9ad5-b01d90539a49.json Show response
cdn.cookielaw.org/consent/62f59fd0-d7e3-438f-9ad5-b01d90539a49/ 5 KB
2 KB 92ms
46ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/62f59fd0-d7e3-438f-9ad5-b01d90539a49/62f59fd0-d7e3-438f-9ad5-b01d90539a49.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c01b4ea39d41a159cae309e742b5cd4dcbfb24d99456a6ab3822f426120f765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 38475
content-md5: rOfib6L6hvufFQlsTgH36Q==
content-length: 1707
x-ms-lease-status: unlocked
last-modified: Mon, 26 Sep 2022 04:01:06 GMT
server: cloudflare
etag: 0x8DA9F73BCE27AFD
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0eb5f026-e01e-0171-61e1-5aec8a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80725c6fd9e8694c-FRA
expires: Sat, 16 Sep 2023 16:49:06 GMT

GET
H2 200 tnt.access.3.1.a6e0068e9b5fdd5e841934cf8157498c.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 8 KB
2 KB 49ms
31ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.3.1.a6e0068e9b5fdd5e841934cf8157498c.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e29e7a53319f0f692a359d1dd23f412bebb653718dd3a9435ff2d12081b8cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 101888
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:15:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa0e-1e2a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70d9da2c7e-FRA
expires: Wed, 07 Aug 2024 19:01:29 GMT

GET
H2 200 tnt.access.granted.3.1.fc65cad9e66250cf8998ec9ff3cfa9eb.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
880 B 50ms
32ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.granted.3.1.fc65cad9e66250cf8998ec9ff3cfa9eb.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6519b2e757cd863fa5d0fd7476b99cd8983f6b34cda36b65b0ef6791b9bd60c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 326617
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:04 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137058-832"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70d9dd2c7e-FRA
expires: Wed, 27 Mar 2024 12:51:14 GMT

GET
H2 200 tnt.access.user.modal.b3515e2efc7544f596cd77d421e1655f.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 3 KB
1 KB 62ms
44ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.user.modal.b3515e2efc7544f596cd77d421e1655f.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b398ca5776a86c9873f15b54b0e4f51a30b844915c2286630072d2410f4ced00

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 194725
cross-origin-resource-policy: cross-origin
last-modified: Thu, 10 Aug 2023 18:23:36 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64d52b28-a12"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70d9de2c7e-FRA
expires: Wed, 14 Aug 2024 19:01:34 GMT

GET
H2 200 tnt.access.user.modal.wall.21ec4dc0d216de4acb895df85cf39bf1.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 27 KB
7 KB 54ms
35ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.user.modal.wall.21ec4dc0d216de4acb895df85cf39bf1.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62fa775e491874d7e0eb6dc4293d4920d156c6d04eb9d2cbc62519115822ae44

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 101889
cross-origin-resource-policy: cross-origin
last-modified: Thu, 10 Aug 2023 18:23:36 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64d52b28-6c5a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70d9e02c7e-FRA
expires: Wed, 14 Aug 2024 19:01:34 GMT

GET
H2 200 tnt.access.denied.4.0.offers.3838af3fd4bd9949036725cb7bad51e6.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 12 KB
4 KB 53ms
35ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.denied.4.0.offers.3838af3fd4bd9949036725cb7bad51e6.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5829a4bb2db7aa971395872851eae5fb07ce0196772c09fa9fd1576f5852b0df

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 101889
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:15:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa0e-2e05"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70d9e32c7e-FRA
expires: Wed, 07 Aug 2024 19:01:42 GMT

GET
H2 200 jquery.validate.f4d73313b7ce7a32500a94c38e2d2ca2.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 20 KB
7 KB 54ms
36ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.validate.f4d73313b7ce7a32500a94c38e2d2ca2.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f180d76be4fe3072f5c29b64ac56aa850f4ee0bfc2fcfe33541f918cd2801ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 326616
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:34:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64246880-512b"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70d9e42c7e-FRA
expires: Wed, 03 Apr 2024 07:50:54 GMT

GET
H2 200 additional-methods.54cac72c4ecc4fe6191818374fa8d218.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 15 KB
4 KB 52ms
34ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/additional-methods.54cac72c4ecc4fe6191818374fa8d218.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c1d2122bde8e57c6a0d64d3ae5ab9311b92a90d939505522ea8017a0332afed

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 326616
cross-origin-resource-policy: cross-origin
last-modified: Mon, 17 Jul 2023 20:19:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64b5a23c-3ab0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70d9e52c7e-FRA
expires: Thu, 25 Jul 2024 10:14:23 GMT

GET
H2 200 jquery.validate.custom-methods.77562065896d6b48f0405363b8758736.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 7 KB
2 KB 56ms
38ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.validate.custom-methods.77562065896d6b48f0405363b8758736.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e601d8d6f7a7e9ea77b0779587ac065677343a89df058a6638129e9b0f1ebdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 221109
cross-origin-resource-policy: cross-origin
last-modified: Thu, 11 May 2023 04:31:44 GMT
x-vcache: MISS
server: cloudflare
etag: W/"645c6fb0-1ce5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70d9e72c7e-FRA
expires: Wed, 19 Jun 2024 19:01:35 GMT

GET
H2 200 tnt.access.log.gtm.22dbd70d9641f10d0559ebd1a1327e07.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 3 KB
773 B 51ms
33ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.gtm.22dbd70d9641f10d0559ebd1a1327e07.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5040a141549518c773b0d75420b0d4d316b26c029e4c94946d60d5d3afac7cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 194725
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:15:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa0e-ce5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70d9e82c7e-FRA
expires: Wed, 07 Aug 2024 19:01:29 GMT

GET
H2 200 tnt.access.log.legacy.8de26295ce9ca025da0008f10ecacd2d.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 4 KB
946 B 142ms
127ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.legacy.8de26295ce9ca025da0008f10ecacd2d.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bfb4a2c4f974120f57a48cc57f7937f8045abe2bfb1f78b6683dab126091464

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:15:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa0e-f6a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70d9e92c7e-FRA
expires: Wed, 07 Aug 2024 19:01:29 GMT

GET
H2 200 tnt.access.output.subscription.245e49413d8c36773b4034b7970cc61e.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
1 KB 52ms
37ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.output.subscription.245e49413d8c36773b4034b7970cc61e.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef545107e05d08ac455ec0a3b36290ef3d3a5e7b49d2ed8f5f1499398b58fc43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 194725
cross-origin-resource-policy: cross-origin
last-modified: Wed, 24 May 2023 17:14:29 GMT
x-vcache: MISS
server: cloudflare
etag: W/"646e45f5-9bc"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70d9eb2c7e-FRA
expires: Thu, 23 May 2024 18:01:33 GMT

GET
H2 200 tnt.access.output.laterpay.7a6e72d83c11470ac72ce2b2f5d9fdbd.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
1 KB 64ms
49ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.output.laterpay.7a6e72d83c11470ac72ce2b2f5d9fdbd.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af6bea70dc94c86467e3682e344566a3f7097d677b5329fe22fd41abb9a443bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 326616
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137057-9cd"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70fa0e2c7e-FRA
expires: Thu, 21 Mar 2024 07:02:40 GMT

GET
H2 200 tnt.access.output.customjs.1480f2a51e2939dd767e130e3406e489.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
715 B 75ms
60ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.output.customjs.1480f2a51e2939dd767e130e3406e489.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc1009104ffcf20bdd8170964316315eb915d2d565aebc9d8f21b8b8f8e94150

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 101889
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:34:01 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64246879-638"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70fa0f2c7e-FRA
expires: Tue, 02 Apr 2024 19:18:33 GMT

GET
H2 200 asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 941 B
488 B 63ms
48ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 101889
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:38:56 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137050-3ad"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70fa122c7e-FRA
expires: Thu, 21 Mar 2024 07:18:52 GMT

GET
H2 200 tnt.ads.core.ff45cdf30b55b3c7217142a30df13f3d.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 13 KB
5 KB 73ms
59ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.ff45cdf30b55b3c7217142a30df13f3d.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46a96fa4f8b7be243cc0f92c4f877dfc84490eac8cba15ef27bbd4a1ae79c221

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 592080
cross-origin-resource-policy: cross-origin
last-modified: Tue, 22 Aug 2023 13:23:07 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64e4b6bb-34c5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70fa132c7e-FRA
expires: Wed, 28 Aug 2024 19:01:27 GMT

GET
H2 200 withinviewport.1f94ee79a22e6ee8e9c0bb61dec9999b.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 2 KB
1 KB 65ms
50ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34fc4e7529fac73aeaa0c93e5d6c40dcf6dc896aa0df459fac69542fb8a2a547

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 101889
cross-origin-resource-policy: cross-origin
last-modified: Fri, 23 Jun 2023 13:09:39 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64959993-9c5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70fa152c7e-FRA
expires: Sat, 22 Jun 2024 15:29:47 GMT

GET
H2 200 jquery.withinviewport.6ef0fee1774e9b313c264a5736522e35.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 1 KB
460 B 81ms
67ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.withinviewport.6ef0fee1774e9b313c264a5736522e35.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef363fc8d14e4cdfc401792ea044108d84aa709594566611808f8e5aa0779c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 194725
cross-origin-resource-policy: cross-origin
last-modified: Wed, 21 Jun 2023 20:55:53 GMT
x-vcache: MISS
server: cloudflare
etag: W/"649363d9-591"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70fa182c7e-FRA
expires: Sat, 22 Jun 2024 09:17:07 GMT

GET
H2 200 jquery.scrollstop.934c2bd4d6bebe0494bcb9dd4b1b6ca1.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 976 B
546 B 81ms
66ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.scrollstop.934c2bd4d6bebe0494bcb9dd4b1b6ca1.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d06b0e662cfd11cf87c4c75d9a1c22bb7f710d0d1b9c6d5dfc099e52672a4246

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 101888
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137064-3d0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70fa1a2c7e-FRA
expires: Thu, 21 Mar 2024 07:18:52 GMT

GET
H2 200 sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 4 KB
1 KB 63ms
49ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 101889
cross-origin-resource-policy: cross-origin
last-modified: Tue, 22 Aug 2023 13:23:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64e4b6b9-1010"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70fa1c2c7e-FRA
expires: Tue, 10 Sep 2024 12:42:49 GMT

GET
H2 200 tnt.regions.b44801b45845a81b995eeaad12f4f276.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 75ms
61ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39d6835ee4b7c5b33295b8e6ca78c56ce6fbcf44d80e79d218d528a2453fb185

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 194725
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:38:57 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137051-1015"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c70fa1d2c7e-FRA
expires: Wed, 27 Mar 2024 10:56:12 GMT

GET
H2 200 b-e09f10f-34756dc3.js Show response
tagan.adlightning.com/townnews/ 81 KB
31 KB 49ms
39ms Script
application/javascript 108.156.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-60.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 07:16:44 GMT
content-encoding: gzip
via: 1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
x-amz-version-id: vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop: MXP63-P4
age: 3835943
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30930
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:34 GMT
server: AmazonS3
etag: "bd7974ac83b1adc649e5e24a01f74b12"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Ucjdzvmf9N4miduIa6ENvLDFnb84IgAoLK-i8yhUbmwLAKBIYsNQkw==

GET
H2 200 bl-ef0aa10-eb644f7f.js Show response
tagan.adlightning.com/townnews/ 73 KB
30 KB 58ms
47ms Script
application/javascript 108.156.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/bl-ef0aa10-eb644f7f.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-60.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 197d57973f476d5a90adbeb556aa75d0dd3b0de064773b87e9ac4315858a03a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 15:37:40 GMT
content-encoding: gzip
via: 1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
x-amz-version-id: URKQx7fx6_jf5ilRKQVENDhziRpFv7ub
x-amz-cf-pop: MXP63-P4
age: 177087
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30654
x-amz-meta-git_commit: ef0aa10
last-modified: Wed, 13 Sep 2023 15:33:03 GMT
server: AmazonS3
etag: "cf5585934ccd581e98fb184e006c7b11"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 3VV76RnK9pbLFStCe2GNQAVH2sqvsqTG_xJpjcuUEUQY6PbP-ibo5w==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 249 KB
61 KB 140ms
28ms Script
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:59:34 GMT
content-encoding: gzip
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront), 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified: Thu, 14 Sep 2023 19:03:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 2973
x-amz-server-side-encryption: AES256
etag: W/"c48a6ec54d501e77b70ec98cc7bfa1a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: Ttn5Y7-05OSB8vSya8Psd9k2dgLsbIlZ09I7kwG65hiZmtcF9y-cSg==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 88ms
43ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 80725c70f93235ff-FRA
access-control-allow-headers: Content-Type

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 121 KB
47 KB 118ms
33ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NN54BPG

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bf00649d48931a37df34de72bd5f3fdeb35dd731cb30b0083bf356ad6b01050

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48034
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Sep 2023 16:49:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 218 KB
77 KB 78ms
63ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KJWBF3J

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da779586ab94abb7d4cc76ee20bdee72681057173160798962835e2758746dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78962
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Sep 2023 16:49:06 GMT

GET
H2 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 125 KB
35 KB 123ms
58ms Script
application/javascript 2606:4700:3033::ac43:9fa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03aa80580b402aebc5e486b943a2da82ee76790993dfffc4f4a421592e2d6f57

Request headers

Referer: https://www.telegraphherald.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-response-time: 3ms
date: Fri, 15 Sep 2023 16:49:06 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 15 Sep 2023 07:54:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
x-envoy-upstream-service-time: 9
accept-ranges: bytes
cf-ray: 80725c712e034dc4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 35338

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 70ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 15 Sep 2023 16:49:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53155
x-xss-protection: 0
pragma: public
x-fb-debug: Vx3m9FytFJg8t7diHHjRNweNDd47rz3KYWoCutLScpM3HWcNyiR92jFY9fstrj3DlVVaL+hwLQf/fA0pedC28g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tracker.gif
www.telegraphherald.com/shared-content/art/stats/common/ 0
145 B 103ms
103ms Image
image/gif 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegraphherald.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1694796546688160012001350298553388&tnms_dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&tnms_upage=1&tnms_do=www.telegraphherald.com&tnms_uri=/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&tnms_ref=&rt=1694796546692
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
x-vcache: MISS
age: 0
etag: "48f79fed-0"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 68 B
235 B 95ms
42ms Script
text/javascript 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 80725c71bd98bb53-FRA
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202209.1.0/ 376 KB
90 KB 34ms
34ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 229oLfugqvtMNLM3e0uPaA==
age: 45357
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 91423
x-ms-lease-status: unlocked
last-modified: Tue, 11 Oct 2022 04:36:30 GMT
server: cloudflare
etag: 0x8DAAB422B1E6529
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9d360d5a-501e-00e4-32e1-5acbec000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80725c71682418e6-FRA

GET
H2 200 5cd2f43a3f59c700126bad43.js Show response
buttons-config.sharethis.com/js/ 461 B
904 B 101ms
25ms Script
text/javascript 2600:9000:20eb:e00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5cd2f43a3f59c700126bad43.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:e00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c4a23a217e269ad2451e4668ad319a23ad3c70ec0d3d84a43d3a2564f0d3287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C1
age: 42
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 461
last-modified: Wed, 08 May 2019 19:40:11 GMT
server: AmazonS3
etag: "4d059be5eef50cc04a77381344839252"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=60,public
accept-ranges: bytes
x-amz-cf-id: 7egOn_42_g-xxCmerPguwjOMHHsWLvvnhyyHftZV5H_AiBkej5bwFQ==

GET
H2 200 e42ec5cd-11f7-4d8a-a91c-74054da9c4cb Show response
config.aps.amazon-adsystem.com/configs/ 537 B
812 B 82ms
23ms Script
application/javascript 99.86.4.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/e42ec5cd-11f7-4d8a-a91c-74054da9c4cb
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-30.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: c4f4a1449fff0e667a601b7c2a9a4e3dbe306903c3047b9d21b2f6a7b05ca2e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:21:22 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1665
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: 0h7OauUwo6QBF2FpVn3qFNUCgtNC0tVpwaLCTl4rrmZsIJopxvlpNw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 598 B
959 B 28ms
27ms XHR
application/json 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.telegraphherald.com&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 30e4d1e0f46d3af24c1b100040fa413fd22cc1e0260bbc63017f6fbd69fa7eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 14:12:10 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 9416
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 598
x-amz-cf-id: 7slHmhTR782rCX6_rYuVuGzKNTOa3lfOArVcrbr9u_9GRWQs1Mhm2g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 75ms
27ms XHR
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 05:33:42 GMT
x-amz-cf-pop: FRA2-C1
age: 40526
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 6102XWKNsga2q_52b3oR8zDSOk07H1CYJaVGSAo4eQGVnM9siwG3PA==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/ 408 KB
129 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37b564138a8c782c7ef7f804054712a1bb75a63677dca0e6e186b82102aebb93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 11:03:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20747
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131633
x-xss-protection: 0
server: cafe
etag: 12671944107613252425
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 14 Sep 2024 11:03:20 GMT

GET
H2 200 1329857520488846 Show response
connect.facebook.net/signals/config/ 489 KB
134 KB 99ms
99ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1329857520488846?v=2.9.127&r=stable&domain=www.telegraphherald.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ecadd5e05e21cee2f29ac9136fc2dfa15269b78b8be566bae9f08a061f3422e5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 15 Sep 2023 16:49:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Nd00/A2Auv/sGYwSieVdVACkmar7JG4qUrWIDFfYZNvURJHx1tBfadnvr+2VMl0vYM6j1SBq71fEM1L3np2y8g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 50 B
859 B 133ms
28ms XHR
application/json 116.202.150.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash: 29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
content-encoding: gzip
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 66

GET
H2 200 compass-multimedia-sdk.js Show response
sdk.mrf.io/statics/ 6 KB
3 KB 164ms
164ms Script
application/javascript 2606:4700:3033::ac43:9fa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=754
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d34178fd2e5a63ee1aeada7c11ef3f65639935fee58ba0eafa99b2b1dbd67ee3

