urlscan.io logo urlscan.io
SecurityTrails logo

times-herald.com Open in urlscan Pro
159.203.158.205  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://times-herald.com/
Effective URL: https://times-herald.com/
Submission Tags: tranco_l324
Submission: On November 12 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 54 IPs in 7 countries across 44 domains to perform 191 HTTP transactions. The main IP is 159.203.158.205, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is times-herald.com.
TLS certificate: Issued by R3 on October 16th 2021. Valid for: 3 months.
This is the only time times-herald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 159.203.158.205 14061 (DIGITALOC...)
27 52.222.250.219 16509 (AMAZON-02)
7 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
11 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 50.17.208.58 14618 (AMAZON-AES)
16 151.101.194.202 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
7 13.32.121.78 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 18.66.139.104 16509 (AMAZON-02)
14 23.23.175.67 14618 (AMAZON-AES)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 95.101.44.28 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 151.101.66.202 54113 (FASTLY)
2 2.18.234.21 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
22 18.66.97.25 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 100.25.5.11 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 3 15.197.193.217 16509 (AMAZON-02)
1 52.207.5.56 14618 (AMAZON-AES)
1 34.120.133.55 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.12.242 13335 (CLOUDFLAR...)
1 50.17.207.51 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.157.100.237 16509 (AMAZON-02)
5 35.244.159.8 15169 (GOOGLE)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 185.33.221.53 29990 (ASN-APPNEX)
1 185.94.180.124 35220 (SPOTX-AMS)
1 3.69.177.113 16509 (AMAZON-02)
1 23.37.38.181 16625 (AKAMAI-AS)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 142.250.185.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 23.37.42.132 16625 (AKAMAI-AS)
2 5 18.156.0.31 16509 (AMAZON-02)
2 2 151.101.2.49 54113 (FASTLY)
4 4 54.93.133.131 16509 (AMAZON-02)
2 3 142.250.185.98 15169 (GOOGLE)
1 1 185.29.134.244 30419 (MEDIAMATH...)
2 2 37.157.4.41 198622 (ADFORM)
1 69.173.144.138 26667 (RUBICONPR...)
191 54
2    159.203.158.205 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
times-herald.com
27    52.222.250.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-219.fra60.r.cloudfront.net
d2s94cyhu2tzlj.cloudfront.net
7    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
11    2606:4700:20::ac43:4563 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.broadstreetads.com
4    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
3    50.17.208.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-208-58.compute-1.amazonaws.com
embed.sendtonews.com
16    151.101.194.202 (United States)

ASN54113 (FASTLY, US)
squareoffs.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    13.32.121.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-78.fra60.r.cloudfront.net
downloads.mailchimp.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    18.66.139.104 (United States)

ASN16509 (AMAZON-02, US)
player.sendtonews.com
14    23.23.175.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-175-67.compute-1.amazonaws.com
ad.broadstreetads.com
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
1    95.101.44.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-44-28.deploy.static.akamaitechnologies.com
mc.us12.list-manage.com
3    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700:10::6814:14ef (United States)

ASN13335 (CLOUDFLARENET, US)
rum-static.pingdom.net
3    151.101.66.202 (United States)

ASN54113 (FASTLY, US)
assets.squareoffs.com
2    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
22    18.66.97.25 (United States)

ASN16509 (AMAZON-02, US)
d29xw9s9x32j3w.cloudfront.net
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    100.25.5.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-5-11.compute-1.amazonaws.com
s2l.sendtonews.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
fonts.gstatic.com
3    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    52.207.5.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-5-56.compute-1.amazonaws.com
id.sv.rkdms.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
2    2a02:26f0:6c00:2a7::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
1    2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
1    104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
1    50.17.207.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-207-51.compute-1.amazonaws.com
timber.sendtonews.com
1    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    18.157.100.237 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-100-237.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
sendtonews-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
1    2600:1f18:612b:4264:f315:7277:7529:ffc5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pi979-10rsz.ads.tremorhub.com
1    185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    3.69.177.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-177-113.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
2    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pubads.g.doubleclick.net
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    54.93.133.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-133-131.eu-central-1.compute.amazonaws.com
pixel.advertising.com
3    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
49 cloudfront.net
d2s94cyhu2tzlj.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
1 MB
25 broadstreetads.com
cdn.broadstreetads.com
ad.broadstreetads.com
1 MB
19 squareoffs.com
squareoffs.com
assets.squareoffs.com
457 KB
11 sendtonews.com
embed.sendtonews.com
player.sendtonews.com
s2l.sendtonews.com
timber.sendtonews.com
116 KB
8 typekit.net
use.typekit.net
p.typekit.net
121 KB
7 mailchimp.com
downloads.mailchimp.com
87 KB
6 doubleclick.net
stats.g.doubleclick.net
pubads.g.doubleclick.net
cm.g.doubleclick.net
3 KB
5 yahoo.com
ups.analytics.yahoo.com
1 KB
5 openx.net
sendtonews-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
2 KB
5 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
2 KB
5 onesignal.com
cdn.onesignal.com
onesignal.com
83 KB
4 rubiconproject.com
prebid-server.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
11 KB
3 adsrvr.org
match.adsrvr.org
1 KB
3 cloudflare.com
cdnjs.cloudflare.com
139 KB
3 googleapis.com
imasdk.googleapis.com
fonts.googleapis.com
314 KB
3 google-analytics.com
www.google-analytics.com
40 KB
3 tinypass.com
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
125 KB
2 adform.net
c1.adform.net
925 B
2 everesttech.net
sync-tm.everesttech.net
673 B
2 casalemedia.com
as-sec.casalemedia.com
htlb.casalemedia.com
803 B
2 gstatic.com
fonts.gstatic.com
88 KB
2 cxense.com
cdn.cxense.com
34 KB
2 google.com
www.google.com
adservice.google.com
1 KB
2 facebook.com
www.facebook.com
442 B
2 jsdelivr.net
cdn.jsdelivr.net
22 KB
2 facebook.net
connect.facebook.net
113 KB
2 times-herald.com
times-herald.com
15 KB
1 mathtag.com
sync.mathtag.com
612 B
1 pubmatic.com
hbopenbid.pubmatic.com
116 B
1 spotxchange.com
search.spotxchange.com
1 KB
1 adnxs.com
ib.adnxs.com
1 KB
1 tremorhub.com
pi979-10rsz.ads.tremorhub.com
409 B
1 googlesyndication.com
pagead2.googlesyndication.com
13 KB
1 2mdn.net
s0.2mdn.net
17 KB
1 resonate.com
cdn.resonate.com
169 B
1 piano.io
c2.piano.io
2 KB
1 rlcdn.com
api.rlcdn.com
328 B
1 rkdms.com
id.sv.rkdms.com
167 B
1 google.de
www.google.de
501 B
1 indexww.com
js-sec.indexww.com
13 KB
1 pingdom.net
rum-static.pingdom.net
3 KB
1 list-manage.com
mc.us12.list-manage.com
2 KB
1 googletagmanager.com
www.googletagmanager.com
37 KB
0 quantserve.com Failed
secure.quantserve.com Failed
pixel.quantserve.com Failed
191 44
Domain Requested by
27 d2s94cyhu2tzlj.cloudfront.net times-herald.com
d2s94cyhu2tzlj.cloudfront.net
22 d29xw9s9x32j3w.cloudfront.net player.sendtonews.com
times-herald.com
cdnjs.cloudflare.com
16 squareoffs.com times-herald.com
squareoffs.com
14 ad.broadstreetads.com cdn.broadstreetads.com
11 cdn.broadstreetads.com times-herald.com
7 downloads.mailchimp.com times-herald.com
downloads.mailchimp.com
7 use.typekit.net times-herald.com
5 ups.analytics.yahoo.com 2 redirects times-herald.com
4 pixel.advertising.com 4 redirects
4 s2l.sendtonews.com times-herald.com
3 cm.g.doubleclick.net 2 redirects u.openx.net
3 match.adsrvr.org 1 redirects js-sec.indexww.com
u.openx.net
3 cdnjs.cloudflare.com player.sendtonews.com
3 assets.squareoffs.com squareoffs.com
3 onesignal.com cdn.onesignal.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
squareoffs.com
3 player.sendtonews.com embed.sendtonews.com
player.sendtonews.com
3 embed.sendtonews.com times-herald.com
player.sendtonews.com
2 c1.adform.net 2 redirects
2 eu-u.openx.net u.openx.net
2 sync-tm.everesttech.net 2 redirects
2 eus.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
eus.rubiconproject.com
2 pubads.g.doubleclick.net player.sendtonews.com
imasdk.googleapis.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
2 imasdk.googleapis.com player.sendtonews.com
imasdk.googleapis.com
2 www.facebook.com times-herald.com
2 cdn.jsdelivr.net squareoffs.com
2 connect.facebook.net times-herald.com
connect.facebook.net
2 cdn.onesignal.com times-herald.com
cdn.onesignal.com
2 times-herald.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 us-u.openx.net u.openx.net
1 sync.mathtag.com 1 redirects
1 u.openx.net d29xw9s9x32j3w.cloudfront.net
1 adservice.google.com imasdk.googleapis.com
1 hbopenbid.pubmatic.com d29xw9s9x32j3w.cloudfront.net
1 htlb.casalemedia.com d29xw9s9x32j3w.cloudfront.net
1 prebid-server.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
1 search.spotxchange.com d29xw9s9x32j3w.cloudfront.net
1 ib.adnxs.com d29xw9s9x32j3w.cloudfront.net
1 pi979-10rsz.ads.tremorhub.com d29xw9s9x32j3w.cloudfront.net
1 sendtonews-d.openx.net d29xw9s9x32j3w.cloudfront.net
1 ads.adaptv.advertising.com d29xw9s9x32j3w.cloudfront.net
1 pagead2.googlesyndication.com srcdoc
1 as-sec.casalemedia.com js-sec.indexww.com
1 s0.2mdn.net imasdk.googleapis.com
1 timber.sendtonews.com player.sendtonews.com
1 cdn.resonate.com player.sendtonews.com
1 buy.tinypass.com cdn.tinypass.com
1 c2.piano.io cdn.tinypass.com
1 api.rlcdn.com js-sec.indexww.com
1 id.sv.rkdms.com js-sec.indexww.com
1 www.google.de times-herald.com
1 www.google.com times-herald.com
1 cdn.tinypass.com experience.tinypass.com
1 fonts.googleapis.com player.sendtonews.com
1 js-sec.indexww.com player.sendtonews.com
1 rum-static.pingdom.net squareoffs.com
1 stats.g.doubleclick.net www.google-analytics.com
1 p.typekit.net times-herald.com
1 mc.us12.list-manage.com downloads.mailchimp.com
1 experience.tinypass.com times-herald.com
1 www.googletagmanager.com times-herald.com
0 pixel.quantserve.com Failed u.openx.net
0 secure.quantserve.com Failed squareoffs.com
191 66
Subject Issuer Validity Valid
times-herald.com
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
broadstreetads.com
Cloudflare Inc ECC CA-3		 2021-06-03 -
2022-06-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.sendtonews.com
Amazon		 2021-06-17 -
2022-07-16		 a year crt.sh
squareoffs.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-03 -
2022-06-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
downloads.mailchimp.com
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-21 -
2021-11-19		 3 months crt.sh
*.broadstreetads.com
Amazon		 2021-11-11 -
2022-12-09		 a year crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA		 2021-08-19 -
2022-09-18		 a year crt.sh
wildcardsan.list-manage.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-09-27		 a year crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-16 -
2022-07-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.pingdom.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-15 -
2022-01-15		 a year crt.sh
*.squareoffs.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-03 -
2022-06-04		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
securedvisit.com
Amazon		 2020-12-31 -
2022-01-28		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.cxense.com
DigiCert SHA2 Secure Server CA		 2021-05-21 -
2022-05-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://times-herald.com/
Frame ID: 0B5837F34D9D487BE8C7F6AAC1480913
Requests: 90 HTTP requests in this frame

Frame: https://squareoffs.com/square_offs/21442
Frame ID: 846082F8EE0F32EB3587E38DE0D960E3
Requests: 22 HTTP requests in this frame

Frame: https://player.sendtonews.com/player7/player/65.21.7/player.js
Frame ID: 529410F6966B9A36C9887639285D0C03
Requests: 63 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Frame ID: 75D7FC75BE3EB56D8949438370C00712
Requests: 2 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Frame ID: 32B5961A04421E9E624547F7F1C3AF24
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: CC098502A4F05B2EC2BC80476E742910
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 92EE3F180F7493CD8674BACCF356BAAA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 47DD3DB40C6852E61FAEDE5DE4F25CAF
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: D5F106968FA3392875096E9B6C347F4A
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Newnan Times-Herald

Page URL History Show full URLs

  1. http://times-herald.com/ HTTP 301
    https://times-herald.com/ Page URL

Page Statistics

191
Requests

94 %
HTTPS

42 %
IPv6

44
Domains

66
Subdomains

54
IPs

7
Countries

4642 kB
Transfer

8949 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://times-herald.com/ HTTP 301
    https://times-herald.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 180
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=92643243-db69-4832-b736-e5b17161de3d&_origin=1&gdpr=1&gdpr_consent=
Request Chain 181
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YY37qQAD9ROwYQBG HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YY37qQAD9ROwYQBG&_origin=0&gdpr=0&gdpr_consent=&_test=YY37qQAD9ROwYQBG HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YY37qQAD9ROwYQBG&_origin=0&gdpr=0&gdpr_consent=&_test=YY37qQAD9ROwYQBG&apid=UP786680b7-4379-11ec-a004-02c1570f7238
Request Chain 182
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP786680b7-4379-11ec-a004-02c1570f7238 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP786680b7-4379-11ec-a004-02c1570f7238&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA3ODY2ODBiNy00Mzc5LTExZWMtYTAwNC0wMmMxNTcwZjcyMzg%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEHAaUGSN47GY2DtrZyKYFhE&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEHAaUGSN47GY2DtrZyKYFhE&google_cver=1&apid=UP786680b7-4379-11ec-a004-02c1570f7238
Request Chain 184
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4bee618d-fba9-4700-958a-332558855505
Request Chain 186
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7126898115398932943
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENVlsOq4o_xsut8Y7p0HeYA&google_cver=1

191 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
times-herald.com/
Redirect Chain
  • http://times-herald.com/
  • https://times-herald.com/
68 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://times-herald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.203.158.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
d54277e2b1e52e392ebd29aa2988e3ebe9becd9b4b2684d6a971b7d24cffeb90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.15.8
date
Fri, 12 Nov 2021 05:29:07 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
charset
utf-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