Request headers

Referer: https://www.telegraphherald.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
content-encoding: gzip
via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 104
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Sep 2023 09:50:56 GMT
server: cloudflare
etag: W/"e6ad3179582ae74d56c8c6309f582ea6"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
timing-allow-origin: *
cf-ray: 80725c7338c84dc4-FRA
x-amz-cf-id: m0le4wzIXnGzw02RD-IhNgREvNjcU3EjnLXpuCa-mn3MPIy0U4j6Ug==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
410 B 273ms
186ms XHR
text/plain 3.65.104.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=www.telegraphherald.com&location=%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&product=inline-share-buttons&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&cms=unknown&publisher=5cd2f43a3f59c700126bad43&sop=true&version=st_sop.js&lang=en&description=Federal%20officials%20seek%20public%20comment%20on%20a%20draft%20of%20an%20environmental%20assessment%20for%20a%20controversial%20power%20transmission%20line%20that%20will%20span%20from%20Dubuque%20County%20to%20Dane%20County%2C%20Wis.&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.65.104.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-65-104-49.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:49:07 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://www.telegraphherald.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 92ms
32ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 15 Sep 2023 15:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3564
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 15 Sep 2023 17:49:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 178 KB
63 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6509b47e7d2ae329dbfd211c5e0f6816b368cb30b00c8e93c502b32792d3f4a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64822
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Sep 2023 16:49:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 215 KB
69 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f6114de4e1f9c80ad04cc403b8472320d5604ac43816db5c1540a17101e93dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70235
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Sep 2023 16:49:07 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/62f59fd0-d7e3-438f-9ad5-b01d90539a49/ea56b807-a9bd-4840-a986-27a00bc3b66e/ 54 KB
12 KB 62ms
61ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/62f59fd0-d7e3-438f-9ad5-b01d90539a49/ea56b807-a9bd-4840-a986-27a00bc3b66e/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

403b2909c28a9ec15859414656330bb266efccf0a660631faa249fe3945c2971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1089
content-md5: 7kDwGG0M5FVG2rnvsURDLg==
content-length: 11585
x-ms-lease-status: unlocked
last-modified: Mon, 26 Sep 2022 04:01:12 GMT
server: cloudflare
etag: 0x8DA9F73C02BF97B
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5272b98b-001e-0030-21b8-a582cc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80725c739ee3694c-FRA
expires: Sat, 16 Sep 2023 16:49:07 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 138 KB
30 KB 353ms
33ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07a170a7411835031a08ba9a8499c88b73eb0e9ca71729ad3bdcfce3c4332242

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 09:30:49 GMT
server: cloudflare
x-amz-request-id: 5E7CQEKZSSWX59DS
age: 877
etag: W/"6f2e4365e45d56ebb0820172e6b3d823"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 80725c75b9f84d4a-FRA
x-amz-id-2: v20g43EBNP/IOPwa4UqQhI/SgOgQ63rC+vmBWfrpIwvsQizyC18NYwY9OZp5IvFm1WmavmhbBHk=

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 182 KB
63 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6edd42686ddddc5cc5a5ad6e45305a1e0cf72a0c3e1790d59091ffb26070259e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64410
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Sep 2023 16:49:07 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 246ms
21ms Script
text/javascript 2600:9000:2250:6000:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6000:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date: Fri, 15 Sep 2023 05:39:43 GMT
Via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 40165
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Wed, 06 Sep 2023 03:40:59 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: wloSwjDnTIqIkydpa5lWl88eBogGinV1PxttfEO7aEOuBZs0bj9YXA==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 139 KB
30 KB 258ms
34ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 09:30:49 GMT
server: cloudflare
x-amz-request-id: VK2SRF16D02X5ZN2
age: 1896
etag: W/"1a5f44cdb786ba83a7fa05963228f464"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 80725c75b9fa4d4a-FRA
x-amz-id-2: W86YinNW2dsuZPfS+ZTkYpgh0FatBDvKhVeIE0/ciWbe7u4JzKj0+uiv//jSw9oMSxGGGz5knYw=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 294ms
69ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Sep 2023 16:49:07 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 248ms
24ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 19:33:05 GMT
content-encoding: gzip
age: 1804562
x-guploader-uploadid: ADPycdsJEoGEdACkPhEpLcadnh3aQlj77UDinvOmb6bbnYP4ZBIZ1c4FNa4dKEFL9W-lxAEBMvtWjPiKZu_LC3LquNuUVfFyLVER
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 24 Aug 2024 19:33:05 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 259ms
36ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: f56bb5853eec36671c02a8390fb5c342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 252ms
29ms Script
text/javascript 18.239.18.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-118.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:44:08 GMT
content-encoding: gzip
via: 1.1 28b2547a012b744c90796693b582d83c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P6
age: 50700
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: a8Pt8iOctONEOn1SiNVGqciMkvcHsH8GYTtYPcLXyZClEfS3fKEq4A==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 251ms
28ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 29311
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4568-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dB7hlgpbUig09iu5ykPqn7V3Arl%2B2t9kBcGGQ9aQTxZGevZmRnWk5BGVuUIPI%2Bli8Q0Bj1c%2F8r6I8tyWvHgZyysADA6RhYvIStsaAvbzG%2BTjt0g294ePvJWzh1dzW6baIaDhDYftULnDRQmwUyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 80725c75cdea30e4-FRA

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 40 KB
9 KB 256ms
33ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 04 Aug 2023 18:38:49 GMT
server: cloudflare
age: 87272
etag: W/"64cd45b9-a13f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 80725c75bdf04522-TXL
expires: Mon, 18 Sep 2023 16:49:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 113ms
22ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1329857520488846&ev=PageView&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&rl=&if=false&ts=1694796547291&sw=1600&sh=1200&v=2.9.127&r=stable&ec=0&o=30&fbp=fb.1.1694796547275.1033576860&cs_est=true&it=1694796547036&coo=false&rqm=GET

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 15 Sep 2023 16:49:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 105 KB
28 KB 94ms
29ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e00c6ac4a08618cf6652f6f85a79aded49f44a64575a8e69672ef752b8c435dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: bgcRC1HNK.5R9aS.uVrpg21.Xb0wYGHs
content-encoding: br
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 16:48:48 GMT
x-amz-cf-pop: FRA6-C1
age: 20
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 11 Sep 2023 18:58:34 GMT
server: AmazonS3
etag: W/"5924d8466ba0f8d645875cd19b686661"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: nGxDfJ50cegrno222twZIXsxGzPoeGjP4ts3e4bTudF1l-BGqL2XFQ==

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/ 9 KB
3 KB 37ms
36ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d94edd219d965011aa7c423435675f8fc3aba340d1d2a45840c88592b922dbf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Nv59uF4L5Erbm99maFPLHA==
age: 38474
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2612
x-ms-lease-status: unlocked
last-modified: Tue, 11 Oct 2022 04:36:22 GMT
server: cloudflare
etag: 0x8DAAB42260C012D
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: bd2ca943-401e-0087-4609-e2aae6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80725c7508dd694c-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/v2/ 63 KB
14 KB 43ms
42ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33939bb9d827d73e58f184dd1b06e5024b34d62373bd41ce2aea6058d62aa902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: MrbBPvSp/nr/pc7Rs9pb+g==
age: 38474
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14053
x-ms-lease-status: unlocked
last-modified: Tue, 11 Oct 2022 04:36:23 GMT
server: cloudflare
etag: 0x8DAAB42272E5DAC
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 5df370d7-501e-007f-7ce2-e1f618000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80725c7508df694c-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/ 5 KB
2 KB 44ms
43ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: chhUbr1lo8VfhnCyj4C/QQ==
age: 38474
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1767
x-ms-lease-status: unlocked
last-modified: Tue, 11 Oct 2022 04:36:23 GMT
server: cloudflare
etag: 0x8DAAB4226B08D84
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 802faa02-f01e-016e-58e1-5a379a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80725c7508e5694c-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/ 22 KB
5 KB 75ms
74ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: B55i3ZY9miZIaUrwjufy0w==
x-ms-lease-status: unlocked
last-modified: Tue, 11 Oct 2022 04:36:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6f5573a8-001e-00d5-7de1-5a903b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80725c7508e6694c-FRA

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
445 B 139ms
30ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 253 KB
87 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b856c515e96f86e2f9ff5418c119f5e5c00831ea28c60235115f25fd991edf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88609
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 15 Sep 2023 16:49:07 GMT

GET
H3 200 764f46ed0012a3900512.js Show response
sdk.mrf.io/statics/ 45 KB
12 KB 45ms
44ms Script
application/javascript 2606:4700:3033::ac43:9fa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/764f46ed0012a3900512.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35faab1d07b33795967a3a1ba80cb5f15a6986b031ae84cefc3a4338076c5b8d

Request headers

Referer: https://www.telegraphherald.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
content-encoding: gzip
via: 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: MUC50-P1
age: 1939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Sep 2023 09:50:56 GMT
server: cloudflare
etag: W/"ef3afb0961b22b67b10ea1548e874ec0"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
timing-allow-origin: *
cf-ray: 80725c754fb1bbd3-FRA
x-amz-cf-id: kFvwSpov-O3Xgd8hrO__xsepF4nya2jnomiflK93AosAZa1VK8yNlA==

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 283 KB
93 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-1KSYYTLTZT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ca99099e62044f90c611cc0afe309e4c21df12345d7b15aeefc3c2230352b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95073
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 15 Sep 2023 16:49:07 GMT

GET
H/1.1 200
OK 2466856 Show response
api.secondstreetapp.com/audience_signup_widgets/ 3 KB
2 KB 510ms
120ms Script
text/javascript 54.197.229.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.secondstreetapp.com/audience_signup_widgets/2466856?callback=secondStreetOptinWidget_2466856

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-197-229-45.compute-1.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e06c1b5835373a277ddc9b512293612f0cd5cb5cd876ee5fa3ef7833c91f6864

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:49:09 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
Age: 55
X-Powered-By: ASP.NET
X-SS: 107
Connection: Keep-Alive
Content-Length: 1379
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
X-StackifyID: V2|d1365cec-3782-466e-b803-b1b36e610d1c|C69601|CD66
Cache-Control: public, max-age=600
Accept-Ranges: bytes
Expires: Fri, 15 Sep 2023 16:58:13 GMT

GET
H3 200 easy-stn-player.js Show response
embed.sendtonews.com/easy-stn-player/7.23.0-A/ 667 KB
185 KB 55ms
24ms Script
application/javascript 108.138.17.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.17.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-85.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66a96f40edf674bec2e02e2f466a5c6f86ea97e857450831400bf74a799b64e0

Request headers

Referer: https://www.telegraphherald.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:46 GMT
x-amz-version-id: fXuli0NAL7F_NHrM7ls.O6svOuu_MIo_
content-encoding: br
last-modified: Tue, 12 Sep 2023 00:30:30 GMT
server: AmazonS3
age: 22
x-amz-cf-pop: FRA56-P7
etag: W/"9b84d321fff5c2136f52d2ca98b7456b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: yQi-dgSTRALMWoan81OLSMgMRvG3TWbRP7b2l4CzUvGcSrzWbab_Uw==

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
374 B 97ms
29ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
332 B 89ms
26ms XHR
text/plain 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.telegraphherald.com
date: Fri, 15 Sep 2023 16:49:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 / Show response
www.telegraphherald.com/tncms/access/rules/ 27 KB
4 KB 99ms
98ms XHR
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/tncms/access/rules/

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/shared-content/art/tncms/api/access.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

c6c2dadf2519b1a53072c243e563a27c55d28d46c8777856983f16b542d42b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
X-TNCMS-Access-Version: 2023-09-05 20:22:45
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 08:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30082
content-length: 3549
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Sep 2023 08:27:45 GMT
x-vcache: HIT
etag: W/cfb60643afaea26fac4441565be53896
x-frame-options: SAMEORIGIN
vary: X-TNCMS-Access-Version, Origin, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://admin-newyork1.bloxcms.com
x-tncms: 1.71.0; app11; 0.23s; 2.2M
cache-control: public, max-age=86400
accept-ranges: bytes
x-robots-tag: noarchive
access-control-allow-headers: X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User

GET
H2 200 / Show response
www.telegraphherald.com/tncms/search/recommend/ 52 KB
4 KB 99ms
98ms XHR
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/tncms/search/recommend/?app=editorial&t=article&inline=summary&preview=1&k=grant-county-wis%2Ccassville-wis

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

676e0e6f7bc86b4026194972a4fc3545fcc8d907734ca93f4ca3de4d9e85483b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
content-length: 3791
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Sep 2023 16:48:25 GMT
x-vcache: HIT
etag: W/ab746f6b99620d64d7a6f91572bb0773
x-frame-options: SAMEORIGIN
vary: X-IPCountry, Accept-Encoding
content-type: application/json; charset=UTF-8
x-tncms: 1.71.0; app17; 0.23s; 3.3M
cache-control: public, max-age=600
accept-ranges: bytes
x-robots-tag: noarchive

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
340 B 159ms
53ms XHR
application/json 18.203.57.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.57.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-57-57.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 5126ccf3097527765bf8adc3d53a9e9647b57684a495143e00832df6d12ed8b5

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache
x-server: 10.45.23.70
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
214 B 30ms
29ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1329802374&t=pageview&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&dp=%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ul=en-us&de=UTF-8&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABAAQCACAAI~&jid=181945815&gjid=997523444&cid=288697255.1694796548&tid=UA-54716522-7&_gid=488461565.1694796548&_slc=1&gtm=45He39d0n71PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&cd15=3.155.0&cd16=true&cd17=Page%20View&cd20=4802ccae-4e6f-11ee-a910-f3fbe99ea3ee&cm1=358&z=1489847332

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
352 B 96ms
29ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54716522-7&cid=288697255.1694796548&jid=181945815&gjid=997523444&_gid=488461565.1694796548&_u=YGBAgUABAAQCAGAAI~&z=1327555324

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 15 Sep 2023 16:49:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
83 B 29ms
28ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1329802374&t=pageview&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&dp=%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ul=en-us&de=UTF-8&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAUABAAQCAGAAIAB~&jid=164116475&gjid=1142709741&cid=288697255.1694796548&tid=UA-1002501-1&_gid=488461565.1694796548&_r=1&_slc=1&gtm=45He39d0n71PDQV3N&z=1079800914

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

514010fa6b11f61340616503c07fc5c2e4951163e6dc26cc2b4a33c229cc38d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
410 B 85ms
22ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

f3a66a18e4acc069bf082e67acf97c03aa3184dc0ce37977fad64fa37bf04ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.telegraphherald.com
date: Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H2 204 collect
region1.analytics.google.com/g/ 0
260 B 92ms
31ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je39d0&_p=1329802374&_gaz=1&cid=288697255.1694796548&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&sid=1694796547&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.content_id=4802ccae-4e6f-11ee-a910-f3fbe99ea3ee&ep.canonical_url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ep.content_type=article&ep.canonical_content_id=4802ccae-4e6f-11ee-a910-f3fbe99ea3ee&ep.content_group=%2Fnews&ep.townnews_crm_group_id=216&ep.generator=BLOX&ep.generator_version=1.71.0&ep.content_author_id=7c1716e6-b03f-11ec-b276-c312f26f2490&ep.content_author_eh=2ef1bfd93cef32b5a8ee3f22846ac721a2a5f2187b77c965c1e27e2dd4ad5bc2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 44ms
30ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=288697255.1694796548&gtm=45je39d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 111ms
61ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4T2EB147B8&cid=288697255.1694796548&gtm=45je39d0&aip=1&z=652217545

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 35ms
32ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1KSYYTLTZT&gtm=45je39d0&_p=1329802374&_gaz=1&cid=288697255.1694796548&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&sid=1694796547&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.item_id=4802ccae-4e6f-11ee-a910-f3fbe99ea3ee&ep.author=Telegraph%20Herald&ep.published_time=2023-09-13T06%3A00%3A00Z&ep.cms_product=BLOX&ep.cms_version=1.71.0&ep.content_group=%2Fnews&ep.content_type=article
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-1KSYYTLTZT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 30ms
30ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1KSYYTLTZT&cid=288697255.1694796548&gtm=45je39d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-1KSYYTLTZT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 62ms
60ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1KSYYTLTZT&cid=288697255.1694796548&gtm=45je39d0&aip=1&z=93699411

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 222 KB
67 KB 91ms
23ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:25:40 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=130639
accept-ranges: bytes
content-length: 68444
expires: Sun, 17 Sep 2023 05:06:26 GMT

GET
H2 200 / Show response
www.telegraphherald.com/tncms/search/mlt/ 12 KB
4 KB 106ms
106ms XHR
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/tncms/search/mlt/?origin=4802ccae-4e6f-11ee-a910-f3fbe99ea3ee&app=editorial&preview=1&type=article%2Ccollection%2Cvideo%2Cyoutube

Requested by

Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

0c84c498773a7bf8886f05dfe5f414e4b53fbd8aa2c448f5e26a4b83befdb232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
content-length: 3444
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Sep 2023 06:00:00 GMT
x-vcache: HIT
etag: W/66fd917e7bcba8de3634d4ba143f85a3
x-frame-options: SAMEORIGIN
vary: X-IPCountry, Accept-Encoding
content-type: application/json; charset=UTF-8
x-tncms: 1.71.0; app14; 0.05s; 3.1M
cache-control: public, max-age=300
accept-ranges: bytes
x-robots-tag: noarchive

POST
H2 200 recirculation.php Show response
events.newsroom.bi/ 12 B
724 B 26ms
25ms XHR
application/json 116.202.150.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/recirculation.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash: a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 telegraph-herald-horizontal-masthead.jpg
cdn.cookielaw.org/logos/94c60bf3-3eae-413b-b590-8270e0fb8490/477ec75b-8127-4b20-a42e-9f01cab7d0bd/227d63ca-b0a4-4b6f-a3c9-2293cdd5a658/ 43 KB
43 KB 33ms
32ms Image
image/jpeg 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/94c60bf3-3eae-413b-b590-8270e0fb8490/477ec75b-8127-4b20-a42e-9f01cab7d0bd/227d63ca-b0a4-4b6f-a3c9-2293cdd5a658/telegraph-herald-horizontal-masthead.jpg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a99ab7cb2c846dc63dc21c00c8eab1f9bbae618ef4a3b2b648a86d9855f80b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9v2G71U22mhDtZ9aJ9vQDQ==
age: 31417
content-length: 43668
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 12 Aug 2022 19:22:29 GMT
server: cloudflare
etag: 0x8DA7C97FF5221F9
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 6fa687f4-d01e-00f5-2ff5-5afcf7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80725c780a2e18e6-FRA

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 31ms
31ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: LpuayL42jB78xRllx0vkOw==
age: 38612
x-ms-lease-status: unlocked
last-modified: Thu, 14 Sep 2023 03:20:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 393cacc6-f01e-002b-0d56-e7b94f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80725c780a3118e6-FRA

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 112ms
43ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aacede08eec2bdcf96fbd7e1d841798a95df694ae2a9975e151c4d4abde9c880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 15 Sep 2023 16:49:07 GMT

GET
H2 200 187621-164323601241456.js Show response
js-sec.indexww.com/ht/p/ 33 KB
12 KB 133ms
61ms Script
text/javascript 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 15 Sep 2023 16:45:35 GMT
server: cloudflare
age: 9
etag: W/"9048a3-856b-6056885921f84"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 80725c78e9fe58f6-TXL
expires: Fri, 15 Sep 2023 20:49:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 93ms
31ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7133c07da0d7df5ae3d5fe3ff8a67982a5af918e7ec147af765f1ba7e14b641