Server
nginx/1.15.8
Date
Fri, 12 Nov 2021 05:29:07 GMT
Content-Type
text/html
Content-Length
169
Connection
keep-alive
Location
https://times-herald.com/
ea0bfe10cb598cc0e6dfe5f9e723e1b0.css
d2s94cyhu2tzlj.cloudfront.net/prod/ 		136 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/prod/ea0bfe10cb598cc0e6dfe5f9e723e1b0.css
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c58276d0c35cff48ddc5c559bfc2c42ce58edbdf56ae2ed69774a716f02ed1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 22:35:17 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 19 Oct 2020 13:35:37 GMT
Server
AmazonS3
Age
716031
ETag
"bf5369ceacd25f5275abc0c8db4bdb47"
X-Cache
Hit from cloudfront
Content-Type
text/css; charset=utf-8
Via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
29263
X-Amz-Cf-Id
N6kLNLpP-4iOLvG07ZncU2U0rOWwdAKRVNv8-jooBO1zafBBwA0Fpg==
axy8tgd.js
use.typekit.net/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/axy8tgd.js
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5474ce70b42dee2593985430b6e47447120e347a2e9a91d0d38783b7bee238d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Fri, 12 Nov 2021 05:29:08 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6959
modernizr.gz.js
d2s94cyhu2tzlj.cloudfront.net/vendor/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/vendor/modernizr.gz.js
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0d87d2c09a9c1ecca1b72540c7d7fe1c1527c8d4bf83d50e01c08bbe159ba35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 19:53:20 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 11 Aug 2015 18:05:56 GMT
Server
AmazonS3
Age
293748
ETag
"6adca66d470d397c7b6d4663a568e585"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
4645
X-Amz-Cf-Id
X-kQdzZT5dXzaKamnF5zaYJse8j-rKaX_MuEhgEuoWbCvupV1HHk4g==
init-2.min.js
cdn.broadstreetads.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.broadstreetads.com/init-2.min.js
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16534145c570e8757046ab7f239531e4a9c80a4204fd3b696d99f1bf4f843b8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
278573
x-cache
Hit from cloudfront
access-control-allow-methods
GET, HEAD
content-encoding
br
last-modified
Tue, 13 Apr 2021 02:04:35 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1618279473/ctime:1618279473/gid:20/gname:staff/md5:e060e1756873b8312c728e295a001693/mode:33188/mtime:1618279473/uid:501/uname:katzgrau
etag
W/"e060e1756873b8312c728e295a001693"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHLQL5QGj5Bv%2FcH8w7F%2BnLpp%2Bn8COwZMh1hxzqX6Go0C%2F%2F%2BWTR73zPbWX2xwvno8uyTG2aM75QVDENPR4bU6vefy7G20pySpPuEI5eCeTbJ%2BXy2CgkhUPgl9vwxhZlJ6tFv4Ue0mgqn%2FeZmj9VR3v9wjmbE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, max-age=31536000
x-amz-cf-pop
SEA19-C1
cf-ray
6acd5c625f3f6931-FRA
x-amz-cf-id
6DTbdlVgkH8Hicps_9F8zsNWQGaRn7Z9e9qCdM-rc8FS9Ni5HP-9nA==
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa081436fdbf78060847f4dbd6cc95f88a435c2f995e03aedf16cae94bb48762

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3122
etag
W/"d24a6d0ec1286eeadae131b33275a983"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6acd5c625c6b2bdd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 15 Nov 2021 05:29:08 GMT
Grantville-file-photo.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/grantville-council-meeting-ends-without-agenda-or-quorum/_megaMenuThumb/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/grantville-council-meeting-ends-without-agenda-or-quorum/_megaMenuThumb/Grantville-file-photo.jpg?mtime=20211109160418
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bede38aefade48d8e54d9e0898d23eb19412220c8231acc4be68a3918fc37a0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 11 Nov 2021 02:27:38 GMT
Via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 11 Nov 2021 02:27:33 GMT
Server
AmazonS3
Age
97291
ETag
"8d2f4a12b1ef8c64ea9dc073c63b71bd"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
25824
X-Amz-Cf-Id
28_Az5vMVXoP_hr1U1j7kizo24swBaY-aZ5Q9YcYI0p-9C4otUDEWQ==
11-10-2021-EC-Newnan-012.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/east-coweta-wins-in-two-overtime-thriller/_megaMenuThumb/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/east-coweta-wins-in-two-overtime-thriller/_megaMenuThumb/11-10-2021-EC-Newnan-012.jpg?mtime=20211109141631
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be2b2ab5c47f2c0ae09a10d8618ede01f45a9d71053c3c178afd9cd0ce16baf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 20:35:56 GMT
Via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 10 Nov 2021 20:33:41 GMT
Server
AmazonS3
Age
118393
ETag
"9bf79799b8a9ababe301a1b83186278b"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
29745
X-Amz-Cf-Id
hKKx30GPDtc-znUMyQxZLJEu1WCPjH2xodCaGK_pyY9DtLb-VxuFYA==
Grantville-file-photo.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/grantville-council-meeting-ends-without-agenda-or-quorum/_articlePhotoFeatured/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/grantville-council-meeting-ends-without-agenda-or-quorum/_articlePhotoFeatured/Grantville-file-photo.jpg?mtime=20211109160418
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1091e2295930212d24d4e3a94e13ba1fed9a59b33b2997bccd1e0f678920b475

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 11 Nov 2021 02:50:38 GMT
Via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 11 Nov 2021 02:26:07 GMT
Server
AmazonS3
Age
95911
ETag
"675d22512c2c18c7d09039e9659adee6"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
39895
X-Amz-Cf-Id
JvbRciYMwxPjW4J2Y3WUcJJxtGHVvWRti2Xh7qb_iDjwmJATo8Zzcg==
20211113-Marine-of-the-Year-372-w-pic.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/john-caldwell-named-coweta-fayette-marine-of-the-year/_articleInlineThumb/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/john-caldwell-named-coweta-fayette-marine-of-the-year/_articleInlineThumb/20211113-Marine-of-the-Year-372-w-pic.jpg?mtime=20211110122938
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8b7140dc41291d25aacedde3bb8a8444ab59cb993fb146beb0d1e830e5da1ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 11 Nov 2021 02:50:38 GMT
Via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efd.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 11 Nov 2021 02:21:30 GMT
Server
AmazonS3
Age
95911
ETag
"6d677fa2853e6c6730797101a5c24c7d"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
3448
X-Amz-Cf-Id
sfbmwpdvHGGm5YXNjV6VMTjoC0pAL3P7UX_ZgDsawzI8wkQh4flGkg==
20211106-authority-meter-jones.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/meter-shortage-impacting-coweta-water-authority/_articleInlineThumb/67802/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/meter-shortage-impacting-coweta-water-authority/_articleInlineThumb/67802/20211106-authority-meter-jones.jpg?mtime=20211109194117
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc591529831452815b49e6da1cbae54e7e5b735db677cb15179fef2c90e14764

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 03:26:15 GMT
Via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 10 Nov 2021 00:44:09 GMT
Server
AmazonS3
Age
180174
ETag
"a46545b4934b8365ce4fb9274f3f1685"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
2778
X-Amz-Cf-Id
NNutDMQ1x5NKUQkfGku_ZjSCKKF15Y1RLAF-z30_-GDBpYEDEULF2Q==
20211110-fiscsmallher-senior-rendering.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/county-denies-retirement-community-variances/_articleInlineThumb/67800/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/county-denies-retirement-community-variances/_articleInlineThumb/67800/20211110-fiscsmallher-senior-rendering.jpg?mtime=20211109191341
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
581b69c72c959619504267e69a81374230da12ed38f42be4574f2652609a08af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 03:26:15 GMT
Via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efd.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 10 Nov 2021 00:16:15 GMT
Server
AmazonS3
Age
180174
ETag
"6799e586e651d170748396569b0d2c64"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
2883
X-Amz-Cf-Id
hSR9_4ONh7qtDm2QGnVk3xRPb98uUHJCFUnSlB66AD7MoQwmQgcD1g==
20211110-justice-center.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/tax-relief-justice-center-repair-monument-request-before-commissioners/_articleInlineThumb/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/tax-relief-justice-center-repair-monument-request-before-commissioners/_articleInlineThumb/20211110-justice-center.jpg?mtime=20211109185836
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f97ca583d04035bbb0ea5f1f2f298abb9ae28dcc4261a93408aa0e931111300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 01:23:30 GMT
Via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 10 Nov 2021 00:03:43 GMT
Server
AmazonS3
Age
187539
ETag
"a82b41b024486ae940200a95f9cfecf9"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
4317
X-Amz-Cf-Id
dNwlA6S9hc5OdjO-MGLqmxYrWROhprtatV-0JT-NWDWRISU1elQtqw==
gray.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/newnan-welcomes-a-fine-dining-restaurant-graysons/_articlePhotoFeatured/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/newnan-welcomes-a-fine-dining-restaurant-graysons/_articlePhotoFeatured/gray.jpg?mtime=20211109110711
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5eaf05ffc6bfa41c2699ff795f500138b0cc7d7a784068fffe68ecb1419fbfad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 16:47:24 GMT
Via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 09 Nov 2021 16:09:37 GMT
Server
AmazonS3
Age
218505
ETag
"28061dcba909642102c3a3bae3f7cdf6"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
44835
X-Amz-Cf-Id
Nex5zC0T22cRKouqAYqzrJGwX_Cn7R84gtLs6vYG6_wxCK5nDTabGQ==
20211110-christmas-cards-1.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/bomber-girls-to-host-christmas-card-event-for-overseas-troops/_articleInlineThumb/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/bomber-girls-to-host-christmas-card-event-for-overseas-troops/_articleInlineThumb/20211110-christmas-cards-1.jpg?mtime=20211109161749
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca78fd91c1a8d1728a612132e65562f7d3a160787b839c99bbde20b21817dc01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 22:19:54 GMT
Via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 09 Nov 2021 21:20:29 GMT
Server
AmazonS3
Age
198555
ETag
"66343f2e602c2ec113482ee2f7177d56"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
4339
X-Amz-Cf-Id
bqiWiES-qVQJGUEv5NppO9UaUtqpkYp8RFNLC2JTa02VngkysCdbrA==
20211110-wally-2.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/pet-of-the-week-wally/_articleInlineThumb/67791/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/pet-of-the-week-wally/_articleInlineThumb/67791/20211110-wally-2.jpg?mtime=20211109160246
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
991d7e36f53d764f4fc88913216d30390563febaba6f4d203b4cd86487d37c24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 22:19:53 GMT
Via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efd.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 09 Nov 2021 21:05:42 GMT
Server
AmazonS3
Age
198556
ETag
"56b9f03c6a7701200029c167b17c57cc"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
3798
X-Amz-Cf-Id
X2jDFW4O4yTMldGqUCRHZ07CU-1WZoLwHQccAWfJTJwl_n-5pxkg6g==
Elijah-boyd-mug.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/swat-team-used-in-grantville-arrest/_articleInlineThumb/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/swat-team-used-in-grantville-arrest/_articleInlineThumb/Elijah-boyd-mug.jpg?mtime=20211109155924
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f3154bc00e1f14973185d5403f7ca44e2653f366faba400b367838bff8bbb24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 22:19:53 GMT
Via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 09 Nov 2021 21:02:21 GMT
Server
AmazonS3
Age
198556
ETag
"b54ee3296d90f4c25c70be7d99fa4b92"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
3575
X-Amz-Cf-Id
LNRVzQ110dl-soxQGo3kLPYWhrohblPecYCg73N369zkSjQ-Hbh8oQ==
20211110-Veterans-Day-discounts-WEB.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/free-meals-discounts-offered-for-veterans-day/_articleInlineThumb/67750/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/free-meals-discounts-offered-for-veterans-day/_articleInlineThumb/67750/20211110-Veterans-Day-discounts-WEB.jpg?mtime=20211109113830
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66284ad51096fc9f9978a815c30ff954a45429a32ffcd2b07125cbdb36df269e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 16:47:24 GMT
Via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 09 Nov 2021 16:45:45 GMT
Server
AmazonS3
Age
218504
ETag
"1c43cb5c40710647a5d7da00bca96add"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
4256
X-Amz-Cf-Id
YdnhFQ49hI7UYMtg0-BrsdYpGnAXPTlah0IFdv5_HgKPYPW0cEAJhQ==
20211103-NewnanLogo1.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/newnan-opens-arpa-application-process/_articleInlineThumb/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/newnan-opens-arpa-application-process/_articleInlineThumb/20211103-NewnanLogo1.jpg?mtime=20211109112426
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3710bca1a82a1b9d088cf05d2cca70cdf43852addd7c18d99970c225fc40d165

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 16:47:24 GMT
Via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 09 Nov 2021 16:38:41 GMT
Server
AmazonS3
Age
218505
ETag
"679f1fe8e6ce884671c3c156a5b1bc3f"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
3478
X-Amz-Cf-Id
PwM9IAJTi54D9opOczk0uzvcZpUmWUb9KGj8Cy4_io7FFtRZr1Jjhg==
Fatal-Crash.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/deputy-uninjured-in-head-on-collision-by-suspected-dui-driver/_articleInlineThumb/67734/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/deputy-uninjured-in-head-on-collision-by-suspected-dui-driver/_articleInlineThumb/67734/Fatal-Crash.jpg?mtime=20211108174948
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88e90c3e90e0fb549774fedcc2f3546f15dcd369645b6f51d03cd8aa4eca67ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 03:20:55 GMT
Via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Mon, 08 Nov 2021 22:50:08 GMT
Server
AmazonS3
Age
266893
ETag
"010edd30e27d7502ab008d4a789eb674"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
2566
X-Amz-Cf-Id
4T8G76inSjwPQdBDaFM5CwfkLzbfYzHpIqxYwsbfqNnKorLINcOKAg==
20211110-SewellRotary1.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/coweta-looking-to-develop-land-its-way/_articleInlineThumb/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/coweta-looking-to-develop-land-its-way/_articleInlineThumb/20211110-SewellRotary1.jpg?mtime=20211108172227
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afb308bc7e35827ae006e8ebc5fbab50b898b20611718acd5675e4ea5ed3c92e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 22:38:51 GMT
Via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efd.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Mon, 08 Nov 2021 22:22:58 GMT
Server
AmazonS3
Age
283818
ETag
"02a0d7cb69bac1f4c454a7a8a8aee4bb"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
3575
X-Amz-Cf-Id
qpKSU9YafCIKF8NK2O9tezpPLRDOI1abo_plSSrMgJ-PKffosV2TzQ==
amelia.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/bells-and-whistles-fifth-grade-cancer-survivor-celebrated-at-heritage-trinity-game/_frontSectionTopStory/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/bells-and-whistles-fifth-grade-cancer-survivor-celebrated-at-heritage-trinity-game/_frontSectionTopStory/amelia.jpg?mtime=20211105151046
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4629772d4a038c916f6dfc82da625ce6f407ee97f7c336aa913a94f11e34c1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 06 Nov 2021 06:00:25 GMT
Via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Sat, 06 Nov 2021 05:17:05 GMT
Server
AmazonS3
Age
516524
ETag
"7745703b97b8a1f0cc01ae70b23a1ba1"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
17510
X-Amz-Cf-Id
YeMvghpLlxmgvQpPETRfGo7r7YKYe5QV_5NDPHkP7Rl9htuKwiu0iQ==
8864531220_f100a977c5_b.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/max-cleland-dead-at-79-biden-others-pay-tribute-to-american-hero/_frontSectionTopStory/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/max-cleland-dead-at-79-biden-others-pay-tribute-to-american-hero/_frontSectionTopStory/8864531220_f100a977c5_b.jpg?mtime=20211109113706
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8210d763175441267564bdd86d0a932c9313964155aca17f1df5b02d80ccf1b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 16:47:25 GMT
Via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 09 Nov 2021 16:38:41 GMT
Server
AmazonS3
Age
218504
ETag
"6fa457f55161f7adf1dd5d1b72aa1624"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
12582
X-Amz-Cf-Id
lg0L8eo0NXKomJFaDquz6v7M3HRx2pw4rKu0SysUBBv-3amfbgcucA==
11-10-2021-EC-Newnan-012.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/east-coweta-wins-in-two-overtime-thriller/_frontSectionTopStory/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/east-coweta-wins-in-two-overtime-thriller/_frontSectionTopStory/11-10-2021-EC-Newnan-012.jpg?mtime=20211109141631
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa457267fd29dcf33428475a737156cf5805df40ee67bee8d7a7d309ca470765