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 16:44:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 16:49:08 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
439 B 94ms
32ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 16:49:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 16:49:08 GMT

GET
H2 200 OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 20 KB
4 KB 86ms
39ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2065196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3982
last-modified: Thu, 22 Jun 2023 11:13:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942ce5-f8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDH0AjGP30ROexfCM%2Bw6CsiZjD0UTKCEp%2Bc9DWcSO3U65726EntE3RZgMyzdf8XGEyEvau3%2FdWPTitg40lfxEwGMqmSjEKq1eHAxgHWnVNBDvg3P3ydEJFfTOJpz9jyN1W45rM0xYZJJrP9QUzgM5AIs"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80725c790fb79232-FRA
expires: Wed, 04 Sep 2024 16:49:08 GMT

GET
H2 200 OverlayScrollbars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame AA41 53 KB
21 KB 69ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 21248621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20502
last-modified: Wed, 16 Dec 2020 13:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fda05e7-d208"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BsIMgYoBA2G0zeyusEm25SUZwg5qLXPZca%2BHku8qmDheSpetUoZdYTMON1vUdV%2FqCqLXQRK2F%2FHXZiWt4rGrKAvRhvSTp07udLR5Pf7JdUZ412nmghUkOnIM21RBWfGPm7GGWWC%2BytfH%2BJxotDJ83E9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80725c790fb89232-FRA
expires: Wed, 04 Sep 2024 16:49:08 GMT

GET
H3 200 prebid.js Show response
embed.sendtonews.com/library/prebid/8.5.0/ Frame AA41 356 KB
113 KB 22ms
22ms Script
application/javascript 108.138.17.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.17.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-85.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e53c57c02bc1893290ace288f875fb7f24ecd07008077da5e9751f51040907e

Request headers

Referer: https://www.telegraphherald.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: uMY2CXxBwlQN5uztKTa9X5zGVYToi.n.
content-encoding: gzip
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 05:50:45 GMT
last-modified: Tue, 25 Jul 2023 22:19:16 GMT
server: AmazonS3
age: 39503
x-amz-cf-pop: FRA56-P7
etag: W/"1d52ceae543e767ce76cb49d8c52ac94"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 9jUFirdjIBPpO1KHq85LFJSroQo6Kk3MYIqh0ec5oIHtamtLNt-gyg==

GET
H3 200 comScore.gt.min.js Show response
embed.sendtonews.com/library/streamsense/6.3.4.190424/ Frame AA41 335 KB
55 KB 24ms
24ms Script
application/javascript 108.138.17.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.17.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-85.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Referer: https://www.telegraphherald.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: ..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
content-encoding: br
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 09:56:20 GMT
last-modified: Thu, 13 Apr 2023 16:36:13 GMT
server: AmazonS3
age: 24768
x-amz-cf-pop: FRA56-P7
etag: W/"4a51b8991a6b67323936c2eb62e3518e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: KZpRHKDTmSW7_j_9t_OTooUj0IWg6p4Wj31_h9H6Z3dPZ_3lRRX_2g==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 357 KB
123 KB 96ms
32ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02f8c15ba65b0ae9db6f957d28f9ae1adbc048090cca772bec7301451a8c1dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125468
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:49:08 GMT

GET
H2 200 reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 1 KB
1 KB 117ms
33ms Image
image/png 13.226.175.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-175-128.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 10:48:57 GMT
via: 1.1 a7d79448ea7ebb4dc0f6ccd1869d1444.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C3
age: 21611
etag: "cb93bb50e5d021cc38de445a672c18a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1094
x-amz-cf-id: FZIq8wbLfodKyQX6GjSN00vTd4hdO8kPuNSLuP-bdF5xLolYzIhALA==

GET
H2 200 facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 322 B
655 B 117ms
33ms Image
image/png 13.226.175.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-175-128.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:04:05 GMT
via: 1.1 a7d79448ea7ebb4dc0f6ccd1869d1444.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C3
age: 6304
etag: "311cf2edc46e82f2a6911332b7db54e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 322
x-amz-cf-id: P_XmlloGvXnP_KlIHQO_RBCVBm7i6Ja3ELmc0NgAQbDWglEthJNadg==

GET
H2 200 twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 832 B
1 KB 118ms
34ms Image
image/png 13.226.175.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-175-128.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 20:37:01 GMT
via: 1.1 a7d79448ea7ebb4dc0f6ccd1869d1444.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C3
age: 72728
etag: "8be584e844dabfe22970a0cb943c047e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 832
x-amz-cf-id: G-izVfnel7KpVMfA1la86OrsbNHBkJpX59vjvjbzXuDgOxPFQ20Lhw==

GET
H2 200 email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 773 B
1 KB 118ms
34ms Image
image/png 13.226.175.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-175-128.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 09:15:48 GMT
via: 1.1 a7d79448ea7ebb4dc0f6ccd1869d1444.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C3
age: 27201
etag: "4bd445ddc3f9d6101690e15cfc1a04f0"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 773
x-amz-cf-id: wwEBlAf7WEFI3JdUM4HjQocj8rXg-dkjpgoIy71NmIDiZrjZpW5A_w==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame AA41 249 KB
61 KB 24ms
24ms Script
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:59:34 GMT
content-encoding: gzip
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront), 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified: Thu, 14 Sep 2023 19:03:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 2974
x-amz-server-side-encryption: AES256
etag: W/"c48a6ec54d501e77b70ec98cc7bfa1a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 6eM-e_02a8MM60LSVif1voY9qyDTbnfmJZ3bpJrk2y-IUxpSmUtl7g==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
187 B 360ms
117ms Ping
image/gif 44.210.28.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=857196&version=7.23.0-A&age=230915&cmd=PRE_INIT&key=dtKKcuXb&seq=1&order=1&vIndex=0&absoluteTime=2084.2&relativeTime=0.3&canonical=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&serverHost=embed.sendtonews.com
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.28.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-28-246.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H3 200 data_read.php Show response
embed.sendtonews.com/player4/ 34 KB
6 KB 228ms
228ms Fetch
text/html 108.138.17.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=OUuBIMfN8VCDtB3X&instance=857196&version=7.23.0-A&age=230915&ESG_key=dtKKcuXb&type=FULL&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ogSet=1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.17.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-85.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 6b1e0c4d01987438c823ddada5028966cbb63bdbd65e1558304a9eb985c96136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: gzip
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P7
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1
alt-svc: h3=":443"; ma=86400
content-length: 5707
x-amz-cf-id: pmFkR4TXQRAwUfztFifadakf98Wc7vWZFtmWYBUrwJ6-lXE1EwOssQ==
expires: Fri, 15 Sep 2023 16:49:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
95 KB 46ms
43ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1KSYYTLTZT&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4bfbb6172286a6ab9314504a55dcd79217e35cc1c7319615a8995577af4c8a57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96926
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 15 Sep 2023 16:49:08 GMT

GET
H2 200 / Show response
www.telegraphherald.com/tncms/access/user/ 736 B
993 B 127ms
126ms XHR
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/tncms/access/user/

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/shared-content/art/tncms/api/access.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

6aa2b1d1d1ee8541c2b2c169b34728afb06a08ca39e5f2d5a4ed145636440eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-TNCMS-Access-User: anonymous
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 395
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
x-vcache: MISS
x-frame-options: SAMEORIGIN
vary: X-TNCMS-Access-User, X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://admin-newyork1.bloxcms.com
x-tncms: 1.71.0; app18; 0.02s; 1M
cache-control: private, max-age=3600, must-revalidate
accept-ranges: bytes
x-robots-tag: noarchive
access-control-allow-headers: X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200 v2 Show response
id5-sync.com/gm/ 276 B
844 B 70ms
25ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v2

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

685b6cce93fd4204c04645ec0077e93ba23660ebdb0cef27172ad9eee5664201

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Sep 2023 16:49:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H2 200 64f8e299a8a86.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/3/d9/3d97e5c6-f555-55df-ac67-dfb20109ff8b/ 11 KB
12 KB 142ms
141ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/3/d9/3d97e5c6-f555-55df-ac67-dfb20109ff8b/64f8e299a8a86.image.jpg?resize=200%2C305

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c57a5c8635e32219c8cffb12844c6b620b036730aa16a900e4d340ed7aa43cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=11774
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="64f8e299a8a86.webp"
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Sep 2023 20:35:39 GMT
server: cloudflare
x-vcache: MISS
etag: "afc548d494d50bac9b637743539620d7"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725c79be282c7e-FRA
expires: Sat, 14 Sep 2024 06:07:03 GMT

GET
H2 200 64f78a5fe1599.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/c/34/c34ec588-4c27-11ee-a9a5-c7be81bce776/ 7 KB
8 KB 131ms
131ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/c/34/c34ec588-4c27-11ee-a9a5-c7be81bce776/64f78a5fe1599.image.jpg?resize=200%2C217

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c2d938226572319f1888ae1b0be2bad23d9dce1431180fcb5bf3f542fa4db56

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=7611, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 7518
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Sep 2023 20:06:57 GMT
server: cloudflare
x-vcache: MISS
etag: "ff5ae13df472b50ca603155dafb36bd1"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 80725c79be2a2c7e-FRA
expires: Wed, 04 Sep 2024 23:45:53 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 3 KB
1 KB 70ms
22ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc5c9d805c7cc14cbb1c2e1b3d9c7714e97176a0634ca2542a721aa6f87a350e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: UnK3Jzx82VjmkmXiPXCq1ZNpqTk7dOLW
content-encoding: gzip
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 14:40:02 GMT
x-amz-cf-pop: FRA6-C1
age: 7747
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 29 Aug 2023 20:45:09 GMT
server: AmazonS3
etag: W/"bce4f760852ffc7e53a6ecc84f0a6d9b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: gQWvF9EZjSqrTq860AA3H9-BrxOPiYj2NJY0LrSsY17YYQQmsaVagg==

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 4EF7 0
78 B 22ms
21ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.telegraphherald.com
Referer: https://www.telegraphherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.telegraphherald.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:49:08 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
19 KB 81ms
34ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:18:21 GMT
x-content-type-options: nosniff
age: 81047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18628
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:18:21 GMT

GET
H2 200 64f8e299a8a86.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/3/d9/3d97e5c6-f555-55df-ac67-dfb20109ff8b/ 3 KB
4 KB 131ms
130ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/3/d9/3d97e5c6-f555-55df-ac67-dfb20109ff8b/64f8e299a8a86.image.jpg?crop=332%2C189%2C0%2C159&resize=150%2C85&order=crop%2Cresize

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30047215b0ae630d9b377ce7ed9c1568233256fc6d7c3dcc729d0de52a445af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=4133
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="64f8e299a8a86.webp"
content-length: 3578
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Sep 2023 20:35:39 GMT
server: cloudflare
x-vcache: MISS
etag: "7d7e567bc435a7552aaca86ec91f11ee"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 80725c7a4eda2c7e-FRA
expires: Sat, 14 Sep 2024 16:48:58 GMT

GET
H2 200 64f78a5fe1599.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/c/34/c34ec588-4c27-11ee-a9a5-c7be81bce776/ 4 KB
4 KB 140ms
140ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/c/34/c34ec588-4c27-11ee-a9a5-c7be81bce776/64f78a5fe1599.image.jpg?crop=999%2C564%2C0%2C259&resize=200%2C113&order=crop%2Cresize

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

516aac25ecedde23191fb756dc1175e4d43ff19efa51f4fd474bce6e560bee59

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=4174
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="64f78a5fe1599.webp"
content-length: 3698
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Sep 2023 20:06:57 GMT
server: cloudflare
x-vcache: MISS
etag: "30c96f1c0c495d7568847d22c6e098eb"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 80725c7a4edc2c7e-FRA
expires: Sat, 14 Sep 2024 02:00:33 GMT

POST
H2 200 / Show response
www.telegraphherald.com/tncms/access/meter/ 419 B
790 B 119ms
118ms Fetch
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/tncms/access/meter/

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/shared-content/art/tncms/api/access.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

0e48f0d912bb3db0ba23630fc04fe4c07393b4efe3227b49dc1314a661b0287c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 259
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
x-vcache: MISS
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST
content-type: application/json; charset=UTF-8
x-tncms: 1.71.0; app18; 0.01s; 0.9M
cache-control: private, no-cache, no-store, max-age=0
vary: X-IPCountry, Accept-Encoding
x-robots-tag: noarchive
access-control-allow-headers: X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User

GET
H2 200 css
fonts.googleapis.com/ Frame 1526 2 KB
542 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,700

Requested by

Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09430f3620f6c275e8b1549a197d320593921568230a827421e64ad31c2b9041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 16:35:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 16:49:08 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 54 B
320 B 173ms
47ms Fetch
application/json 34.241.108.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=273646&us_privacy=1YYN

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.241.108.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-108-134.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Fri, 15 Sep 2023 16:49:08 GMT
strict-transport-security: max-age=931536000; includeSubDomains
server: envoy
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.telegraphherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 54

GET
H2 204 sync
trends.revcontent.com/ 0
0 171ms
46ms Fetch 34.241.108.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync?us_privacy=1YYN
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.241.108.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-108-134.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://www.telegraphherald.com
date: Fri, 15 Sep 2023 16:49:08 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H2 200 ajs-destination.bundle.0f003b5e4b03680982b4.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 23ms
23ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.0f003b5e4b03680982b4.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 01:33:37 GMT
x-amz-version-id: _H9yZPSmslU0Ha7Pi0hl0RDILCgEno6Z
content-encoding: br
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 5757332
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Jul 2023 00:08:20 GMT
server: AmazonS3
etag: W/"5c08e208387787e375df16faad0e6cd2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: _eIXmiQ4do4WcS4yzs5sSYMQvC-uJMMOe3e3Gw-TjCvRa76VUGCqiw==

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/afd1b6e5/www-widgetapi.vflset/ 209 KB
65 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/afd1b6e5/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

200d2ad791858632f23e69eb768c5dd5bb8686158b5350c21f6237fc295b73ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:45:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65996
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 20:30:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 14 Sep 2024 16:45:35 GMT

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
173 B 383ms
135ms XHR
application/json 3.216.232.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.telegraphherald.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.232.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-232-229.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.telegraphherald.com
date: Fri, 15 Sep 2023 16:49:08 GMT
access-control-allow-credentials: true
server: nginx/1.24.0
content-length: 2
vary: Origin
content-type: application/json

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
357 B 107ms
38ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.telegraphherald.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
396 B 158ms
47ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: f6834d2fcad7f7350612d2ab661502632e8cec741537b94ee67812c7298ec675

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.telegraphherald.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 15 Oct 2023 16:49:08 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame AA41 6 KB
3 KB 33ms
33ms XHR
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 05:33:42 GMT
x-amz-cf-pop: FRA2-C1
age: 40527
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: ARUHNxolwWpkGOpNyhmf8prjV3PwNhdKM3so27Dwv38tcq0N_l-qjg==

GET
H2 200 bridge3.589.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 174A 722 KB
232 KB 25ms
24ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ea746bcaeb49d78462db0b0740de88e2f00bf5f492e14e65a5e811b45ee0220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.telegraphherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 120836
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236935
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 07:15:12 GMT
expires: Fri, 13 Sep 2024 07:15:12 GMT
last-modified: Tue, 12 Sep 2023 02:58:09 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 88ms
35ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Sep 2023 16:49:08 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9FB7 40 KB
14 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 15 Sep 2023 17:22:16 GMT

GET
H2 200 6c3f03cd-6fa8-4477-ac05-2c0f4f8da092 Show response
config.aps.amazon-adsystem.com/configs/ Frame AA41 537 B
801 B 21ms
20ms Script
application/javascript 99.86.4.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-30.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1856d9b5b6bab37b309b28fe14f3de828d2997daa7e80b31da276ff234c3a8f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:37:05 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 723
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: G1jvgLCkl1aw8e2_to6y8azYYckCnT2vy8JSc17NEzBopiTFtFTMuA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame AA41 1 KB
1 KB 27ms
26ms XHR
application/json 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.telegraphherald.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 7d14d434794d4b7d3ec2cd2a97263773a8dd35b8da5302fe99d3dfb604c6fb91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:45:40 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 3807
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1110
x-amz-cf-id: xjrBWD009b1kPCYR2676YmYOEL02dNof-bHTiaHyUSF6TcKjOn4NVA==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 114ms
113ms Ping
image/gif 44.210.28.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=214857196&version=7.23.0-A&age=230915&cmd=GET&key=dtKKcuXb&c_id=13403&seq=1&order=2&vIndex=0&absoluteTime=2572.7&relativeTime=488.8&canonical=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&playerCfg=FP&playerType=FULL&serverHost=embed.sendtonews.com
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.28.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-28-246.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 0.js Show response
player.sendtonews.com/bidderFiles/ 5 KB
2 KB 99ms
20ms Script
application/javascript 13.225.78.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/bidderFiles/0.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba005884302c65983e86c49afd2e6bf0d3ca60166c861ee2888d716ceed13e02

Request headers

Referer: https://embed.sendtonews.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: UQ7kWi2taw0bordMiyKDP_I_ByXqD8Mm
content-encoding: br
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront), 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 03:43:36 GMT
x-amz-cf-pop: FRA56-P7, FRA2-C2
age: 47137
x-cache: Hit from cloudfront
last-modified: Thu, 07 Sep 2023 23:03:22 GMT
server: AmazonS3
etag: W/"25b745fa0d93d47bf009a28d8bcdf8d6"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id: aoYxL-VqZIHWtGDlnJ2klo-OdbO1oVSpmnGmh8nbjz0xYKGRHzn7AA==

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 09:56:40 GMT
x-content-type-options: nosniff
age: 283948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 09:56:40 GMT

GET
H2 200 cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 28 KB
28 KB 94ms
31ms Image
image/jpeg 13.226.175.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-175-128.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d25b6f68b62ccf7af555bfafedb3d5a4764a5563ca6f13f5492593bc42091555