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 20:56:00 GMT
Via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 10 Nov 2021 20:34:02 GMT
Server
AmazonS3
Age
117189
ETag
"76cd70a59b452591a22bc93f1343c71e"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
21291
X-Amz-Cf-Id
Uf5846xVO9jYi2DS7hA8gPdClQXOQq8nMQYlvvVmYfbdrWYWnK79ug==
20211110-WRES-1.jpg
d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/willis-road-celebrates-hispanic-heritage-month/_frontSectionTopStory/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/assets/photos/2021/willis-road-celebrates-hispanic-heritage-month/_frontSectionTopStory/20211110-WRES-1.jpg?mtime=20211108152526
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
223e8d52292b6faa0ed8d7e5b757ad20ab11db496184c0b25b7733a21a0657d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 02:07:49 GMT
Via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Mon, 08 Nov 2021 20:28:06 GMT
Server
AmazonS3
Age
271280
ETag
"f72f027febd821ae88799ac92beb652b"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
21812
X-Amz-Cf-Id
zqy0mLbch0FPMELcV-aP84e8IyIO7dKD_RFKxPNKbw7mJqoiY5tWfA==
embedcode.php
embed.sendtonews.com/player2/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player2/embedcode.php?fk=BxUBWx6L&cid=7795
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.208.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-208-58.compute-1.amazonaws.com
Software
Apache /
Resource Hash
70a794340737b2799b56919e27e430ba9c576b8484e8d93f6c3972f60b423f04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:08 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600, no-cache="set-cookie"
Connection
keep-alive
Content-Length
26263
Expires
Fri, 12 Nov 2021 06:29:08 GMT
embed.js
squareoffs.com/assets/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/assets/embed.js
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
8efe32c962f8079bea440dbbc69c87fa1004a2e830e3266907bd53aab0df0c92
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Tue, 02 Nov 2021 19:49:56 GMT
server
Cowboy
age
83172
x-served-by
cache-dca12926-DCA, cache-fra19171-FRA
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1636694948.196273,VS0,VE0
content-length
2414
x-cache-hits
1, 1
gtm.js
www.googletagmanager.com/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KBP9TLT
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
48bd13059915df71260813ff87c1db2be194b26305c9d173b0cb586627cadc95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37750
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Nov 2021 05:29:08 GMT
8f88e0b8a8c9e41112c9f7490a3adae9.js
d2s94cyhu2tzlj.cloudfront.net/prod/ 		184 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/prod/8f88e0b8a8c9e41112c9f7490a3adae9.js
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f2c88715db2a0f68137f7997ada24031a865c804f07a5d089896b50c23c0736

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 26 Oct 2021 19:05:45 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 19 Oct 2020 13:35:38 GMT
Server
AmazonS3
Age
1419804
ETag
"73f60d4f33a0e64967b8777beeec3610"
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=utf-8
Via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
67428
X-Amz-Cf-Id
Jh46P_0TDGxY7L_0m3EeAYWm93OdcXtCl0L1VXlTVB4CA8OMqJVRGw==
embed.js
downloads.mailchimp.com/js/signup-forms/popup/ 		126 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/js/signup-forms/popup/embed.js
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-78.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07442f2bc9e417e7e700d142493b5564d926d3b28a365632e87f9e0a1c992b70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:28:44 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Nov 2021 20:22:23 GMT
Server
AmazonS3
Age
25
ETag
W/"0685931cf1dde37f88e2e0520bb8fcdc"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA60-P1
X-Amz-Cf-Id
xG04pw_ABaEZnKt1snd8dVXycqnE0dZs0R711nNiltBcKQaz5cHpWQ==
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
5n0uRshoZisje9CcrTdQhbfCe+gQ31+LDS9qTYctiDoU5o3+UZ6R5iXh0hmsfRY00xGYOJs9CichxT9aeWVdXw==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Fri, 12 Nov 2021 05:29:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
nthmasthead.svg
d2s94cyhu2tzlj.cloudfront.net/static/global/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/static/global/nthmasthead.svg
Requested by
Host: d2s94cyhu2tzlj.cloudfront.net
URL: https://d2s94cyhu2tzlj.cloudfront.net/prod/ea0bfe10cb598cc0e6dfe5f9e723e1b0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
662be1aec354405a1e75dd23df3c1e5b019ed17745e3832f1e564ebdfe070515

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d2s94cyhu2tzlj.cloudfront.net/prod/ea0bfe10cb598cc0e6dfe5f9e723e1b0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 30 Oct 2021 08:30:31 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 19 Aug 2015 17:55:49 GMT
Server
AmazonS3
Age
1112318
ETag
"9c32b7f3f0b178522e0e325151feab9f"
X-Cache
Hit from cloudfront
Content-Type
image/svg+xml
Via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efd.cloudfront.net (CloudFront)
Cache-Control
max-age=3153600
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
2209
X-Amz-Cf-Id
78Q97x7-gNzLXQtAuTZlAiJgES0E89LzHxkSqLoVx7zJrQI_GbBmVA==
col-rule.png
d2s94cyhu2tzlj.cloudfront.net/static/global/ 		934 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/static/global/col-rule.png
Requested by
Host: d2s94cyhu2tzlj.cloudfront.net
URL: https://d2s94cyhu2tzlj.cloudfront.net/prod/ea0bfe10cb598cc0e6dfe5f9e723e1b0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2435386add96582c3e2deeb1ebfac41605d991f5863ff348c6c971e4de79fd96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d2s94cyhu2tzlj.cloudfront.net/prod/ea0bfe10cb598cc0e6dfe5f9e723e1b0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 18:20:42 GMT
Via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 19 May 2015 15:21:05 GMT
Server
AmazonS3
Age
2891307
ETag
"c94e67a6254f0644b6ea8f638d7eb50a"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age= 3153600
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
934
X-Amz-Cf-Id
IhNIDEmYOXj9REZ2oWITEDHB7J931ZIW3YNsQOy6POMREcbI-gLzcQ==
weather-icons.woff2
d2s94cyhu2tzlj.cloudfront.net/webfonts/weathericons/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/webfonts/weathericons/weather-icons.woff2
Requested by
Host: d2s94cyhu2tzlj.cloudfront.net
URL: https://d2s94cyhu2tzlj.cloudfront.net/prod/ea0bfe10cb598cc0e6dfe5f9e723e1b0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91c556fc678409fcee869c4a660246f66a861908fcdfaff5b352ed3d90da1940

Request headers

Referer
https://d2s94cyhu2tzlj.cloudfront.net/prod/ea0bfe10cb598cc0e6dfe5f9e723e1b0.css
Origin
https://times-herald.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 02 Sep 2021 09:59:37 GMT
Via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
Vary
Origin
Age
6118172
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
43316
Last-Modified
Tue, 11 Aug 2015 15:21:48 GMT
Server
AmazonS3
ETag
"3be6ac3c95e47aeedb0fa5654fd68be9"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
https://times-herald.com
Cache-Control
max-age=31536000
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
X-Amz-Cf-Id
8imy6zc5-7MJud47aybAbfdmr2-oMsNtuIlcqSorbkhMWWWBGXpGCA==
nth-fa-custom.woff
d2s94cyhu2tzlj.cloudfront.net/webfonts/nth-fa-custom/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/webfonts/nth-fa-custom/nth-fa-custom.woff?25767524
Requested by
Host: d2s94cyhu2tzlj.cloudfront.net
URL: https://d2s94cyhu2tzlj.cloudfront.net/prod/ea0bfe10cb598cc0e6dfe5f9e723e1b0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05f3e95ba069fb772d08cd0f9ad4acc5f82d831bf33c336401d2480709e8c080

Request headers

Referer
https://d2s94cyhu2tzlj.cloudfront.net/prod/ea0bfe10cb598cc0e6dfe5f9e723e1b0.css
Origin
https://times-herald.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 07:02:48 GMT
Via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
Vary
Origin
Age
24359181
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
5516
Last-Modified
Thu, 27 Aug 2015 13:57:24 GMT
Server
AmazonS3
ETag
"2b8346732ed48c730fd7c4127cf56d5a"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://times-herald.com
Cache-Control
max-age=31536000
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
X-Amz-Cf-Id
5IQXpEDHE7SlYTd4AFWQCwzvqZsVYGai9FLi2MmSg9OXSgdasSIHMg==
/
player.sendtonews.com/version/ 		207 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/version/?jsonp
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player2/embedcode.php?fk=BxUBWx6L&cid=7795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
63c532c87ea8dcea9132f76536342b6b2cefcf2804dd3e32c475329b2e6322b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:24:54 GMT
content-encoding
gzip
server
Apache
age
254
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600, no-cache="set-cookie"
x-amz-cf-pop
FRA60-P4
content-length
180
via
1.1 9c920cc684a38b53bc9c7a44ba794875.cloudfront.net (CloudFront)
x-amz-cf-id
yZEPC6Fh0LjNQOPizwksj2RJ8qX7htvaZZkY_Y-SHTcgoXtbkbdlgA==
expires
Fri, 12 Nov 2021 05:34:54 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151509
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0be76c911338a04a147d23494fe0bba1e96cb78a4c6efce737b072466c8a346