Request headers

Referer: https://www.telegraphherald.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 04:58:47 GMT
via: 1.1 7547a9346c879171aa25dbfdda694b20.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C3
age: 42621
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 28378
last-modified: Fri, 15 Sep 2023 04:50:05 GMT
server: AmazonS3
etag: "1be2c645ae824059733921f72445310a"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: bIiI8bd5Aq4NO5ysg7-sHgrV9p21Md3FhPSlnogfvlegfJQUCz9bxw==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 114ms
114ms Ping
image/gif 44.210.28.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=214857196&version=7.23.0-A&age=230915&cmd=RTP&key=dtKKcuXb&c_id=13403&seq=1&order=3&vIndex=0&absoluteTime=2595.7&relativeTime=511.8&sC_ID=4711&sm_id=3000503&load=1&status=LVFNSNIY&ac_id=2008&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&playerCfg=FP&playerType=FULL&DS=found
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.28.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-28-246.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 0n08o08on1s95660r3072825o1nq9p2nplaylist.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 291 B
871 B 75ms
31ms XHR
application/x-mpegurl 13.226.175.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/0n08o08on1s95660r3072825o1nq9p2nplaylist.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-175-128.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f84986cd37501551e51910f93ed011a5a0ca71eadd20b3618796212a89023fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 04:58:47 GMT
via: 1.1 7547a9346c879171aa25dbfdda694b20.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C3
age: 42622
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 291
last-modified: Fri, 15 Sep 2023 04:51:24 GMT
server: AmazonS3
etag: "7efdd61158e4e6c637db35b61a6eface"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: MzqIQe-T_mNkXzwV_KJ9LnogyFd5aHBe68xM_SKPyxvQt--rww1x5A==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 114ms
113ms Ping
image/gif 44.210.28.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=214857196&version=7.23.0-A&age=230915&cmd=IMA&key=dtKKcuXb&c_id=13403&seq=1&order=4&vIndex=0&absoluteTime=2614.7&relativeTime=530.8&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&playerCfg=FP&recoveryMethod=NONE&imaVersion=3.589.0&blocked=false&recovered=false&hasAdParams=true
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.28.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-28-246.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ 2 KB
2 KB 132ms
55ms Fetch
text/xml 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C55274853%2Ftelegraphherald-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2631244&vid=3000503&us_privacy=1YYN&cust_params=sessionKey%3D214857196-OUuBIMfN8VCDtB3X%26schain%3Dstnvideo.com%2CSTN_0004186%26content%3D4711%26placementType%3DPremium%26embed%3DdtKKcuXb%26domain%3Dtelegraphherald.com%26player_size%3Dsmall%26player_width%3D930%26player_height%3D523%26player_type%3Dfull%26version%3D7.23.0-A%26player_status%3DLVFNSNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00014%26rand%3D2%26uhr%3D18%26iris_id%3Diris_b2771a5f53336ec9%26iris_context%3Dic_5619313%2Cic_3332335%2Cic_9233810%2Cic_0858141%2Cic_3003652%2Cic_1295502%2Cic_2291553%2Cic_3572470%2Cic_6703731%2Cic_2407074%2Cic_8328276%2Cic_1543298%2Cic_0344266%2Cic_5043113%2Cic_3890383%2Cic_8555203%26us_privacy%3D1YYN%26keywchk%3Dok

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8df152316fe36d7897ebcd8b3e5d7930811c1907a80342cab545bb68bd023923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1024
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ospro135q92r5ns5o7n8s680582q8074base.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 694 B
1 KB 32ms
32ms TextTrack
text/vtt 13.226.175.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ospro135q92r5ns5o7n8s680582q8074base.en.vtt
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-175-128.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4369dba0d40345e88549c3e75afc75ab9b2b7eae4c5723f926d5910e9d87de87

Request headers

Referer: https://www.telegraphherald.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 04:58:47 GMT
via: 1.1 7547a9346c879171aa25dbfdda694b20.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C3
age: 42622
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 694
last-modified: Fri, 15 Sep 2023 04:52:23 GMT
server: AmazonS3
etag: "7d32e8fcc30cb98840564a94dbbb840b"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: text/vtt
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges: bytes
x-amz-cf-id: 7W9lJIylcdCpd5CwSgLQ8c3Y7v9_ajLvZVfhmCszPiSqKqdGHTi37Q==

GET
H2 200 0n08o08on1s95660r3072825o1nq9p2n.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 324 B
902 B 31ms
30ms XHR
application/x-mpegurl 13.226.175.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/0n08o08on1s95660r3072825o1nq9p2n.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-175-128.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dcf66f5ef082d7fd5259bc85352f7ce595fa2bf76fd51c2aec0ff6cb91db43c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 04:58:48 GMT
via: 1.1 7547a9346c879171aa25dbfdda694b20.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C3
age: 42621
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 324
last-modified: Fri, 15 Sep 2023 04:51:32 GMT
server: AmazonS3
etag: "e0caac5bdf0e177c69940dfe9e392727"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: JXVyRes1y3-pDeImkIqjOIEILb35zQooiVxVxdkS9Mxk7baW_dNqmA==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame AA41 54 KB
17 KB 163ms
59ms Script
application/javascript 104.77.32.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.32.87 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-32-87.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Fri, 15 Sep 2023 17:04:08 GMT

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ Frame AA41 24 KB
8 KB 33ms
33ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e102f8fcda630190f1eaccad78339089dbdc4de850ac6bca7bd057db23d36e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 04 Aug 2023 18:38:36 GMT
server: cloudflare
age: 87272
etag: W/"64cd45ac-60bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 80725c7d4c904522-TXL
expires: Mon, 18 Sep 2023 16:49:08 GMT

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 23ms
22ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 00:10:37 GMT
x-amz-version-id: MniMHHUYFjJc54scO3EWeBryCREtRHVz
content-encoding: br
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 14056712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 06 Apr 2023 00:06:35 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: dN6ojHaaELzt9ibniVbv33auwZGWtBAofZJWqfd3wB1p48_C9ZVeoQ==

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 27 KB
15 KB 112ms
112ms Fetch
application/json 34.241.108.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=273646&width=1600&us_privacy=1YYN&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&icr_url=&va=0&time=1694796548697&up=pc&bn=chrome&bv=117&widget_width=1306&style_id=0&an=false

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.241.108.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-108-134.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

1f5ea6a05d7b542f9e8517ee2ac65ab31e97a46aac3205aab1950acb713527bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Fri, 15 Sep 2023 16:49:08 GMT
strict-transport-security: max-age=931536000; includeSubDomains
content-encoding: gzip
server: envoy
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.telegraphherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 25

GET
H2 200 0n08o08on1s95660r3072825o1nq9p2n-00001.ts Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 417 KB
419 KB 35ms
35ms XHR
video/mp2t 13.226.175.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/0n08o08on1s95660r3072825o1nq9p2n-00001.ts
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-175-128.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90e730b1fa0b9e32904fe429040d0be24a9f4dd191bdf1f74e5d39aa9e96cde2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 04:58:49 GMT
via: 1.1 7547a9346c879171aa25dbfdda694b20.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C3
age: 42620
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 427512
last-modified: Fri, 15 Sep 2023 04:51:32 GMT
server: AmazonS3
etag: "e618e031f607c5e5223ac92eac7e0b19"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp2t
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: Qm8GQ9b7rs_1S5efOQXi2XLdhW2PlnBm90ncXiWJ3asP60xs_p6bxA==

POST
H2 200 recirculation.php Show response
events.newsroom.bi/ 12 B
724 B 25ms
25ms XHR
application/json 116.202.150.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/recirculation.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash: a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

POST
H2 200 rfv.php Show response
compassdata.mrf.io/ 27 B
479 B 101ms
28ms XHR
application/json 162.55.144.217
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://compassdata.mrf.io/rfv.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.144.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy05.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash: 79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryQBcam6o7KjT1DvdA

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: gzip
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 42

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 111ms
29ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.telegraphherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.telegraphherald.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Fri, 15 Sep 2023 16:49:08 GMT

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame AA41 184 B
481 B 158ms
26ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 58c232050c86885f1e4b27d778b2b66dfafaabe31212da2f01fd2b1fa00b28b5

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/1.129.0
Content-Type: application/json
access-control-allow-origin: https://www.telegraphherald.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
Expires: 0

POST
H2 204 hb Show response
hb.undertone.com/ Frame AA41 0
525 B 191ms
122ms XHR
text/plain 13.32.121.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3590&domain=telegraphherald.com&ccpa=1YYN
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-35.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:08 GMT
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.telegraphherald.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-amz-cf-id: _QS3pyoJKIay7_e983U9eGAXY-zCJYJe-af9IgeyxfIQizDnjNMTAg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame AA41 138 B
710 B 89ms
29ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c5d5c4a03ef7b700744c0731c75469e307490817ae7a1f6f0c93b1fec08377e5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:08 GMT
an-x-request-uuid: cb93414f-df34-40ac-a3f1-76df4a12e209
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 138
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame AA41 0
171 B 108ms
37ms XHR
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.telegraphherald.com
pragma: no-cache
date: Fri, 15 Sep 2023 16:49:08 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame AA41 36 B
558 B 181ms
116ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=438214
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c71019477e8e8312ac2b5e5558fafb61f28dd238a278eb400c98d03278783ac6

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpHISnzqaVInSDy0tuAxCWhRV%2B0ZLBLCSHLiwFnNyVn9WXpWK73%2BYtknW5DDI3pQ8S6Nk5u0%2FPfLRpVbVS0TsXdTSMHB%2FXTj%2FKtrTyCRPx7fnuoXLW0f9Jc%2Bz3OGw8H1VHEVed7k"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 80725c7e6f6c44fe-TXL
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame AA41 19 B
549 B 169ms
98ms XHR
application/json 52.58.45.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&tmax=3000&us_privacy=1YYN

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.58.45.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-45-126.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:08 GMT
accept-ch: sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status: 16
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame AA41 0
119 B 132ms
29ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.telegraphherald.com
date: Fri, 15 Sep 2023 16:49:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame AA41 23 B
469 B 134ms
62ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: XD20390XTF2X1PG6CJCN
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: tSrsNP5WRX889w80whnWDF3N6wYzMyy-patjrEBQ87Wc4Wp5wVHW_Q==

GET envelope
lexicon.33across.com/v1/ Frame AA41 0
0

POST
H2 200 ingest.php
events.newsroom.bi/ 2 B
788 B 87ms
86ms Ping
application/json 116.202.150.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 61
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H2 200 / Show response
www.telegraphherald.com/tncms/dmp/segment_audiences/ 80 B
525 B 417ms
417ms Fetch
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/tncms/dmp/segment_audiences/?anonymous_id=d211a82a-067a-492c-a945-c9ddc970d327

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

313f39f8b90f51fd04e2708370e21674be8444df480db62d87382f85ad4e77cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
X-Requested-Feature: geoip
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 85
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Sep 2023 16:49:08 GMT
x-vcache: MISS
etag: W/de410bf82e3d4a75bb273aecdd45e609
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=UTF-8
x-tncms: 1.71.0; app19; 0.31s; 1M
cache-control: public, max-age=300
accept-ranges: bytes
x-robots-tag: noarchive

GET
H2 200 / Show response
www.telegraphherald.com/tncms/dmp/segment_audiences/ 80 B
524 B 418ms
417ms Fetch
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/tncms/dmp/segment_audiences/?anonymous_id=d211a82a-067a-492c-a945-c9ddc970d327

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

313f39f8b90f51fd04e2708370e21674be8444df480db62d87382f85ad4e77cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
X-Requested-Feature: geoip
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 85
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Sep 2023 16:49:08 GMT
x-vcache: HIT
etag: W/de410bf82e3d4a75bb273aecdd45e609
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=UTF-8
x-tncms: 1.71.0; app19; 0.31s; 1M
cache-control: public, max-age=300
accept-ranges: bytes
x-robots-tag: noarchive

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 154ms
50ms Fetch 34.241.108.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.241.108.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-108-134.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region: eu-west-1c
date: Fri, 15 Sep 2023 16:49:08 GMT
strict-transport-security: max-age=931536000; includeSubDomains
server: envoy
vary: Origin
access-control-allow-origin: https://www.telegraphherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
694 B 40ms
39ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7fd7424a4c35368a1f74b59332c21ad08e4570bf827d921c0af2dda5cec60bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 16:43:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 16:49:08 GMT

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 30 KB
8 KB 28ms
26ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 5480b146acd3834e1ae343058731a655cb7d708e01727c910052e645b98ece3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 18:58:37 GMT
server: AmazonS3
x-amz-request-id: NR9QQ56BZRE4KFFF
etag: "36936ca54bdfacb78b91268c99a7c8a0"
x-amz-server-side-encryption: AES256
x-hw: 1694796548.cds286.fr8.hn,1694796548.cds154.fr8.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 8353
x-amz-id-2: F8ffZmVhCqX6VOdQlv3/TZEMt5taaCRmOTQ3l2AkhDUVYbv9sT22K9YEqD6iSZWaDMyjkPIZY+c=

GET
H2 200 defaultWidget.delivery.js Show response
assets.revcontent.com/master/ 18 KB
7 KB 30ms
28ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 68cf129e93209a063b51097aa1b40c2a4149ba79a99f7e6d4d485623fe535b9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 18:58:37 GMT
server: AmazonS3
x-amz-request-id: 2077NNB2F05VMEKB
etag: "ac82eecb05f5ff2b22ce8c6902242989"
x-amz-server-side-encryption: AES256
x-hw: 1694796548.cds286.fr8.hn,1694796548.cds280.fr8.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 6452
x-amz-id-2: KoKQxIPhPPpK4vceSziDKF9rYizwveprgVkAGpIE2RkemayvhpbZ7zZuPgXn/FQddlIkNCZuW+Y=

GET
H2 200 commonModal.delivery.js Show response
assets.revcontent.com/master/ 3 KB
2 KB 32ms
30ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/commonModal.delivery.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: f2153bde5c6d6551519feebc9ee20ad074dc4ed6baa1f0d483792fc03a7c24dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 18:58:36 GMT
server: AmazonS3
x-amz-request-id: W6BGS8T1VXWQKF9R
etag: "7916ca1cce66f75b7ad11bb917bc1cfb"
x-amz-server-side-encryption: AES256
x-hw: 1694796548.cds286.fr8.hn,1694796548.cds204.fr8.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 1666
x-amz-id-2: 3B0VP+i3o+944LdwuiLdeLgX9xxlhnyTY6NDjXgZdCqepAwVttbzz8TNGxhLjCe8znNtErJqbkM=

GET
H2 200 /
img.revcontent.com/ 1 KB
1 KB 88ms
22ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
last-modified: Thu, 02 Jun 2022 15:22:42 GMT
etag: "1654183362"
x-hw: 1694796548.cds334.fr8.hn,1694796548.cds272.fr8.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1351

POST
H2 200 multimedia.php
events.newsroom.bi/ 12 B
0 77ms
27ms Fetch
application/json 116.202.150.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/multimedia.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/764f46ed0012a3900512.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:49:08 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
180 B 588ms
193ms Fetch
application/json 35.160.35.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-35-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.telegraphherald.com
date: Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJWBF3J

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 15 Sep 2023 15:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3565
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 15 Sep 2023 17:49:43 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
23ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1329802374&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ul=en-us&de=UTF-8&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25%25&el=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&_u=aGDAAUABAAQCAGAAIAB~&jid=&gjid=&cid=288697255.1694796548&tid=UA-1002501-1&_gid=488461565.1694796548&gtm=45He39d0n81KJWBF3J&z=487315241

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 18:33:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80162
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 2 KB
2 KB 84ms
25ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
last-modified: Thu, 01 Jun 2023 15:43:57 GMT
etag: "1685634237"
x-hw: 1694796549.cds320.fr8.hn,1694796549.cds337.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7
accept-ranges: bytes
content-length: 2091

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 120ms
120ms Ping
image/gif 44.210.28.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=214857196&version=7.23.0-A&age=230915&ldt=BIDS&key=dtKKcuXb&c_id=13403&seq=1&order=5&vIndex=0&absoluteTime=3121.3&relativeTime=1037.4&sm_id=3000503&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=4711&load=1&status=LVFNLNIY&ac_id=2008&bidIndex=1&prebid.cid=0&prebid.bidders.rubicon.time=185.2&prebid.bidders.undertone.time=223.1&prebid.bidders.appnexus.time=143.2&prebid.bidders.unruly.time=232&prebid.bidders.ix.time=216&prebid.bidders.triplelift.time=210.6&prebid.bidders.pubmatic.time=163.1&prebid.start=2876.8&prebid.time=243.6&prebid.timeout=3000&adIndex=-1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.28.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-28-246.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 0n08o08on1s95660r3072825o1nq9p2n.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 326 B
903 B 31ms
31ms XHR
application/x-mpegurl 13.226.175.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/0n08o08on1s95660r3072825o1nq9p2n.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-175-128.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4455371fc3773f5c1738b4aabd050eeb99bfb4c6278698a5e6f2fa3b99ebf43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 04:58:50 GMT
via: 1.1 7547a9346c879171aa25dbfdda694b20.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C3
age: 42620
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 326
last-modified: Fri, 15 Sep 2023 04:51:32 GMT
server: AmazonS3
etag: "dacaae32767109092a002ecaffbfcb25"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: oUpc7qd993eprynaUs0AmkrZ5fffz5btRNdQGvkWBDtHVPKAp1nMDQ==

GET
H2 200 64f9a5bb888212-37359274.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 21 KB
22 KB 100ms
30ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/64f9a5bb888212-37359274.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

d1a2da045d78c4ed73d71581e1607e7ea958d598ff919dfb7fb72d53fb18b43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-fastly;mitm=po;dur=357;cpu=0;start=2023-09-07T12:23:44.357Z;desc=miss,rtt;dur=0,content-info;desc="width=420,height=315,owidth=1000,oheight=600,obytes=1425416",cloudinary;dur=256;start=2023-09-07T12:23:44.411Z,cld-id;desc=1f488e604c264b9b64cfdce2349bbed6
content-length: 21668
x-request-id: 1f488e604c264b9b64cfdce2349bbed6
last-modified: Thu, 07 Sep 2023 12:23:38 GMT
server: Cloudinary
etag: "bf2c86c633d37454e6b075514d4799e2"
x-hw: 1694796549.cds227.fr8.hn,1694796549.cds219.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5c96ca4a23d4b6ac9d3ed86aed32085a.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 17 KB
18 KB 97ms
30ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/5c96ca4a23d4b6ac9d3ed86aed32085a.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

cloudflare /

Resource Hash

98bd2a42c83491e583293867e9e89e789573302e9df065122643d8cef9d83116

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=490;start=2023-07-16T20:41:38.765Z;desc=miss,rtt;dur=1;cloudinary;dur=17;start=2023-07-16T20:41:39.098Z
content-length: 17667
last-modified: Sun, 16 Jul 2023 20:41:37 GMT
server: cloudflare
etag: "47be6e1fdf49e4a464e26cc6705de8f2"
x-hw: 1694796549.cds227.fr8.hn,1694796549.cds252.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 7e7d11314a7a1e5a-FRA
timing-allow-origin: *

GET
H2 200 1d5be089949e2d65349836b0106b764c.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 18 KB
18 KB 116ms
52ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/1d5be089949e2d65349836b0106b764c.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

cloudflare /

Resource Hash

dbb6d7e8adfe681502d6023f30e242ed75cafca1ecd356ffffb4ac7de1b3d360

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=133;start=2023-09-04T04:22:25.053Z;desc=miss,rtt;dur=1,content-info;desc="width=420,height=315,owidth=600,oheight=400,obytes=471047;";cloudinary;dur=28;start=2023-09-04T04:22:25.113Z
content-length: 18054
last-modified: Mon, 04 Sep 2023 04:22:07 GMT
server: cloudflare
etag: "fabe4160f1be2a9a5dbc340cd2ebe902"
x-hw: 1694796549.cds227.fr8.hn,1694796549.cds203.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 801373868efc18ff-FRA
timing-allow-origin: *

GET
H2 200 6cb956d9f6145d45ea0264fdc8b1cb04.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 17 KB
17 KB 114ms
53ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/6cb956d9f6145d45ea0264fdc8b1cb04.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

cloudflare /

Resource Hash

f1344d269f3c1728ddfd5278601c670241faaee7a16095228b5624cbadffc6ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=1241;start=2023-09-13T08:45:23.560Z;desc=miss,rtt;dur=1,content-info;desc="width=420,height=315,bytes=17002,owidth=867,oheight=648,obytes=481927;";cloudinary;dur=1128;start=2023-09-13T08:45:23.618Z,cld-id;desc=2c31d566156dcb4e12bc2f90f2878f16
content-length: 17002
x-request-id: 2c31d566156dcb4e12bc2f90f2878f16
last-modified: Wed, 13 Sep 2023 08:45:25 GMT
server: cloudflare
etag: "79cc5a956d081d6d5e79e1b464786350"
x-hw: 1694796549.cds227.fr8.hn,1694796549.cds201.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 805f1d1e3e57690f-FRA
timing-allow-origin: *

GET
H2 200 c8162845e6860df4bb56954b5fec837b.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 18 KB
18 KB 124ms
65ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/c8162845e6860df4bb56954b5fec837b.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

2b511d3f44c895e063c6aa0f6829d2809af3ee9ec13ddc514ea8d1e6d9fecece

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-fastly;mitm=po;dur=319;cpu=0;start=2023-09-13T08:45:42.263Z;desc=miss,rtt;dur=0,content-info;desc="width=420,height=315,bytes=18289,owidth=474,oheight=367,obytes=34799",cloudinary;dur=223;start=2023-09-13T08:45:42.314Z,cld-id;desc=6ccdfc62490b7edce01dd82a17aaea13
content-length: 18289
x-request-id: 6ccdfc62490b7edce01dd82a17aaea13
last-modified: Wed, 13 Sep 2023 08:45:33 GMT
server: Cloudinary
etag: "925cf6ff9b785264dbcc314f969e6e31"
x-hw: 1694796549.cds227.fr8.hn,1694796549.cds341.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 80f3a132b2a9502092a4625be5613017.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 20 KB
20 KB 127ms
71ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/80f3a132b2a9502092a4625be5613017.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

f6a8e74bed77ce6685a87979a1a6fa75deac0194b365e9958361124cd8b88cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-fastly;mitm=po;dur=346;cpu=0;start=2023-09-13T08:45:32.865Z;desc=miss,rtt;dur=0,content-info;desc="width=420,height=315,bytes=20407,owidth=1024,oheight=682,obytes=124365",cloudinary;dur=243;start=2023-09-13T08:45:32.918Z,cld-id;desc=920f241c80309bfa19ac989615e31bdb
content-length: 20407
x-request-id: 920f241c80309bfa19ac989615e31bdb
last-modified: Wed, 13 Sep 2023 08:45:33 GMT
server: Cloudinary
etag: "20ac84a6117b8893a0d43a611bcf70da"
x-hw: 1694796549.cds227.fr8.hn,1694796549.cds164.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 9e95fb25a6941c30a7b49a5fb815b158.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 9 KB
10 KB 55ms
54ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/9e95fb25a6941c30a7b49a5fb815b158.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

cloudflare /

Resource Hash

2e22d2b0c82ef8e52f4b8efab90fe97ce91f7bfc71ef520009000b43a7aedaf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=136;start=2023-09-13T08:46:20.618Z;desc=miss,rtt;dur=9,content-info;desc="width=420,height=315,bytes=9703,owidth=867,oheight=648,obytes=588644;";cloudinary;dur=20;start=2023-09-13T08:46:20.689Z
content-length: 9703
last-modified: Wed, 13 Sep 2023 08:45:48 GMT
server: cloudflare
etag: "40c0b74e883ad9355a5dca555a7af26e"
x-hw: 1694796549.cds227.fr8.hn,1694796549.cds259.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 805f1e82dfaeb357-PRG
timing-allow-origin: *

GET
H2 200 a5187246ad22103231a2a0d05336af91.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 15 KB
15 KB 62ms
61ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/a5187246ad22103231a2a0d05336af91.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

b9a1492be256f52d3e6274e5fd8124d8c7a3cb6dd1de205cb1ce0fa64a031ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Thu, 08 Jun 2023 15:39:27 GMT
server: Cloudinary
etag: "8bb9b05bf92b6d4db74c4a4145b182ef"
x-hw: 1694796549.cds227.fr8.hn,1694796549.cds251.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: cld-fastly;mitm=po;dur=493;cpu=0;start=2023-09-04T09:12:06.189Z;desc=miss,rtt;dur=0,content-info;desc="width=420,height=315,owidth=432,oheight=316,obytes=204462",cloudinary;dur=137;start=2023-09-04T09:12:06.500Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 15421

GET
H2 200 61bc300dd86842bf1fb68f400aa0f3ae.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 10 KB
10 KB 62ms
61ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/61bc300dd86842bf1fb68f400aa0f3ae.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

e3f50b0cae939f3b13520a85641d2e719dbe122ec0108f1cd19f061e056911e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Sun, 16 Jul 2023 17:11:02 GMT
server: Cloudinary
etag: "2d168921a26c01586b2ad02e06ddb28b"
x-hw: 1694796549.cds227.fr8.hn,1694796549.cds149.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: cld-fastly;mitm=po;dur=2;cpu=0;start=2023-07-16T17:12:44.295Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 10435

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 174A 156 B
143 B 302ms
260ms XHR
text/xml 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Ftelegraphherald-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214857196-OUuBIMfN8VCDtB3X%26schain%3Dstnvideo.com%2CSTN_0004186%26content%3D4711%26placementType%3DPremium%26embed%3DdtKKcuXb%26domain%3Dtelegraphherald.com%26player_size%3Dlarge%26player_width%3D930%26player_height%3D523%26player_type%3Dfull%26version%3D7.23.0-A%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D0%26excl_cat%3Dstl_id00014%26rand%3D14%26uhr%3D18%26iris_id%3Diris_b2771a5f53336ec9%26iris_context%3Dic_5619313%2Cic_3332335%2Cic_9233810%2Cic_0858141%2Cic_3003652%2Cic_1295502%2Cic_2291553%2Cic_3572470%2Cic_6703731%2Cic_2407074%2Cic_8328276%2Cic_1543298%2Cic_0344266%2Cic_5043113%2Cic_3890383%2Cic_8555203%26us_privacy%3D1YYN%26keywchk%3Dok&url=https%3A%2F%2Fwww.telegraphherald.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.62%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=250000&vrid=1263268&us_privacy=1YYN&hl=en&cmsid=2631244&vconp=2&video_doc_id=3000503&vpa=auto&vpmute=1&cnc=55274853&kfa=0&tfcd=0&sdkv=h.3.589.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=445&ptt=20&adk=130015200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.589.0&sid=50AD20B1-832D-4BFE-967F-4164195D1AEE&a3p=EhsKDDMzYWNyb3NzLmNvbRivifzNqTFIAFICCGQSGQoKdWlkYXBpLmNvbRiuifzNqTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJKP_M2pMUgAUgIIahIcCg1jcndkY250cmwubmV0GK-J_M2pMUgAUgIIZBIZCgpwdWJjaWQub3JnGIiM_M2pMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiuifzNqTFIAFICCGQSFwoIcnRiaG91c2UYqYz8zakxSABSAghqEhQKBW9wZW54GJKM_M2pMUgAUgIIbw..&nel=0&eid=44747319%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44800470&top=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&loc=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&dlt=1694796546318&idt=2377&dt=1694796549071&cookie_enabled=1&correlator=3048688646332941&scor=4385386030555922&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1944e3890dd35b5406683aa4776a7e76.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 17 KB
17 KB 66ms
66ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/1944e3890dd35b5406683aa4776a7e76.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

2e85bef6daad2a4e58352f93881c671a125dbad6b1a787cf7afd31e28b97d278

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Thu, 20 Jul 2023 22:12:19 GMT
server: Cloudinary
etag: "3f7625d41d49463ebd62718360e82c41"
x-hw: 1694796549.cds227.fr8.hn,1694796549.cds151.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: cld-fastly;mitm=po;dur=2;cpu=0;start=2023-07-20T22:12:26.959Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 17613

GET
H2 200 aac355d2f9a91d181fd5429c48fa06dd.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 17 KB
17 KB 70ms
69ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/aac355d2f9a91d181fd5429c48fa06dd.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

a1877b0614160be67154a711c4e67bc314c75bd78f1bb83415512beffbd4e3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Thu, 08 Jun 2023 15:28:07 GMT
server: Cloudinary
etag: "58aa9c2ea6c87926a16df41d7751af4f"
x-hw: 1694796549.cds227.fr8.hn,1694796549.cds106.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: cld-fastly;mitm=po;dur=413;cpu=1;start=2023-06-22T16:18:53.064Z;desc=miss,rtt;dur=0,cloudinary;dur=52;start=2023-06-22T16:18:53.377Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 17638

GET
H2 200 646e42a24a57c8-25266498.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 15 KB
15 KB 70ms
69ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/646e42a24a57c8-25266498.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

01549885139728f060cdd5891523659dcb934c9ddc7154bedf6bb195a4cd211c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Thu, 13 Jul 2023 08:17:00 GMT
server: Cloudinary
etag: "c6d4c3b9c4bd6160625ebbae65dd0fd6"
x-hw: 1694796549.cds227.fr8.hn,1694796549.cds334.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: cld-fastly;mitm=po;dur=107;cpu=0;start=2023-07-13T08:17:05.256Z;desc=miss,rtt;dur=0,cloudinary;dur=14;start=2023-07-13T08:17:05.305Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 14948

POST
H2 200 / Show response
www.telegraphherald.com/tncms/access/meter/ 419 B
790 B 116ms
115ms Fetch
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/tncms/access/meter/

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/shared-content/art/tncms/api/access.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

ba8098c1b5a9e2fab5ad67b12da0b4a2337a9ed8e078edc71b5eada7fc615188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 259
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
x-vcache: MISS
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST
content-type: application/json; charset=UTF-8
x-tncms: 1.71.0; app21; 0.01s; 0.9M
cache-control: private, no-cache, no-store, max-age=0
vary: X-IPCountry, Accept-Encoding
x-robots-tag: noarchive
access-control-allow-headers: X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1329802374&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&dp=%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ul=en-us&de=UTF-8&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=subscription&ea=free%20view&el=access%20first%20view&ev=1&_u=aGDAAUABAAQCAGAAIAB~&jid=&gjid=&cid=288697255.1694796548&tid=UA-1002501-1&_gid=488461565.1694796548&gtm=45He39d0n71PDQV3N&z=922465613

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 18:33:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80163
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
508 B 59ms
58ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&pid=rqa1hHB5C1fpK&cb=0&ws=1600x1200&v=23.829.1852&t=2000&slots=%5B%7B%22sd%22%3A%22tnt-smart-ad-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%2C%222x1%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-1009963%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-554570%22%2C%22s%22%3A%5B%22960x60%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-1009946%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-1009948%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-1009951%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-559358%22%2C%22s%22%3A%5B%22500x500%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%5D&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: MC6YT80YERJ87V6ZH68A
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: focKwegArn2yPaZQCMfr3-tvYD0eFoIOuHxB8k00mcnmNVmJ5Zdm3w==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 216 KB
32 KB 721ms
721ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4051752591592005&correlator=4265274489875514&eid=31077099%2C31077231%2C31070232%2C21065725&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fifs&us_privacy=1YYN&iu_parts=132916964%3A55274853%2Ctelegraphherald.com%2Cnews%2Ctri-state&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C300x250%7C2x1%2C1x1%2C960x60%2C300x250%2C300x250%2C300x250%7C300x600%2C500x500&fluid=height%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&didk=3056683171~3106112522~2002308561~3106112711~3106112709~3106112553~1954143341&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694796549370&lmt=1694577600&adxs=321%2C800%2C120%2C1180%2C1180%2C1180%2C150&adys=854%2C56%2C127%2C734%2C1004%2C1274%2C3990&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&vis=1&psz=930x1%7C1600x1%7C1360x60%7C300x250%7C300x250%7C300x250%7C1310x500&msz=930x0%7C1600x1%7C1360x60%7C300x250%7C300x250%7C300x250%7C1310x500&fws=4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=930%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=288697255.1694796548&ga_sid=1694796549&ga_hid=1329802374&ga_fc=true&ga_cid=488461565.1694796548&a3p=EhsKDDMzYWNyb3NzLmNvbRivifzNqTFIAFICCGQSGQoKdWlkYXBpLmNvbRiuifzNqTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJKP_M2pMUgAUgIIahIcCg1jcndkY250cmwubmV0GK-J_M2pMUgAUgIIZBIZCgpwdWJjaWQub3JnGIiM_M2pMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiuifzNqTFIAFICCGQSFwoIcnRiaG91c2UYqYz8zakxSABSAghqEhQKBW9wZW54GJKM_M2pMUgAUgIIbw..&dlt=1694796546318&idt=895&prev_scp=pos%3Dfixed_automatic_ad%2Cfixed_automatic_ad1%26amznbid%3D2%26amznp%3D2%7Cpos%3Dsticky-anchor%2CTHFlex-Footer-Anchor-Ad%2Cimpact-sticky-anchor%26amznbid%3D2%26amznp%3D2%7Cpos%3DTHFlex-Homepage-Slider%2CATF%26amznbid%3D2%26amznp%3D2%7Cpos%3Drectangle-one%26amznbid%3D2%26amznp%3D2%7Cpos%3Drectangle-two%26amznbid%3D2%26amznp%3D2%7Cpos%3Drectangle-three%26amznbid%3D2%26amznp%3D2%7Cpos%3DTHFlex-Sticky-Note%2CATF%26amznbid%3D2%26amznp%3D2&cust_params=browser%3DChrome%26asset_id%3D4802ccae-4e6f-11ee-a910-f3fbe99ea3ee%26k%3Dgrant-county-wis%252Ccassville-wis%26page%3Dasset%252Carticle%252Capp-editorial%26las%3Danonymous&adks=3578395192%2C1863230483%2C3697841261%2C2240819703%2C2240819705%2C2988551167%2C1850785976&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64fdfc6f5adaeb9dd4f850aec979b88c28075957f0e8937416795e3642d96aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33100
x-xss-protection: 0
google-lineitem-id: 6024601394,-2,-2,6362298122,6373692197,6361719787,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138392610027,-2,-2,138443369440,138444937542,138443371780,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 115ms
73ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c3c26716335cdc27f18d1712d8f7b57f7cab4330c7d84c4285740f598640065

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12070
x-xss-protection: 0

GET
H2 200 container.html Show response
49ccac6acb6fee62c890c019af555273.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A2F9 6 KB
3 KB 95ms
30ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://49ccac6acb6fee62c890c019af555273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.telegraphherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:49:09 GMT
expires: Sat, 14 Sep 2024 16:49:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 page-view
yeet.revcontent.com/yeet/events/ Frame 0
0 70ms
52ms Preflight 34.241.108.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.241.108.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-108-134.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.telegraphherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.telegraphherald.com
content-length: 0
date: Fri, 15 Sep 2023 16:49:09 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 5
x-rc-region: eu-west-1c

OPTIONS
H2 200 widget-loaded
yeet.revcontent.com/yeet/events/ Frame 0
0 66ms
49ms Preflight 34.241.108.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.241.108.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-108-134.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.telegraphherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.telegraphherald.com
content-length: 0
date: Fri, 15 Sep 2023 16:49:09 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
x-rc-region: eu-west-1c

POST
H2 204 page-view
yeet.revcontent.com/yeet/events/ 0
0 50ms
50ms Fetch 34.241.108.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.241.108.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-108-134.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://www.telegraphherald.com
date: Fri, 15 Sep 2023 16:49:09 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
server: envoy
vary: Origin

POST
H2 204 widget-loaded
yeet.revcontent.com/yeet/events/ 0
0 50ms
50ms Fetch 34.241.108.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.241.108.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-108-134.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://www.telegraphherald.com
date: Fri, 15 Sep 2023 16:49:09 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
server: envoy
vary: Origin

POST
H2 204 csi
csi.gstatic.com/ Frame 174A 0
234 B 129ms
46ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmku3ub2&c=6753155524736&slotId=3376577762368&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 115ms
115ms Ping
image/gif 44.210.28.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=214857196&version=7.23.0-A&age=230915&ldt=NO_IMP&key=dtKKcuXb&c_id=13403&seq=1&order=6&vIndex=0&absoluteTime=3534.3&relativeTime=1450.4&sm_id=3000503&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=4711&load=1&status=LVFNLNIY&ac_id=2008&adIndex=-1&DS=found
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.28.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-28-246.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 p
sb.scorecardresearch.com/ Frame AA41 43 B
300 B 77ms
22ms Image
image/gif 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1694796548488&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30067&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=3000503&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1694796549425&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=937&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&c8=&c9=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: J4SN2obOLh_Jv5cZaAI_kClB9XhTLzf8fO0OcjakjuuJViT_NY49nQ==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 114ms
114ms Ping
image/gif 44.210.28.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=214857196&version=7.23.0-A&age=230915&cmd=INV&key=dtKKcuXb&c_id=13403&seq=1&order=7&vIndex=0&absoluteTime=3542.4&relativeTime=1458.5&alt=0&sC_ID=4711&sm_id=3000503&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&playerCfg=FP&playerType=FULL
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.28.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-28-246.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 114ms
114ms Ping
image/gif 44.210.28.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=214857196&version=7.23.0-A&age=230915&cmd=PLAY&key=dtKKcuXb&c_id=13403&seq=1&order=8&vIndex=0&absoluteTime=3542.9&relativeTime=1459&alt=0&sC_ID=4711&sm_id=3000503&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&playerCfg=FP&playerType=FULL&pposition=float&floattype=s
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.28.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-28-246.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 100ms
51ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Sep 2023 16:49:09 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DAA3 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.telegraphherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 15:23:30 GMT
expires: Sat, 14 Sep 2024 15:23:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B1C0 829 B
1 KB 89ms
32ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf9fdae1e80d1d8105b1adb8f159dbacd4ccff2cf56dd186df25b9d086b5376e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kA2nQ6fhrs3D-9wABY7DIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.telegraphherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-kA2nQ6fhrs3D-9wABY7DIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:49:09 GMT
expires: Fri, 15 Sep 2023 16:49:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js Show response
pagead2.googlesyndication.com/bg/ Frame DAA3 37 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 09:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14603
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 09:37:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B1C0 0
0 123ms
123ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309120101&jk=4051752591592005&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DAA3 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?n75J1Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 174A 0
54 B 43ms
42ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmku3uwc&c=6753155524736&slotId=3376577762368&ghmsh_eids=44747319%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44800470
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 recirculation.php Show response
events.newsroom.bi/ 12 B
724 B 26ms
25ms XHR
application/json 116.202.150.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/recirculation.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash: a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:49:09 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