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2990
etag
W/"f5b476c39d3850a1e9c745df927a7adc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6acd5c63fe0b2bdd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 15 Nov 2021 05:29:08 GMT
5792.js
ad.broadstreetads.com/ndisplay/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.broadstreetads.com/ndisplay/5792.js
Requested by
Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.175.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-175-67.compute-1.amazonaws.com
Software
/
Resource Hash
190bc06195a2bebf1bc07b2dcc1605a1cc8f0eb51e76be183a03f4f4117aadab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:08 GMT
Connection
keep-alive
Content-Length
1187
x-hostname
ip-10-154-142-108
content-type
application/javascript
21442
squareoffs.com/square_offs/ Frame 8460 		57 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/square_offs/21442
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2c5366109a81134583eeb2834c0deeb514064ce1ba4c0e0948bd63fc69bc965e
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosnif
X-Frame-Options ALLOWALL
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/

Response headers

server
Cowboy
x-frame-options
ALLOWALL
x-xss-protection
0
x-content-type-options
nosnif
cache-control
max-age=30, public
expires
Fri, 12 Nov 2021 05:29:38 GMT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-request-method
*
etag
W/"2c5366109a81134583eeb2834c0deeb5"
x-request-id
168bd4d1-71b5-4d39-8ff8-d930fae85f7a
x-runtime
0.072084
content-encoding
gzip
via
1.1 vegur, 1.1 varnish, 1.1 varnish
accept-ranges
bytes
date
Fri, 12 Nov 2021 05:29:08 GMT
x-served-by
cache-dca17771-DCA, cache-fra19171-FRA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1636694948.497408,VS0,VE175
vary
Accept-Encoding
strict-transport-security
max-age=300
post-robot.min.js
cdn.jsdelivr.net/npm/post-robot@10.0.31/dist/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/post-robot@10.0.31/dist/post-robot.min.js
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/assets/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dbaf56c796ee1e2933a62a06955905bd61e6f4d9092f063fa1738d6fe4a9193
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1499911
x-jsd-version
10.0.31
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19179-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"8c91-4tolZ9EHvQcS/uS8uVDaaleUth0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6acd5c643b40d6b5-FRA
363111547455573
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/363111547455573?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0acb9c8e2e3b21b4e5f48f6eb5b3cac7149e724232e67bc6c273d83b14ec066e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
n8fT33TsbALhwApsjKslG5T8akpZgDI4D5YpppjfkqmYYU40vcPVpz2r2nAvnmZGo4g4hx0NiAE2kyORL2OSYg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 12 Nov 2021 05:29:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
load
experience.tinypass.com/xbuilder/experience/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=4bp4mEttTF
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd045dfe8ef608f8d54ae683d69c4e08749c96f28e1a40d993401c0a4572f8e3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
EXPIRED
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id
Ckw1g2rdrOR
wn
prod-exp-10-0-130-6
last-modified
Fri, 12 Nov 2021 04:34:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
6acd5c649c2205f5-FRA
expires
Fri, 12 Nov 2021 05:59:08 GMT
form-settings
mc.us12.list-manage.com/subscribe/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.us12.list-manage.com/subscribe/form-settings?u=72f29daac33de73c50c99c8bc&id=37f7b9474a&u=72f29daac33de73c50c99c8bc&id=37f7b9474a&c=dojo_request_script_callbacks.dojo_request_script0
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.101.44.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-44-28.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
1b172c33320977042fc6e37fd600373d29ae77eb1afd67e399a65f1a4a67bdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
167
date
Fri, 12 Nov 2021 05:29:08 GMT
content-encoding
gzip
referrer-policy
same-origin
server
openresty
x-edgeconnect-midmile-rtt
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=300
x-ua-compatible
IE=edge,chrome=1
content-length
793
expires
Fri, 12 Nov 2021 05:34:08 GMT
l
use.typekit.net/af/86cd00/00000000000000003b9aec1f/27/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/86cd00/00000000000000003b9aec1f/27/l?primer=b997bcdf54b83a9f7b731c29130c4fbe326c83acb7cf220896c6041d3c02ba6a&fvd=n7&v=3
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9ffc522475e2de27b5bf1d3e219a1701265e0fc639b5313626ddb041ebd3872d

Request headers

Referer
https://times-herald.com/
Origin
https://times-herald.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
server
nginx
etag
"4e5f6daa9c3fb146b0071421a3b025bc144189d2"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
14756
l
use.typekit.net/af/05ec1c/00000000000000003b9aec29/27/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/05ec1c/00000000000000003b9aec29/27/l?primer=b997bcdf54b83a9f7b731c29130c4fbe326c83acb7cf220896c6041d3c02ba6a&fvd=n6&v=3
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
137ff45ced6e6b7a4ead6d15d218769a5fd10d4a08ce6b68936e4a029b72b8f8

Request headers

Referer
https://times-herald.com/
Origin
https://times-herald.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
server
nginx
etag
"0c03d466527ba65308822129f66f0ee8887ed470"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
14396
l
use.typekit.net/af/c46c3a/00000000000000003b9aec23/27/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/c46c3a/00000000000000003b9aec23/27/l?primer=b997bcdf54b83a9f7b731c29130c4fbe326c83acb7cf220896c6041d3c02ba6a&fvd=n3&v=3
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2d17c4fb02d2990b4e2c5d7dbf85041145f5fa81f576a02b180aadeaf3df060c

Request headers

Referer
https://times-herald.com/
Origin
https://times-herald.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
server
nginx
etag
"f1043f05469dc3693b9c360e7983339be5bb4730"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
14380
l
use.typekit.net/af/de0ac1/000000000000000000013146/27/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/de0ac1/000000000000000000013146/27/l?primer=b997bcdf54b83a9f7b731c29130c4fbe326c83acb7cf220896c6041d3c02ba6a&fvd=n4&v=3
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
006dfcbdd4e2e23ab1a3f0415b9ede78173efe2e0476b43c4ad95a8d481b6c96

Request headers

Referer
https://times-herald.com/
Origin
https://times-herald.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
server
nginx
etag
"9d91ee80bcc5507543ccee1e4a8ba9509733c9c3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23684
l
use.typekit.net/af/3f55d3/00000000000000000001313f/27/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3f55d3/00000000000000000001313f/27/l?primer=b997bcdf54b83a9f7b731c29130c4fbe326c83acb7cf220896c6041d3c02ba6a&fvd=n7&v=3
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
827fc7cb94efc75845045480ec2a9a7723b6157ec678cae0029fad2155ecc67f

Request headers

Referer
https://times-herald.com/
Origin
https://times-herald.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
server
nginx
etag
"86045b1404ff31a873d2389f09a55fd139f88f9c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23732
l
use.typekit.net/af/02f053/00000000000000000001302c/27/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/02f053/00000000000000000001302c/27/l?primer=b997bcdf54b83a9f7b731c29130c4fbe326c83acb7cf220896c6041d3c02ba6a&fvd=n6&v=3
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3555d0ef36a1e60c440af1a787b4c3c094370c4c2dcb18dce0c3d5c29358414b

Request headers

Referer
https://times-herald.com/
Origin
https://times-herald.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
server
nginx
etag
"e4d84c4c621304a1ff8123a1a43a5547941e652d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24044
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBP9TLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5314
date
Fri, 12 Nov 2021 04:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 12 Nov 2021 06:00:34 GMT
player.js
player.sendtonews.com/player7/player/65.21.7/ Frame 5294 		239 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/player7/player/65.21.7/player.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player2/embedcode.php?fk=BxUBWx6L&cid=7795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
1f57283f1effa064246ba12189917ca27257218dc007962791c399a067753a69