POST
H2 200 recirculation.php Show response
events.newsroom.bi/ 12 B
724 B 49ms
48ms XHR
application/json 116.202.150.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/recirculation.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash: a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:49:10 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

GET
H2 200 b-e09f10f-34756dc3.js Show response
tagan.adlightning.com/townnews/ Frame 1A4D 81 KB
31 KB 41ms
40ms Script
application/javascript 108.156.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-60.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 07:16:44 GMT
content-encoding: gzip
via: 1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
x-amz-version-id: vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop: MXP63-P4
age: 3835947
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30930
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:34 GMT
server: AmazonS3
etag: "bd7974ac83b1adc649e5e24a01f74b12"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: zL7y7gKr1bHRi5MWvnlZ9OXqJYoBYvZ26DEQHh3_jtGugkIWzquvYA==

GET
H/1.1 200
OK optin.js Show response
embed.secondstreetapp.com/Scripts/dist/ Frame 1A4D 177 KB
52 KB 116ms
116ms Script
application/javascript 54.197.229.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.secondstreetapp.com/Scripts/dist/optin.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-197-229-45.compute-1.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d6f235c0ae26135f22383f4adf497677205319471b09ee53ab9d8b2b4a364fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:49:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Sep 2023 15:34:46 GMT
Server: Microsoft-IIS/10.0
ETag: "02f227ec5e4d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 106
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 52552

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A4D 182 KB
57 KB 84ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:49:10 GMT

GET
H2 200 b-e09f10f-34756dc3.js Show response
tagan.adlightning.com/townnews/ Frame B982 81 KB
31 KB 33ms
33ms Script
application/javascript 108.156.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-60.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 07:16:44 GMT
content-encoding: gzip
via: 1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
x-amz-version-id: vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop: MXP63-P4
age: 3835947
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30930
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:34 GMT
server: AmazonS3
etag: "bd7974ac83b1adc649e5e24a01f74b12"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: qCnLia8doUVRdRzlFLld23yrTElmMtc_a3Rc5dEc4DJ6F63auRTvJA==

GET
H3 200 541022182829069026
tpc.googlesyndication.com/simgad/ Frame B982 24 KB
24 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/541022182829069026

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d795b5d4b6e0c653d737ab44957ada4c5b302fce657a5c9ad74eb9e233a8be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:32:41 GMT
x-content-type-options: nosniff
age: 101789
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24943
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 20:57:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Sep 2024 12:32:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame B982 23 KB
9 KB 34ms
30ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame B982 3 KB
1 KB 34ms
31ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 15:23:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B982 0
0 37ms
34ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-0HSggm3pVE6aJbq8WC0vs9y3mOhNQBy0pV40fcIa2eDpGJI89i2heYpoL0uy0A51WAUU
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B982 182 KB
57 KB 34ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:49:10 GMT

GET
H2 200 b-e09f10f-34756dc3.js Show response
tagan.adlightning.com/townnews/ Frame 7454 81 KB
31 KB 32ms
31ms Script
application/javascript 108.156.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-60.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 07:16:44 GMT
content-encoding: gzip
via: 1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
x-amz-version-id: vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop: MXP63-P4
age: 3835947
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30930
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:34 GMT
server: AmazonS3
etag: "bd7974ac83b1adc649e5e24a01f74b12"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -T-C6TWA-UqwRa3FFV3xLCjXwJt5dQY4rQWEZfW8cGMMXVIjDrwVGA==

GET
H3 200 4159524897651612409
tpc.googlesyndication.com/simgad/ Frame 7454 131 KB
131 KB 23ms
22ms Image
image/gif 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4159524897651612409

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a5058aa7e0090827fb2c2e9816c697909bc88d06cf6f8191e6333e053a16ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 19:43:50 GMT
x-content-type-options: nosniff
age: 335120
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133742
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 21:50:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 19:43:50 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 7454 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 7454 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 15:23:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7454 0
0 28ms
28ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTmy7nxLu02QCQz0-lhSiB81n5lF3ADnqYmEiydxRaTUkYalJ-cmGeSH19EDePWdOu4H0s
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7454 182 KB
57 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:49:10 GMT

GET
H2 200 b-e09f10f-34756dc3.js Show response
tagan.adlightning.com/townnews/ Frame 2F3F 81 KB
31 KB 31ms
31ms Script
application/javascript 108.156.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-60.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 07:16:44 GMT
content-encoding: gzip
via: 1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
x-amz-version-id: vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop: MXP63-P4
age: 3835947
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30930
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:34 GMT
server: AmazonS3
etag: "bd7974ac83b1adc649e5e24a01f74b12"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: IxtNQHwI92104ZeorBM-I3_hjC1EP9AT-nOHg7N7kQ1soElW7m1qNw==

GET
H3 200 14679568334586638181
tpc.googlesyndication.com/simgad/ Frame 2F3F 26 KB
26 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14679568334586638181

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ddd83effd6074abee838166695da6463438ba68e7956bbfa4d1ccf58b6a40c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 02:02:53 GMT
x-content-type-options: nosniff
age: 312377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26247
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 21:34:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 02:02:53 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 2F3F 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 2F3F 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 15:23:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2F3F 0
0 31ms
30ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPLHEpZawlAB1nhmmO93MStRm_blnDPzeRd1G0rMVeC4fCQDbtErgJd4Jco_8id4AhyvuK
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F3F 182 KB
57 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:49:10 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
468 B 58ms
58ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:10 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: 1QXBAQ9AF5HYM89XG6F0
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: G3SK1NsWy52sne88OKD_KjVpzx6UW8po4XDYQlqxQTUuUkYptel4wA==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1A4D 0
0 62ms
61ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujNm7lgCAkX0pSYfPV6bGYwClYNqbQaAzPs0Xotn1BO9aiyaTsPLRE0ohEcfGbj84A05PwfhIp8kuu7iTdXMFbhu3-keADIcJVdKqpjiDxu3hOTMuej2AJfitj_fv3Aj1dhFsV_ZdJ2wb9GMhN7GbCN9REPjVn1Zq46OecrSw5MlNtHiTnS4cjXf9Lt0x7FKcgFX_TR0dlWXj438kDyixVr49k4F5nOR5ADLmegjBGBFkPEr-7tmvQeM0EzLrUAYWuy3RLHgbLL-fscIqkSRTOfreuhwmjwISRqHwTY8-TfYAlbomGTqde9K3PY8WfiKxgCFtNFqnI7yK_Q2k-_1XY3qss51Yp6kiAsis2Fevz6hRLSRM&sai=AMfl-YQOHQ9Q4I-ca4vWAL_p0O-MKDWTB1FqIroZ-3PjySKFY20tEAD_PBhkAO1aUbe7x79UfvtHkyKf-OUBHw_6tnIVodN3Sla25tZzjreZwPr2Jx0pqUJ8DsdB9WE7JpE&sig=Cg0ArKJSzB_YN3pDA-xoEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B982 0
0 61ms
60ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstD2Z3X9WXPlCdPQHjZXqfFde99ShgsZrvw2lseQueA7J5QDMTcTYlGN-qsjj3bvEwcG-SHTTpWUkYNkXWjvhF7_H6cb-1eYf25YNMYodTMgIzNesyQEl0a0MggkH6ncsWpnFaU6JibTc7qzSXl-67fKkq5VTgWU2xIrszqqB8CHbdVvXTqFlGarhgPKXVp7nTuqY269qEFX4zOSCCd4vJB3T-4pO6WCX4uk8PF-SwsrwiO6VstrZnB-SN0Fq04RPVcAOeC53xthZ1DTYtb3fmAx2SB2HKw5EoDfdPiuJCleHYdzl8SJV6nwRIvKtRVXxtEZdyEl5mKlJN4uyhm9TzV5xOLLI445FzN2pDHF2tRNffA54_EAP8&sai=AMfl-YSK2PxOIFmQIFVTgNMn-RZsHIjIDamvljDvpOzfOhD5W77fCWvFozyO0ou5Jwb9gCRbh-1F7oFuw1UPeAbz-SJpLDNZoF-SoRMDEGnwWvapr6eI7THvfiUYvG9nap4&sig=Cg0ArKJSzGnZncYvcVSHEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B982 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4aa725adaf778ba87d0592e62b2b6b2f4909bb818d79c720ba58c0f0ebe79c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2F3F 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9dgoUldwOrbMIoXfhn1Mex54Q-8yCRMZGOsKGo6-h4SpjPe0pktFwmJq92DovdFb1B6vxDMxNeOxexeKu69spzcVTBQIUNlkMd2kQbn-suV76nHTlw8a-ASus6C4N8QD5aNRLhLgBcLXFDzlw1OsUBJeBBWEiafATOcRXsDeI2gFSTmuUNI9x1KALPJHPEzuFNSSbGisFVK5FdOsyczG7FqOd5WcaROdJnNBu0VQbTPemxK8B7kxAsHoNUEH0S4-NwN_hJ-7AzI148tc-WHjrrfkU0iUF5cV0POD6Fk2bVCcOsfeRZjhdaetI5tF7SdXReqZJTNLJSQ_tikMh0uLBvQtqW0UmA825uURuEJEeQ35k7T49Klg&sai=AMfl-YRWQqqcNN2kbK8egYZG0g8Baw7kPR_ini3_-sMSEJ4TFuEtUuMvjb5VIn0RPtEpT-oyALwSAJmf3YuZExhKfdmnnMyzdkf959dtGyXc94ta1-Rrg_8pXGm3V8XIV5k&sig=Cg0ArKJSzDZK1yUr0HWEEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2F3F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e72bf40eb96eeb8ed4ff10748e5bdfebeb38552404bb0270eaad7e9ac4da1e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
23 KB 460ms
459ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4051752591592005&correlator=660611966249051&eid=31077099%2C31077231%2C31070232%2C44800855%2C21065725&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fifs&us_privacy=1YYN&iu_parts=132916964%3A55274853%2Ctelegraphherald.com%2Cnews%2Ctri-state&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&ifi=8&didk=3106113153&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dada30539d6737d75%3AT%3D1694796549%3ART%3D1694796549%3AS%3DALNI_MYnBwSUFennhDJhN1Lf3Ue_JsdEsw&gpic=UID%3D00000c762145dbb7%3AT%3D1694796549%3ART%3D1694796549%3AS%3DALNI_MbPKrg5i7CghfkIUqFvpsUgB3Im2A&abxe=1&dt=1694796551382&lmt=1694577600&adxs=1180&adys=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsnuIcCK25hT-83z_Hn2jZV-Zm7xUuGiAsJnkEfmMzVAXggdQtnfFOzDvSjdAmhOa9CPvfCuc76G7U1H9gqro3VNGf3QONHC%2CAOrYGslSki9FbwTOCiZBBjhFLqwn8HOUEmuroYztcjJ8X4h3zs2e9XdO7OgihhEB3pcIhLiFYfxAMYV_BJuj6S6xnL_6VD-9DCvS%2CAOrYGsltZggbR2E0kH36pqah2qXIjCkfXijSPKsXaaawAQJ8WmryhNbvnv4DKxm8ouo9F-oR4zgWMMA5hILLweRCgsSlvq_0Mg8o%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsk_IyZZRfdXNScbNLBJR5FogA2HwgA75h5VKOsQeg21tXzUy4Z_1nwmbv8CZbTq9GGjb4VWQZGutqKVVE8bGQvrsTmKdNRl&ga_vid=288697255.1694796548&ga_sid=1694796549&ga_hid=1329802374&ga_fc=true&ga_cid=488461565.1694796548&a3p=EhsKDDMzYWNyb3NzLmNvbRivifzNqTFIAFICCGQSGQoKdWlkYXBpLmNvbRiuifzNqTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJKP_M2pMUgAUgIIahIcCg1jcndkY250cmwubmV0GK-J_M2pMUgAUgIIZBIZCgpwdWJjaWQub3JnGIiM_M2pMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiuifzNqTFIAFICCGQSFwoIcnRiaG91c2UYqYz8zakxSABSAghqEhQKBW9wZW54GJKM_M2pMUgAUgIIbw..&dlt=1694796546318&idt=895&prev_scp=pos%3Dsticky-side-rail%26amznbid%3D2%26amznp%3D2&cust_params=browser%3DChrome%26asset_id%3D4802ccae-4e6f-11ee-a910-f3fbe99ea3ee%26k%3Dgrant-county-wis%252Ccassville-wis%26page%3Dasset%252Carticle%252Capp-editorial%26las%3Danonymous&adks=2196492607&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92603d67d0718a258c604685ca9759145f186ba603e9c4fd9f0b3515b5b8285a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24027
x-xss-protection: 0
google-lineitem-id: 6186000154
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138431169595
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 126ms
126ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309120101&jk=4051752591592005&bg=!OjmlOXbNAAZQjyUVcI87ADQBe5WfOKc5J7xp8aeBkuW6yr1ri80Pdkfo7PZRWCZJ3sKkVGkxIWyxeQx6vVKgDlgqVkxRAgAAAG1SAAAAB2gBBwoAAyUM7JkC_rooxB6TTiyLenb0hrjys_RAUvcLq7VA4ccncdDr4r3-uIRqSObagyY2qL3mcWHmzPPysFgRCvJMrVMuIR1MG7rdWyEkFgCqKTHEg3p5l7tqOgnJDV4l1MBAO2KUIaNFMLjZ-tPcbHQP0twvXF0gGKv7uIi0cXmuhTF-0VUyeDN9wg_ZsxDdj_MjwGbl04FmRT66LhFJW4v8bgiSa5GAsjKwBh0KwCkgxVfCFjKdm10jXu0ptT76AaS1CGPYGXAni-LpPbo_KesM-Fjx_AYNZPqEaoguCX8zsSO24NQH8INik2R2k0C7o6LXH2KEXCFqSUKHGMs4zQnBzhX3NBIx9w47DHcyOFieQ_ZzrEtQwU9IfEVWCT3jncQ_UlqYAIchWJ4rNKrMeMdNbb2tRJsusvAc3wTbvGb-j6eM2nJnBPusz3Uw2b6_XVwzR0YV0Md1Xl3FQJWj_MV8rpzl-UPKH9D6zl1V9EpXsDJ2GiQw-QE646cwW899SmtQs73wEe4HHK_eaWcw-4928taXudWX7rAYucSwzKbfxHAFn3BKBmd-D7tx4JxF47Ur1SbzD6xkjVRhs2QCi8sDMC4LJuj8FEYc2oSO3p7LJ-L9jkCURhoZnv33kA5QY0QJJqArmBojuhJkkq7Tp5SEAkQKJw8rH6mD27wR8d6Jo3m13gbrCqd0vHV3Y-Q7VHvm74wztUn899J8cEe57GZ6e8Szlz9AubTenvSC6vtnt6qMW7Ggg8cxoHV4F_xWoCR-OhgEBiO-SaoXvIUdIGbyYaZqzdyBL1dtF4GQXmotOqUW_JKe-iDwitZQwUxixBPgE8kNMTq0KoYdAqIIJXxNut42e5LnjNlSvDmdCv3K20gs1wU1kebXYeZxDVRGcDzjXxUZnZARljmpZLn49FNJ49pKcJNgYPocGt4AjjJBFyWVryeEALHcsxurh14-FvoY1fZr0kWCM2lb3YI56Ajz17Cz73m9RvAcMLkUrtG9CuI_w1yrA1-QHgye1FFLPCgEi0syiGA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7454 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_bYJE0-_PdBIHYfEbo_5euLUQ6pqFY0vscLsjGCd5blAkeCOKHXP5huKJ-zaRGevkn2-bCC68a1fM7sgUtgvhT2eK3MlKQrMbZVo4wjdLEzGPYNF9ZS0IqQUT0t8yaEBzF2IUe7qAnQwsZia-HqNe-ejf4FUjV8mqYmvtPv8_Vr5FDvw6BlGQJUNAaVZ6sAoaUV6BHea-UUxrlv0liKK6i5TY1fgs1qvcwUqffMDrmgWtPPaxIkPGPf-aP4Lrg1bZ7FgA2NJEagHN4q2SOx4HuWa-KXUzIzYuZnpg3hZqQta4RuvQwyFbErCmRqKkN6rbPHiuKuN6PuIahmpos6aK_G3bNZ1PxJSfT97J-aUhLzgxQHqO4WY&sai=AMfl-YR-UDunB4ims4yReE0c0ImWmqMhVq6SBjqP0LglBZnOMhgZ45N-ttzt7_NJVnbToE5PJo0jqphc1QECFpsSulQQZrvwN2xuzpTxUcLeRnxQLR6QiWW_AAFKrkV2VWk&sig=Cg0ArKJSzO6URlJA0Jj8EAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7454 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5eee5c73f462c4f429b8d577f737ca4bded0bb1ea455db1413ab06d91c25e254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 1987373 Show response
api.secondstreetapp.com/audience_signup_widgets/ Frame 1A4D 4 KB
2 KB 121ms
120ms Script
text/javascript 54.197.229.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.secondstreetapp.com/audience_signup_widgets/1987373?callback=secondStreetOptinWidget_1987373

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-197-229-45.compute-1.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

4385a7720880cdd5031fe75803209a9303453a1094abdf103f6fb6170e79b723

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:49:13 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
Age: 4
X-Powered-By: ASP.NET
X-SS: 107
Connection: Keep-Alive
Content-Length: 1513
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
X-StackifyID: V2|a1360e47-ffd3-4707-866f-c467d771b446|C69601|CD66
Cache-Control: public, max-age=600
Accept-Ranges: bytes
Expires: Fri, 15 Sep 2023 16:59:07 GMT

GET
DATA 200
OK truncated
/ Frame 1A4D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc8f50aa837575aa859a04ecaf8914db15cf4e8c77f3bcda79dcf16f4856637c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B982 0
0 101ms
59ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubOU-pfe79z7S1BaOOGntg3FLI1dD8jC314SCX40gVJxn3paMh3LCqbHEn-pS5a7uBm6-OgkTJYUuRWQ9mW7jucDiD0HmJWBcggF95lnZYVq3LyGnBUaKF66mkRrSDnB9ENezHRKQzmJWKfzewZDVp91IAAuz5HXs1Mrh6f2Ilr2HaOAAXeuuWjkBEHe7q-i4pNs1Yl04flYeGNHpL3ndZS3KSZarDTJAMEvp-OhdGnLn_sVjxrR2pivE4Rz7015QdzkvcTWv6TKmQCuY3EWIGbOKgftlf5XTW4W11csQlcSUvrUHEcLfVWnCUytKYZoS82jCJxFl6SFK_bS4b7MOL-exAD3G8Y7k2-DOmhj3NWnlebgnX_PDpZw&sai=AMfl-YS45BZ8j682DvYaVyE5Xld4g314QCKfD3dbcGzIl9cLMa0zn-ME7LP1Ub7beCgLc9KG7PZjFRBBwol7zfdp-hLrApHoXD6309fbYjnPN7zFiMOSvnrSFMmF8WjyBxo&sig=Cg0ArKJSzARm_dX6EJ1NEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:49:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7454 0
0 77ms
62ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZxbyCWbZp8WNiEZ6-C0NCew1erfQSKqZNzFSc5OnHl77LLTAib8XtTaNzUxNYA3ALTNeARa2zFfRCAp09fsXUJT7BRh1CQCKnzXBoTgfMdMQXzZcQ7Uppqms1xNMKz3sXrqt8DRWQ4O8WWZGHxZnBQyf_IH7ueWjO5b2HAtHjyc_6gfdtKDjUtnSQWoH0fba1e_U2TIX8fpumjrfiW9FD38izy0ok6ctr1xdNVptYaCwVnyJlG7mQLvToFLiUB8jw-3hIdERodR1I_RSMoZp9fzua901jQaH_eO47siBQhYBJm-N43sm6TxgwMmPHgSwcoBmkLW7o2MYdygdd0_Za7fgDWia0rpnxzX1PrzdqR1L05kWWrq1xbg&sai=AMfl-YR9y3itBqZe1brkUqToagtL9dbwjxrW2N13xidyB8QIJEg1i76SfmihPoJd_dXF3amoopdfPHymCLEEwgZlu37PjmPmg2TiptiWhVBQoPdJ2WY8kflvM0eijtpoEfQ&sig=Cg0ArKJSzGHRKWrxYBBuEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:49:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2F3F 0
0 61ms
61ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2_LT1_nG6O8L21iXRBuD-LlYj4dTlFXosM7q_QcGZH3RrnDFQRywpuEva6oozCrPhFqlbnURaE9Gra9fENs2j53rIsmaSeNTq_BBqgsF12mtDJ-NJHGPRTWKRQzepGJlcQ6BVakygFG4Im048_dHHzor1_FGzqxod0Is_e5mTqoio9N146OnAoKWJ12-8kxBGddOpcFGVwsr8RP7P0riWp5r4uQ2hElvkVu253ZAg2z4ABsWUTM4RWFe0NZVYjctwqHgPO6p8jkMB8vkFgbxJndupxDYFUqgyfU-feGiZlUvQP6XeIEkwYkVsGjbd-MC6FpSx1RNPPnKw51gBluuMR03QC1hnKWXoXxA1m4uQlayXXCePzBEIaA&sai=AMfl-YTjjJq8AWm33Dqg6-bYdeJ5RRhjGPSzjcVYOOTM6uuSTUkwko7C12qUzQVFNo1JfwScQeWUpI1tbt8NkDMWyiRwqr7i51nGSTFceTcdIHg2CKyX_7k8-icmAvhptvk&sig=Cg0ArKJSzL-dQPaK6957EAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:49:11 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 37A3 2 KB
469 B 34ms
34ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,700

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09430f3620f6c275e8b1549a197d320593921568230a827421e64ad31c2b9041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 16:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 16:07:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 16:49:11 GMT

GET
H/1.1 200
OK THLogo.png
archive.thonline.com/syncronex/images/ Frame 37A3 12 KB
12 KB 529ms
118ms Image
image/png 184.175.83.79
CYBERCON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.thonline.com/syncronex/images/THLogo.png
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.175.83.79 , United States, ASN7393 (CYBERCON, US),
Reverse DNS: cf.thmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 94c437b53ea9f9f159c59a8d194eed20f75e0d91bfbbf6c4a45b156390000f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:49:11 GMT
Last-Modified: Tue, 22 Feb 2022 15:18:54 GMT
Server: Microsoft-IIS/10.0
ETag: "ae4e6081ff27d81:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11838

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1A4D 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbb7q0tjQF6yTzl2mFOipNnpzg6W-W8QX2avjZTBSm0YVaWMvyAfqeD2OVAR57uY0bh-Voc0nffUN5qNYAfa1AEk7w0PePYiQUHa_OceadTqUMywQIWgRKFL1s_R2mRICdTkkgFc3HnCyrnSZt04W9v-6Ebh-h-bCkM93DwaQRks7WoEHQLDUQjPTjEq-0HH-XWEu2klX_3OdxLZzuHLHP9DekZ4EQs6x0TOZ4wLm0i82Iw7DTsdn5wvzlw6DS8WV-bggYBGAmObNwYkU-OEwV3J5gzBKJ4GuwDsh8Ws0NFKCvaf9Z11HdBHs8iT--z8i6yKU2-FDYJvGAX2MT_7OrmK-U7fEav-S7P1vTPQwSFfkb845zCw&sai=AMfl-YTDRieFjZwh-K8sL-sMV6JPFJ_2tIFaoOk3-_NmwytuPLTzSlEZeltJvZipTtn6Cwoeutz0fFWYDe-nsMFUD-MUcw_dEp4FvSlspYNnVzGEMaIwmluSxlqRswMP_SA&sig=Cg0ArKJSzHTfNvR7ZUtqEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:49:11 GMT

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ Frame 37A3 32 KB
32 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:35:15 GMT
x-content-type-options: nosniff
age: 80036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32796
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:35:15 GMT

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ Frame 37A3 32 KB
32 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:35:15 GMT
x-content-type-options: nosniff
age: 80036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32796
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:35:15 GMT

GET
H2 200 b-e09f10f-34756dc3.js Show response
tagan.adlightning.com/townnews/ Frame 93B9 81 KB
31 KB 32ms
31ms Script
application/javascript 108.156.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-60.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 07:16:44 GMT
content-encoding: gzip
via: 1.1 26668d8e031da1815e3b231b420050f0.cloudfront.net (CloudFront)
x-amz-version-id: vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop: MXP63-P4
age: 3835948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30930
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:34 GMT
server: AmazonS3
etag: "bd7974ac83b1adc649e5e24a01f74b12"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: b7Z4dkxz6yMmCkGr6swJlfxyYjuJqELHU_gU7-0qF9EOhshXXRjB7w==

GET
H3 200 6586040974430877014
tpc.googlesyndication.com/simgad/ Frame 93B9 35 KB
35 KB 23ms
22ms Image
image/gif 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6586040974430877014

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95ad6a3c2d11d5a3c188ad7c06cb4cac712934b9302197cbfb0a1869a18d0b21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 04:14:10 GMT
x-content-type-options: nosniff
age: 304501
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35769
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 16:55:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 04:14:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 93B9 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 93B9 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 15:23:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 93B9 0
0 29ms
28ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFgvhtj0kcn5UkLbnRHy9jOq9bhIx8NfDQYx7f4Z1GU25N2EbVMjFz-angXzQhq6D_LKb-
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 93B9 182 KB
57 KB 1352ms
1351ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:49:13 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 4442 281 B
554 B 76ms
20ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1YYN
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.telegraphherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 15 Sep 2023 16:49:12 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 93B9 0
0 61ms
60ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviS27C8MZgEsriBebG9FUdEi3wcdTqDrSVlE5kRM6ifpJAkWVa9wRL8N9UcFnX4vljsKq0NDrWLltpzokzdJBX6KGGxfsmob01-rxdvHTWd2w7BS6heGn9xXuiL2zPmYe0GjPDp5nLVHBhJC3TAlyYnPaVc1hmeBxMxreH1Q4bCJ7QNxUyYD3NBM_Fl2hxfUOkCYZehKBtRLWSxX54BELW9dlZG6NoLCQrXltpsQe8yQaELOH-iFVlsn0lJYoteOpbT_a4hYf4z3VvCAcM1vuvxtL7Ryps2xMKNRf9sTi5yiqQdM9SsFIBEsDstA4BX4SzvLiEol6jobkP5UIDy7NQQ4B1iikhAb5w1uZ9epz17oVyLvWNJHo&sai=AMfl-YTuVJjM1JGBHtlaZHRDSoq4-eYNUSXalR11F22DrfhVlEsYkdno6_zay0ndLxHACdNwA03fkDP1-CvUMUphQUo1HCeRHcXWK6DLIx0va0uyOgwpr47Eco-IDvXGD04&sig=Cg0ArKJSzAIXW8p5kaoYEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 93B9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e892934718b572f17a56e83647ec4a83ebce42b536de31cf83891d81361b4d21

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4442 36 KB
11 KB 51ms
50ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1YYN
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f27d2c5f66b94230e004d6c66655d01a1cd15174edb43a04feced5daf4d5315f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1YYN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:49:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Sep 2023 15:37:22 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=82075
Connection: keep-alive
Content-Length: 10521
Expires: Sat, 16 Sep 2023 15:37:07 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 4442 7 B
380 B 122ms
21ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?us_privacy=1YYN
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7454 42 B
64 B 126ms
126ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2kiBrldR33buhNy0WPAQ05FA7r56qyiu0V8vD8xFxfMgLWGjdWsGETO7wUTZdL03sljlrrAp-3QHhHUSGSmAnsNEOBSeLdu01gYFnaGHh5AjKUNyk4ji13hDDRhQa&sig=Cg0ArKJSzII-CmXmxQ2DEAE&id=lidar2&mcvt=1001&p=885,1180,1135,1480&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2240819705&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694796550473&rpt=1227&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B982 42 B
64 B 126ms
126ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGgubko5uwH_2KXCWKcJPRvCv80v7PDkCpEvT0q1ZPZLFBQDv3p6RYa_Ia9-z59ZalUx_TfHW3Hy9LEXx3RaWIqk9_llrxAzU4u4vLBtpsJ0F7wKep5gi8-IE8LxuW&sig=Cg0ArKJSzMOXn8k2w3CYEAE&id=lidar2&mcvt=1005&p=615,1180,865,1480&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2240819703&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694796550334&rpt=1339&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1A4D 42 B
64 B 127ms
127ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsteF5eUvvSJx1hvjfnxTdPwRcvQphk1Ok6dnUhMiX9uxG9PrOzrKbGpT1T7Ctiu5DUH4TCb3Sctlom7rwjfa7h9Hnazi2sBEkEpUxPpCEiqVUHiBxTsSoC1NQSwuiOM&sig=Cg0ArKJSzJJ4HV9Qw_jREAE&id=lidar2&mcvt=1000&p=735,535,985,835&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3578395192&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694796550148&rpt=1679&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 93B9 0
0 62ms
62ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAGuZr2a0lDxIsV59gwrwRNYl4MI7Rtbe1QUo5opLXCiiUc2H_Qo6Up0RSlpbGR7xOWjBenpiFpp7IFcg3Z-ki9y-G4fjMs3fe9KaZQ7UtYmzzetIq6O-cvlWXq7gR5RnaSILQdxFR-3VzQC4DfGAgJVekwccSz7DQymQlAMV7G6HV6VNBCrjJYG21Ck1SIZeTPnIpkHzi2EPp_BTaZkJZPEviiH7OO0hGhvM1QHm43zMYpffK1IkrEKftoQItYeiHltVNs6T6-EPvyLnZbaLqbqUAKWpsgDphI1vArPoi14QmHcDCWIN4vQe3kOFtIG_KUI0paqdOWYbqn4kGOXPN86R8nyV-PzdvfkAHIjy9w3yXr5oNp4t10Q&sai=AMfl-YSh8cIEtQ84GZfW0NFngQEolb2sl9zpF2ioowbkXlLg1aVwwG6Dgw8GJXbMar8rr4Er4G6y9EessIgL41KwqNfQTgtrxF4w7Sa6x1QjsW1xBmV8JdSIIryrgZwXbxQ&sig=Cg0ArKJSzEzwTH8kvD35EAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:49:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:49:13 GMT

POST
H2 200 multimedia.php
events.newsroom.bi/ 12 B
0 27ms
27ms Fetch
application/json 116.202.150.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/multimedia.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/764f46ed0012a3900512.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:49:13 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

GET
H2 200 0n08o08on1s95660r3072825o1nq9p2n-00002.ts Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 1 MB
1 MB 33ms
32ms XHR
video/mp2t 13.226.175.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/0n08o08on1s95660r3072825o1nq9p2n-00002.ts
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.175.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-175-128.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: deaf6910b8470d51fefd3ff88a1e8b0cf018b9eb2e019c17dbd755f2ebb9c070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 04:59:24 GMT
via: 1.1 7547a9346c879171aa25dbfdda694b20.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C3
age: 42591
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 1361120
last-modified: Fri, 15 Sep 2023 04:51:32 GMT
server: AmazonS3
etag: "50bc2aec215f7b3964e640259612f38b"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp2t
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: JkoYtEPH5Lk_-PvIu80WuDYL0hiLsMB8v3eabRJfpkq-4FTQKhf5nQ==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 29ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je39d0&_p=1329802374&cid=288697255.1694796548&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEIE&sid=1694796547&sct=1&seg=0&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:49:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST stn_trk.gif
s2l.sendtonews.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lexicon.33across.com
URL: https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.0.1&us_privacy=1YYN

Domain: s2l.sendtonews.com
URL: https://s2l.sendtonews.com/stn_trk.gif?session=OUuBIMfN8VCDtB3X&instance=214857196&version=7.23.0-A&age=230915&ldt=QUARTILE&key=dtKKcuXb&seq=1&order=9&vIndex=0&absoluteTime=11161.9&relativeTime=9078&sm_id=3000503&visiblestatecd=I&soundcd=OFF&quartile=1&pposition=float&floattype=s

Verdicts & Comments Add Verdict or Comment

332 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.telegraphherald.com/	1969-12-31 23:59:59	Name: ___nrbic Value: %7B%22previousVisit%22%3A1694796547%2C%22currentVisitStarted%22%3A1694796547%2C%22sessionId%22%3A%22b5a9f11f-759f-4224-a57b-8d4c5da2570b%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html%22%2C%22referrer%22%3A%22%22%7D
.telegraphherald.com/	1970-01-20 19:08:44	Name: ___nrbi Value: %7B%22firstVisit%22%3A1694796547%2C%22userId%22%3A%22e70bcdf8-d048-4953-babd-c69d1ec47b58%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1694796547%2C%22timesVisited%22%3A1%7D
.telegraphherald.com/	1970-01-20 19:08:44	Name: compass_uid Value: e70bcdf8-d048-4953-babd-c69d1ec47b58
events.newsroom.bi/	1970-01-20 19:05:48	Name: 2738_u Value: e70bcdf8-d048-4953-babd-c69d1ec47b58
events.newsroom.bi/	1970-01-20 15:29:48	Name: 2738_lv Value: null
events.newsroom.bi/	1970-01-20 15:29:48	Name: 2738_ut Value: 0
.telegraphherald.com/	1970-01-20 16:56:12	Name: _fbp Value: fb.1.1694796547275.1033576860
www.telegraphherald.com/	1970-01-20 23:32:12	Name: usprivacy Value: 1YYN
.telegraphherald.com/	1970-01-20 14:46:36	Name: lotame_domain_check Value: telegraphherald.com
.telegraphherald.com/	1970-01-20 14:46:40	Name: AMP_TOKEN Value: %24NOT_FOUND
.telegraphherald.com/	1970-01-20 14:48:02	Name: _gid Value: GA1.2.488461565.1694796548
.telegraphherald.com/	1970-01-20 14:46:36	Name: _dc_gtm_UA-54716522-7 Value: 1
.telegraphherald.com/	1970-01-20 14:46:36	Name: _gat_UA-1002501-1 Value: 1
.telegraphherald.com/	1970-01-21 00:22:36	Name: _ga_1KSYYTLTZT Value: GS1.1.1694796547.1.0.1694796547.60.0.0
.telegraphherald.com/	1970-01-20 23:32:12	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Sep+15+2023+18%3A49%3A07+GMT%2B0200+(Central+European+Summer+Time)&version=202209.1.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 46GlVzObTCY
.youtube.com/	1970-01-20 19:05:48	Name: VISITOR_INFO1_LIVE Value: aXYPo3X4Gws
.id5-sync.com/	1970-01-20 16:56:12	Name: id5 Value: 0
www.telegraphherald.com/	1970-01-20 15:29:48	Name: _pbjs_userid_consent_data Value: 3524755945110770
.telegraphherald.com/	1970-01-20 23:32:12	Name: ajs_anonymous_id Value: d211a82a-067a-492c-a945-c9ddc970d327
.telegraphherald.com/	1970-01-21 00:22:36	Name: _ga Value: GA1.2.288697255.1694796548
www.telegraphherald.com/	1970-01-20 15:08:31	Name: tncms:meter:assets6639bb10-c083-11ea-ae08-af90189f6992 Value: 1
.doubleclick.net/	1970-01-21 00:08:12	Name: IDE Value: AHWqTUn_t6a_fvh21tyA_G9do1CWKGeCoZvcPjFpGusM95tTFASNhc20NzWbBB1jDWI
.telegraphherald.com/	1970-01-21 00:08:12	Name: __gads Value: ID=ada30539d6737d75:T=1694796549:RT=1694796549:S=ALNI_MYnBwSUFennhDJhN1Lf3Ue_JsdEsw
.telegraphherald.com/	1970-01-21 00:08:12	Name: __gpi Value: UID=00000c762145dbb7:T=1694796549:RT=1694796549:S=ALNI_MbPKrg5i7CghfkIUqFvpsUgB3Im2A
.telegraphherald.com/	1970-01-21 00:22:36	Name: _ga_4T2EB147B8 Value: GS1.1.1694796547.1.0.1694796551.56.0.0

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://tagan.adlightning.com/townnews/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
security	warning	URL: https://tagan.adlightning.com/townnews/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/townnews/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/townnews/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/townnews/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/townnews/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