Request headers

Referer
https://times-herald.com/
Origin
https://times-herald.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:26:25 GMT
content-encoding
gzip
age
163
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 04 Nov 2021 01:34:19 GMT
server
Apache
etag
"3bdb4-5cfec867b1cc0-gzip"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 02cd8164e89a1598d410a9198582d47d.cloudfront.net (CloudFront)
cache-control
max-age=3600, no-cache="set-cookie"
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-amz-cf-id
-BF3cfKxJuFXBhYhmCk6XxCmpE_9uYMdopNpexsQCJr0Jl9TJTckeg==
expires
Fri, 12 Nov 2021 06:26:25 GMT
web
onesignal.com/api/v1/sync/f1b2d330-0153-4b42-b0d8-3f7b0cb52493/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/f1b2d330-0153-4b42-b0d8-3f7b0cb52493/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151509
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12cb22da0710689f532ad62a3a154d27021dc0c424367d4c1269447499e507ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
status
200 OK
x-envoy-upstream-service-time
27
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
b2261844-8ab8-4222-94d4-a9dc82a7537b
x-runtime
0.026192
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"12cb22da0710689f532ad62a3a154d27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6acd5c650f322bdd-FRA
access-control-allow-headers
SDK-Version
expires
Fri, 12 Nov 2021 06:29:08 GMT
p.gif
p.typekit.net/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=axy8tgd&ht=tk&h=times-herald.com&f=139.173.5474.9869.9871.18190&a=83428305&js=1.20.0&app=typekit&e=js&_=1636694948267
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
last-modified
Wed, 02 Sep 2020 03:58:21 GMT
server
nginx
etag
"5f4f185d-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1586629529&t=pageview&_s=1&dl=https%3A%2F%2Ftimes-herald.com%2F&ul=en-us&de=UTF-8&dt=The%20Newnan%20Times-Herald&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=18936759&gjid=1401408280&cid=337475894.1636694948&tid=UA-134257521-1&_gid=107204986.1636694948&_r=1&gtm=2wgba1KBP9TLT&z=1290393970
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://times-herald.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 05:29:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://times-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=363111547455573&ev=PageView&dl=https%3A%2F%2Ftimes-herald.com%2F&rl=&if=false&ts=1636694948337&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636694948334.1840821239&it=1636694948108&coo=false&exp=p0&rqm=GET
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Fri, 12 Nov 2021 05:29:08 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-134257521-1&cid=337475894.1636694948&jid=18936759&gjid=1401408280&_gid=107204986.1636694948&_u=YEBAAAAAAAAAAC~&z=648592360
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://times-herald.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 12 Nov 2021 05:29:08 GMT
content-type
text/plain
access-control-allow-origin
https://times-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
embeds-fb800dfa34a15a03607c5580d368033cdc9e250f73fbbcdc2b45b75f41b8af00.css
squareoffs.com/assets/square_offs/ Frame 8460 		813 KB
163 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/assets/square_offs/embeds-fb800dfa34a15a03607c5580d368033cdc9e250f73fbbcdc2b45b75f41b8af00.css
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/square_offs/21442
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
387a7f151716f87d8428dec2ad8d20ed98939e957d1ee2f66670d7930893652d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://squareoffs.com/square_offs/21442
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
vary
Accept-Encoding
age
212901
x-cache
HIT, HIT
content-encoding
gzip
content-length
166399
x-served-by
cache-dca17748-DCA, cache-fra19171-FRA
last-modified
Tue, 20 Jul 2021 22:30:20 GMT
server
Cowboy
x-timer
S1636694949.749677,VS0,VE1
strict-transport-security
max-age=300
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
x-cache-hits
1, 1
pa-5f34403c146aea001500088f.js
rum-static.pingdom.net/ Frame 8460 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rum-static.pingdom.net/pa-5f34403c146aea001500088f.js
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/square_offs/21442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:14ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e18c8696764b459f2852bb672fe2e5e84920c13325840f3c9ce7e0ecb018630d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 11 May 2021 14:01:36 GMT
server
cloudflare
etag
W/"609a8e40-1852"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
6acd5c65ef324303-FRA
expires
Fri, 12 Nov 2021 05:34:08 GMT
download.jpg
assets.squareoffs.com/profiles/avatars/1573269/large/1634078940/ Frame 8460 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.squareoffs.com/profiles/avatars/1573269/large/1634078940/download.jpg?1634078940
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/square_offs/21442
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
968bb33d346e841f43ef36dc46d92b1529667f4bea4522ef4b3f5f3cfd2c1dc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
fastly-io-info
ifsz=7921 idim=400x400 ifmt=jpeg ofsz=3874 odim=400x400 ofmt=webp
fastly-stats
io=1
content-length
3874
x-amz-id-2
gTUxn0Px11nXIxRbDv4tc0/bQVipH0aeFArHcwrNkXB8Ax6z4OnBYd8L0dmtBPIODf+E3nx55SQ=
x-served-by
cache-dca17755-DCA, cache-fra19121-FRA
server
AmazonS3
x-timer
S1636694949.864234,VS0,VE89
etag
"+7vSfKf24D4KpSRIwKgksgp/zJfK44r0eFLfvkQjPv0"
vary
Accept
x-amz-request-id
MZPN0KGX1SQBZR6B
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 0
white-check-b033528103f70b1fc86db574626282c1aad0364701a0913659ab70747655455d.svg
squareoffs.com/assets/ Frame 8460 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squareoffs.com/assets/white-check-b033528103f70b1fc86db574626282c1aad0364701a0913659ab70747655455d.svg
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/square_offs/21442
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
b033528103f70b1fc86db574626282c1aad0364701a0913659ab70747655455d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://squareoffs.com/square_offs/21442
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Thu, 14 Sep 2017 14:19:55 GMT
server
Cowboy
age
594633
x-served-by
cache-dca17747-DCA, cache-fra19171-FRA
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
image/svg+xml
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1636694949.794583,VS0,VE1
content-length
1639
x-cache-hits
1, 1
comment-bubble-icon-284f18323f6d4447450f7e91af3e577d448282f120f7feb6ac3167695728d265.svg
squareoffs.com/assets/ Frame 8460 		952 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squareoffs.com/assets/comment-bubble-icon-284f18323f6d4447450f7e91af3e577d448282f120f7feb6ac3167695728d265.svg
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/square_offs/21442
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
284f18323f6d4447450f7e91af3e577d448282f120f7feb6ac3167695728d265
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://squareoffs.com/square_offs/21442
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Thu, 14 Sep 2017 14:19:55 GMT
server
Cowboy
age
158078
x-served-by
cache-dca17735-DCA, cache-fra19171-FRA
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
image/svg+xml
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1636694949.795284,VS0,VE1
content-length
952
x-cache-hits
1, 1
SOProfile-cb5798a284da490e620ff00069f852bc690799e2af53b40c7e2f03209dd8a3e5.svg
squareoffs.com/assets/ Frame 8460 		581 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squareoffs.com/assets/SOProfile-cb5798a284da490e620ff00069f852bc690799e2af53b40c7e2f03209dd8a3e5.svg
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/square_offs/21442
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
cb5798a284da490e620ff00069f852bc690799e2af53b40c7e2f03209dd8a3e5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://squareoffs.com/square_offs/21442
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Fri, 29 May 2020 23:34:00 GMT
server
Cowboy
age
350420
x-served-by
cache-dca17737-DCA, cache-fra19171-FRA
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
image/svg+xml
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1636694949.795340,VS0,VE1
content-length
581
x-cache-hits
1, 1
data
assets.squareoffs.com/profiles/avatars/1574390/thumb/1636635535/ Frame 8460 		252 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.squareoffs.com/profiles/avatars/1574390/thumb/1636635535/data?1636635535
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/square_offs/21442
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a02055bc0120f18ffc9878ec1dc0f672380f9314b8d393208d276bae99dfe557