49ccac6acb6fee62c890c019af555273.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ads.pubmatic.com
ampcid.google.com
ampcid.google.de
api.rlcdn.com
api.secondstreetapp.com
api.segment.io
archive.thonline.com
assets.revcontent.com
bcp.crwdcntrl.net
bloximages.newyork1.vip.townnews.com
buttons-config.sharethis.com
c.amazon-adsystem.com
cdn-ima.33across.com
cdn.cookielaw.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.revcontent.com
cdn.segment.com
cdnjs.cloudflare.com
compassdata.mrf.io
config.aps.amazon-adsystem.com
connect.facebook.net
csi.gstatic.com
d29xw9s9x32j3w.cloudfront.net
embed.secondstreetapp.com
embed.sendtonews.com
embedcdn.sendtonews.com
eus.rubiconproject.com
events.newsroom.bi
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.sv.rkdms.com
id5-sync.com
images.revcontent.com
imasdk.googleapis.com
img.revcontent.com
invstatic101.creativecdn.com
js-sec.indexww.com
l.sharethis.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
oa.openxcdn.net
pagead2.googlesyndication.com
platform-api.sharethis.com
player.sendtonews.com
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
region1.analytics.google.com
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
sdk.mrf.io
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tagan.adlightning.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trends.revcontent.com
www.accessdubuque.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.telegraphherald.com
www.youtube.com
yeet.revcontent.com
lexicon.33across.com
s2l.sendtonews.com
104.16.133.24
104.77.32.87
108.138.17.85
108.156.2.60
116.202.150.116
13.224.192.181
13.225.78.11
13.226.175.128
13.32.119.77
13.32.121.21
13.32.121.35
13.32.99.22
141.95.98.64
151.139.128.10
162.19.138.117
162.55.144.217
172.64.148.101
172.64.149.180
172.64.152.89
18.203.57.57
18.239.18.118
184.175.83.79
185.64.189.112
192.104.183.109
2001:4860:4802:32::3
2001:4860:4802:34::36
23.32.184.192
2600:9000:20eb:e00:c:abe:f440:93a1
2600:9000:2250:6000:a:e047:753:6381
2606:4700:10::6816:3456
2606:4700:3033::ac43:9fa2
2606:4700:4400::6812:2089
2606:4700::6810:5714
2606:4700::6811:180e
2606:4700::6812:82ec
2a00:1450:4001:802::2004
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:813::2001
2a00:1450:4001:827::2001
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2006
2a00:1450:400c:c00::9c
2a02:2638:3::3
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.216.232.229
3.65.104.49
34.102.146.192
34.120.133.55
34.241.108.134
34.96.70.87
35.160.35.184
37.252.171.85
44.210.28.246
46.228.174.115
52.223.40.198
52.58.45.126
54.197.229.45
69.173.144.137
69.173.144.139
95.101.149.233
99.86.4.30
99.86.8.175
01549885139728f060cdd5891523659dcb934c9ddc7154bedf6bb195a4cd211c
02f8c15ba65b0ae9db6f957d28f9ae1adbc048090cca772bec7301451a8c1dfd
03aa80580b402aebc5e486b943a2da82ee76790993dfffc4f4a421592e2d6f57
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076f281a9257ad662f34badb12393195fdca0dc2fde9acd1f1628b9674a96aee
07a170a7411835031a08ba9a8499c88b73eb0e9ca71729ad3bdcfce3c4332242
07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8
09430f3620f6c275e8b1549a197d320593921568230a827421e64ad31c2b9041
098febc0d0ea7ff5edd7991f8ea8db5997c8f2ca32bbeb0ab2da5b28f0c96c35
0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9
0c84c498773a7bf8886f05dfe5f414e4b53fbd8aa2c448f5e26a4b83befdb232
0e48f0d912bb3db0ba23630fc04fe4c07393b4efe3227b49dc1314a661b0287c
0e53c57c02bc1893290ace288f875fb7f24ecd07008077da5e9751f51040907e
0f84986cd37501551e51910f93ed011a5a0ca71eadd20b3618796212a89023fc
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1856d9b5b6bab37b309b28fe14f3de828d2997daa7e80b31da276ff234c3a8f6
197d57973f476d5a90adbeb556aa75d0dd3b0de064773b87e9ac4315858a03a7
1bf00649d48931a37df34de72bd5f3fdeb35dd731cb30b0083bf356ad6b01050
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f5ea6a05d7b542f9e8517ee2ac65ab31e97a46aac3205aab1950acb713527bd
200d2ad791858632f23e69eb768c5dd5bb8686158b5350c21f6237fc295b73ea
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
29e72bf40eb96eeb8ed4ff10748e5bdfebeb38552404bb0270eaad7e9ac4da1e
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2b511d3f44c895e063c6aa0f6829d2809af3ee9ec13ddc514ea8d1e6d9fecece
2c1d2122bde8e57c6a0d64d3ae5ab9311b92a90d939505522ea8017a0332afed
2c3c26716335cdc27f18d1712d8f7b57f7cab4330c7d84c4285740f598640065
2c57a5c8635e32219c8cffb12844c6b620b036730aa16a900e4d340ed7aa43cc
2ca99099e62044f90c611cc0afe309e4c21df12345d7b15aeefc3c2230352b08
2e22d2b0c82ef8e52f4b8efab90fe97ce91f7bfc71ef520009000b43a7aedaf5
2e85bef6daad2a4e58352f93881c671a125dbad6b1a787cf7afd31e28b97d278
30047215b0ae630d9b377ce7ed9c1568233256fc6d7c3dcc729d0de52a445af0
30e4d1e0f46d3af24c1b100040fa413fd22cc1e0260bbc63017f6fbd69fa7eb5
313f39f8b90f51fd04e2708370e21674be8444df480db62d87382f85ad4e77cf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4
3328bd9037407076ea9796475ce6b141b3123ebaaedbc56efdc43ee07cd43dc1
33939bb9d827d73e58f184dd1b06e5024b34d62373bd41ce2aea6058d62aa902
33d27a2237dd1e05c016cffdd6e7f19af210d5ab0f278a1090d0c342ee151a69
3494d17a7eddcc1f2157db72d2b64d0255b3b1a4e83314207fb34f4f2edf9ba0
34fc4e7529fac73aeaa0c93e5d6c40dcf6dc896aa0df459fac69542fb8a2a547
35faab1d07b33795967a3a1ba80cb5f15a6986b031ae84cefc3a4338076c5b8d
37b564138a8c782c7ef7f804054712a1bb75a63677dca0e6e186b82102aebb93
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
389f438844f7135c2be70a4a9f6654443a8c76482f1f0fbbea73b903c0d5cfad
38a8c69764cb608dd9ab1a715c2bcc582d8ffdf33ea486a8926234bf68d5733c
39d6835ee4b7c5b33295b8e6ca78c56ce6fbcf44d80e79d218d528a2453fb185
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3c2d938226572319f1888ae1b0be2bad23d9dce1431180fcb5bf3f542fa4db56
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403b2909c28a9ec15859414656330bb266efccf0a660631faa249fe3945c2971
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
426113221b8ffe09c48f255a2be770815d1f6d4256ff677eff1c1de5009f0488
4369dba0d40345e88549c3e75afc75ab9b2b7eae4c5723f926d5910e9d87de87
4385a7720880cdd5031fe75803209a9303453a1094abdf103f6fb6170e79b723
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448e1a4179ffa476609ed1e8909867082486239c06fb2e277f7843e3269d427b
4502a3093838e13382b726c462761c6f8d75ace126ecccebc1f051f0beb3a11c
4530108a7846e31d33b46c776fcd52a54aa52c879577dee1cd75dbae68dc0585
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a96fa4f8b7be243cc0f92c4f877dfc84490eac8cba15ef27bbd4a1ae79c221
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549
485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4b856c515e96f86e2f9ff5418c119f5e5c00831ea28c60235115f25fd991edf7
4bfbb6172286a6ab9314504a55dcd79217e35cc1c7319615a8995577af4c8a57
4d950bcf10ea02125f7e203a9d96b3589a74558d66b33171845e4fa3d0a18d25
4ddd83effd6074abee838166695da6463438ba68e7956bbfa4d1ccf58b6a40c8
5126ccf3097527765bf8adc3d53a9e9647b57684a495143e00832df6d12ed8b5
514010fa6b11f61340616503c07fc5c2e4951163e6dc26cc2b4a33c229cc38d9
516aac25ecedde23191fb756dc1175e4d43ff19efa51f4fd474bce6e560bee59
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5480b146acd3834e1ae343058731a655cb7d708e01727c910052e645b98ece3b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5829a4bb2db7aa971395872851eae5fb07ce0196772c09fa9fd1576f5852b0df
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
58c232050c86885f1e4b27d778b2b66dfafaabe31212da2f01fd2b1fa00b28b5
5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08
5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd
5c01b4ea39d41a159cae309e742b5cd4dcbfb24d99456a6ab3822f426120f765
5c4a23a217e269ad2451e4668ad319a23ad3c70ec0d3d84a43d3a2564f0d3287
5e601d8d6f7a7e9ea77b0779587ac065677343a89df058a6638129e9b0f1ebdd
5eee5c73f462c4f429b8d577f737ca4bded0bb1ea455db1413ab06d91c25e254
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62864dfc09682e01eedffa6de15991cab27064828cb39a1831059ab9a7bb735b
62fa775e491874d7e0eb6dc4293d4920d156c6d04eb9d2cbc62519115822ae44
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
64fdfc6f5adaeb9dd4f850aec979b88c28075957f0e8937416795e3642d96aa0
6509b47e7d2ae329dbfd211c5e0f6816b368cb30b00c8e93c502b32792d3f4a9
66a96f40edf674bec2e02e2f466a5c6f86ea97e857450831400bf74a799b64e0
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
676e0e6f7bc86b4026194972a4fc3545fcc8d907734ca93f4ca3de4d9e85483b
685b6cce93fd4204c04645ec0077e93ba23660ebdb0cef27172ad9eee5664201
68cf129e93209a063b51097aa1b40c2a4149ba79a99f7e6d4d485623fe535b9f
6aa2b1d1d1ee8541c2b2c169b34728afb06a08ca39e5f2d5a4ed145636440eec
6b1e0c4d01987438c823ddada5028966cbb63bdbd65e1558304a9eb985c96136
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6b69de612111c26b096a1f30502688185e5bd0fcb1681c9fd7a9a1b89fa9d82e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6edd42686ddddc5cc5a5ad6e45305a1e0cf72a0c3e1790d59091ffb26070259e
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7a5058aa7e0090827fb2c2e9816c697909bc88d06cf6f8191e6333e053a16ce6
7d14d434794d4b7d3ec2cd2a97263773a8dd35b8da5302fe99d3dfb604c6fb91
7e29e7a53319f0f692a359d1dd23f412bebb653718dd3a9435ff2d12081b8cef
7f84a292e0721d3de1fed900349151e455ca5a03561747a4d58088693729efa5
7fd7424a4c35368a1f74b59332c21ad08e4570bf827d921c0af2dda5cec60bfd
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
870028f088733265a28509511a09579ac83710b15ab1141ac8a58fe625cb2eb8
883aa8eae3e60fb3293982ea005b7d0825faf153e68b7495fc6fe5893c38cb8c
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8df152316fe36d7897ebcd8b3e5d7930811c1907a80342cab545bb68bd023923
8f1cfc02cb95103ce088d49e98ba6dfa4eaadb10fe50939f8b0cbca742a0802f
90e730b1fa0b9e32904fe429040d0be24a9f4dd191bdf1f74e5d39aa9e96cde2
92603d67d0718a258c604685ca9759145f186ba603e9c4fd9f0b3515b5b8285a
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94c437b53ea9f9f159c59a8d194eed20f75e0d91bfbbf6c4a45b156390000f24
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
955becd6590ca9099279669e95771cf8d4d519ff8643dc8c398b6daaba6061a8
95ad6a3c2d11d5a3c188ad7c06cb4cac712934b9302197cbfb0a1869a18d0b21
9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
98bd2a42c83491e583293867e9e89e789573302e9df065122643d8cef9d83116
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9bfb4a2c4f974120f57a48cc57f7937f8045abe2bfb1f78b6683dab126091464
9d7b31298b1677591809a6dd1fc186edf3ea2215e5a715b50fb7a31017dba949
9ea746bcaeb49d78462db0b0740de88e2f00bf5f492e14e65a5e811b45ee0220
9f6114de4e1f9c80ad04cc403b8472320d5604ac43816db5c1540a17101e93dc
9fb252a7b0f03225554f0781925db4039148977f4731567d3d161a7b2f8bac64
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a0bb12bc1cb0dd34d2c3db06e0e376e55d14453983513e9670973e39ea2b7f65
a1877b0614160be67154a711c4e67bc314c75bd78f1bb83415512beffbd4e3fe
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a59df0e9bd45c2897db8be1409882ef4ebb7508ed14cd742c75160e5256f845e
a6519b2e757cd863fa5d0fd7476b99cd8983f6b34cda36b65b0ef6791b9bd60c
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a99ab7cb2c846dc63dc21c00c8eab1f9bbae618ef4a3b2b648a86d9855f80b2f
aa05997ea2c6a549852ad57323ba29ddf9cc361a636871be8fe52617d1b2cd7c
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
aacede08eec2bdcf96fbd7e1d841798a95df694ae2a9975e151c4d4abde9c880
af6bea70dc94c86467e3682e344566a3f7097d677b5329fe22fd41abb9a443bd
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b33206bcdd3dc06f5d13265b61a6afc0b61a09b366c9f7b84b7a869274dd2654
b398ca5776a86c9873f15b54b0e4f51a30b844915c2286630072d2410f4ced00
b4455371fc3773f5c1738b4aabd050eeb99bfb4c6278698a5e6f2fa3b99ebf43
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b9a1492be256f52d3e6274e5fd8124d8c7a3cb6dd1de205cb1ce0fa64a031ca6
ba005884302c65983e86c49afd2e6bf0d3ca60166c861ee2888d716ceed13e02
ba8098c1b5a9e2fab5ad67b12da0b4a2337a9ed8e078edc71b5eada7fc615188
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc1009104ffcf20bdd8170964316315eb915d2d565aebc9d8f21b8b8f8e94150
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bc8f50aa837575aa859a04ecaf8914db15cf4e8c77f3bcda79dcf16f4856637c
c1f33558d1045531b408a422d50e71ad01b0b33984d74d6a3a06d97e4cfd3d81
c4f4a1449fff0e667a601b7c2a9a4e3dbe306903c3047b9d21b2f6a7b05ca2e5
c5bf9da61f9d4956b20577fe79038e5bd6dd8db076059155b18d8f4f2f8d6b34
c5d5c4a03ef7b700744c0731c75469e307490817ae7a1f6f0c93b1fec08377e5
c6c2dadf2519b1a53072c243e563a27c55d28d46c8777856983f16b542d42b0f
c71019477e8e8312ac2b5e5558fafb61f28dd238a278eb400c98d03278783ac6
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb9c4209cb9614d749efa807c0f454fc51136f7d5914ca629945cadad984edf7
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
cf9fdae1e80d1d8105b1adb8f159dbacd4ccff2cf56dd186df25b9d086b5376e
d06b0e662cfd11cf87c4c75d9a1c22bb7f710d0d1b9c6d5dfc099e52672a4246
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d795b5d4b6e0c653d737ab44957ada4c5b302fce657a5c9ad74eb9e233a8be
d1a2da045d78c4ed73d71581e1607e7ea958d598ff919dfb7fb72d53fb18b43e
d25b6f68b62ccf7af555bfafedb3d5a4764a5563ca6f13f5492593bc42091555
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2d5da788f85f6c7606a2ce6b73ffdc5bbae4f1c94718b3682e614317a97ed0d
d34178fd2e5a63ee1aeada7c11ef3f65639935fee58ba0eafa99b2b1dbd67ee3
d5040a141549518c773b0d75420b0d4d316b26c029e4c94946d60d5d3afac7cf
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d6f235c0ae26135f22383f4adf497677205319471b09ee53ab9d8b2b4a364fc7
d7133c07da0d7df5ae3d5fe3ff8a67982a5af918e7ec147af765f1ba7e14b641
d94edd219d965011aa7c423435675f8fc3aba340d1d2a45840c88592b922dbf2
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da779586ab94abb7d4cc76ee20bdee72681057173160798962835e2758746dfb
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dbb6d7e8adfe681502d6023f30e242ed75cafca1ecd356ffffb4ac7de1b3d360
dcf66f5ef082d7fd5259bc85352f7ce595fa2bf76fd51c2aec0ff6cb91db43c0
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deaf6910b8470d51fefd3ff88a1e8b0cf018b9eb2e019c17dbd755f2ebb9c070
e00c6ac4a08618cf6652f6f85a79aded49f44a64575a8e69672ef752b8c435dc
e06c1b5835373a277ddc9b512293612f0cd5cb5cd876ee5fa3ef7833c91f6864
e102f8fcda630190f1eaccad78339089dbdc4de850ac6bca7bd057db23d36e94
e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f50b0cae939f3b13520a85641d2e719dbe122ec0108f1cd19f061e056911e8
e4aa725adaf778ba87d0592e62b2b6b2f4909bb818d79c720ba58c0f0ebe79c9
e6f9679b4a3f1b11233b36ccc9728ee7db25cffd51542ce046c82f1f368a6740
e87afb07bae07c473cd2c18190936b19be8925b8f47e94ff7cb8f477c3c9ffbc
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e892934718b572f17a56e83647ec4a83ebce42b536de31cf83891d81361b4d21
ecadd5e05e21cee2f29ac9136fc2dfa15269b78b8be566bae9f08a061f3422e5
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef363fc8d14e4cdfc401792ea044108d84aa709594566611808f8e5aa0779c4c
ef545107e05d08ac455ec0a3b36290ef3d3a5e7b49d2ed8f5f1499398b58fc43
f1344d269f3c1728ddfd5278601c670241faaee7a16095228b5624cbadffc6ba
f180d76be4fe3072f5c29b64ac56aa850f4ee0bfc2fcfe33541f918cd2801ad4
f2153bde5c6d6551519feebc9ee20ad074dc4ed6baa1f0d483792fc03a7c24dd
f27d2c5f66b94230e004d6c66655d01a1cd15174edb43a04feced5daf4d5315f
f3a66a18e4acc069bf082e67acf97c03aa3184dc0ce37977fad64fa37bf04ac0
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38
f5069584ce49d3443299d9a275b0924a94f054ec25dabfcbc2118d2425dda672
f6834d2fcad7f7350612d2ab661502632e8cec741537b94ee67812c7298ec675
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
f6a8e74bed77ce6685a87979a1a6fa75deac0194b365e9958361124cd8b88cf1
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fc5c9d805c7cc14cbb1c2e1b3d9c7714e97176a0634ca2542a721aa6f87a350e

www.telegraphherald.com Open in urlscan Pro 192.104.183.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

309 Requests

99 %HTTPS

41 %IPv6

53 Domains

82 Subdomains

74 IPs

8 Countries

6451 kBTransfer

15428 kBSize

26 Cookies

53 Outgoing links

Redirected requests

309 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.telegraphherald.com Open in urlscan Pro
192.104.183.109 Public Scan

Screenshot
Live screenshot

Full Image

309
Requests

99 %
HTTPS

41 %
IPv6

53
Domains

82
Subdomains

74
IPs

8
Countries

6451 kB
Transfer

15428 kB
Size

26
Cookies

309 HTTP transactions
8 data transactions