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
fastly-io-info
ifsz=598 idim=48x48 ifmt=png ofsz=252 odim=48x48 ofmt=webp
fastly-stats
io=1
content-length
252
x-amz-id-2
m37oFNywYmrNlnPU79fKV02Lda5s+0CBctJTD8j+eaugwQ1jLc8nqVGKZJvES4vMvrniZiXeIP4=
x-served-by
cache-dca12923-DCA, cache-fra19121-FRA
server
AmazonS3
x-timer
S1636694949.864293,VS0,VE88
etag
"JuSmooNhOrU1Idn9l934bQfQk2e+0x9WSIxfzATED7M"
vary
Accept
x-amz-request-id
3VV0KHH1EHEYKP5E
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 0
quote_15x29-bb59c96162ef122895d28efcb5b80b483cf15582fade93b8597eb9f6a3bc96d4.svg
squareoffs.com/assets/ Frame 8460 		588 B
685 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squareoffs.com/assets/quote_15x29-bb59c96162ef122895d28efcb5b80b483cf15582fade93b8597eb9f6a3bc96d4.svg
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/square_offs/21442
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
bb59c96162ef122895d28efcb5b80b483cf15582fade93b8597eb9f6a3bc96d4
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://squareoffs.com/square_offs/21442
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Thu, 14 Sep 2017 14:19:55 GMT
server
Cowboy
age
158799
x-served-by
cache-dca17733-DCA, cache-fra19171-FRA
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
image/svg+xml
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1636694949.795584,VS0,VE1
content-length
588
x-cache-hits
1, 1
data
assets.squareoffs.com/profiles/avatars/1574375/thumb/1636574124/ Frame 8460 		494 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.squareoffs.com/profiles/avatars/1574375/thumb/1636574124/data?1636574124
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/square_offs/21442
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
741a8f6f62f6d725ff2491b6d5b9099b17d5eae7c7bc78ed1d75c849171ed66e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
fastly-io-info
ifsz=1033 idim=48x48 ifmt=png ofsz=494 odim=48x48 ofmt=webp
fastly-stats
io=1
content-length
494
x-amz-id-2
3q+GuLmaO3XciH5PmsoulF1VLacDYaXc71gjORnWGR9nBF3ZeDcLJHWieqBBvocJY4N587BatVw=
x-served-by
cache-dca17723-DCA, cache-fra19121-FRA
server
AmazonS3
x-timer
S1636694949.864509,VS0,VE92
etag
"yg1apKTX6Orla5YjKq1XTRb/YEC23d74KQbEm0OpDmE"
vary
Accept
x-amz-request-id
G3AWENH4H89XPYNN
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 0
squareoffs_diamond_BW_white_30-f631c09cb282ac1ff389e485ff4c31cb1004ac5e3875d455511cde967e032acb.png
squareoffs.com/assets/ Frame 8460 		918 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squareoffs.com/assets/squareoffs_diamond_BW_white_30-f631c09cb282ac1ff389e485ff4c31cb1004ac5e3875d455511cde967e032acb.png
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/square_offs/21442
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
0c1a06dcea4b23f87b80587a7a2f8e1d74c4ec7d6607d536b1dff2e8580129f8
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://squareoffs.com/square_offs/21442
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
age
2504182
x-cache
HIT, HIT
fastly-io-info
ifsz=1676 idim=35x34 ifmt=png ofsz=918 odim=35x34 ofmt=webp
fastly-stats
io=1
content-length
918
x-served-by
cache-dca17720-DCA, cache-fra19171-FRA
server
Cowboy
x-timer
S1636694949.795635,VS0,VE1
etag
"+JgykenlQOzRLysGzC4Yykey2WxDfNwTAwQxZqwCxlE"
vary
Accept
strict-transport-security
max-age=300
content-type
image/webp
cache-control
max-age=2592000, public
accept-ranges
bytes
x-cache-hits
1, 1
post-robot.min.js
cdn.jsdelivr.net/npm/post-robot@10.0.31/dist/ Frame 8460 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/post-robot@10.0.31/dist/post-robot.min.js
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/square_offs/21442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dbaf56c796ee1e2933a62a06955905bd61e6f4d9092f063fa1738d6fe4a9193
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1499911
x-jsd-version
10.0.31
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19179-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"8c91-4tolZ9EHvQcS/uS8uVDaaleUth0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6acd5c65fcd4d6b5-FRA
embedded_square_off-e9dcd362fc7e0369ee7d6c33bed757ac80d7f5ede16fae9b6d4a72c1c2dc6d32.js
squareoffs.com/assets/ Frame 8460 		375 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/assets/embedded_square_off-e9dcd362fc7e0369ee7d6c33bed757ac80d7f5ede16fae9b6d4a72c1c2dc6d32.js
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/square_offs/21442
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
e9dcd362fc7e0369ee7d6c33bed757ac80d7f5ede16fae9b6d4a72c1c2dc6d32
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://squareoffs.com/square_offs/21442
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
vary
Accept-Encoding
age
76913
x-cache
HIT, HIT
content-encoding
gzip
content-length
112392
x-served-by
cache-dca12921-DCA, cache-fra19171-FRA
last-modified
Wed, 24 Mar 2021 01:56:06 GMT
server
Cowboy
x-timer
S1636694949.794507,VS0,VE1
strict-transport-security
max-age=300
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
x-cache-hits
1, 1
187621-164323601241456.js
js-sec.indexww.com/ht/p/ Frame 5294 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Nov 2021 04:36:55 GMT
Server
Apache
ETag
"da218d-9a4f-5d090024a9820"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=732
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
13270
Expires
Fri, 12 Nov 2021 05:41:20 GMT
data_read.php
embed.sendtonews.com/player4/ Frame 5294 		41 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=5Ly84TZuwEdyoIyi&instance=886404&version=65.21.7&age=211112&ESG_key=BxUBWx6L&type=full&EXTREF=https://times-herald.com/&REF=https://times-herald.com/&ogSet=1
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.208.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-208-58.compute-1.amazonaws.com
Software
Apache /
Resource Hash
24a5221f6ad7101792858297af0895a737ca1449147d9efff12f80211c55a824

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:09 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1, no-cache="set-cookie"
Connection
keep-alive
Content-Length
7671
Expires
Fri, 12 Nov 2021 05:29:10 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5294 		368 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125138
x-xss-protection
0
expires
Fri, 12 Nov 2021 05:29:08 GMT
video.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/ Frame 5294 		524 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f66c72eba2fc065baa8d7efee6e00af0dbc191d553f4bfa46369a0ee6be00020
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
597111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
123688
timing-allow-origin
*
last-modified
Tue, 26 Jan 2021 19:48:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6010721a-8304e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfCcU1%2BAwSouqhmIKvJHGYdVsdbKyoF%2FOzmQBxCBcI6Oc2LbuufiidI7vo1B6%2FbDQV3RQo1smE9U4oNaVav6vpCjYdXAGgpgHjvr16sV3CZrn5nClj6h6sG2woQqjuTXdWcyHdcIG0W6aRWT2TxcEfEM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6acd5c660a8b4e3e-FRA
expires
Wed, 02 Nov 2022 05:29:08 GMT
iscroll.min.js
cdnjs.cloudflare.com/ajax/libs/iScroll/5.2.0/ Frame 5294 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iScroll/5.2.0/iscroll.min.js
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95ea62b1500600dbaf8354a2a2a8f0f9e9d023217c53bb215a9aaa0524a44efb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3751925
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7559
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:10 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9e-80dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ar91TVM2ax0vNOSeRV%2FPIvsGaJzOrLbPZatZwTEYjRwhjlgb2bho9utOiHZ3fSOyiKRJGsI5k7AHsR%2F1Ce0IVDb3NSMvVHAgEmkHN9RI9mFaLZhaRZbrDPcolE2oEaYYKZAO9Ip6EOIc7qckbvu5RjoK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6acd5c660a8d4e3e-FRA
expires
Wed, 02 Nov 2022 05:29:08 GMT
comScore.gt.min.js
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame 5294 		335 KB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 18:29:38 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jan 2020 23:25:25 GMT
server
AmazonS3
age
39574
etag
"4a51b8991a6b67323936c2eb62e3518e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
342796
x-amz-cf-id
904EbfAFLzlcPIVGI3rNg3C-lhQaCC8EhiHvFY0itEAvqDR8T9rCxw==
prebid.js
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/ Frame 5294 		230 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7adc0e82d10de0c5af74d068b95973ff1528ff242d6e35390d3d5ef718291471

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:19:37 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 16:52:33 GMT
server
AmazonS3
age
4179
etag
W/"0d9ef44ff3701f373f18205e7e1bc16a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
5uZ4OcwqbEs4FfFX1JfI0nBs9UHIMHtYdJED2_itMG9Zg1hYoMrUxQ==
css
fonts.googleapis.com/ Frame 5294 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2c347d58c696d6e371b92485f7705ffe574ed5eff3758f6fd919e6241caf19f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 04:26:06 GMT
server
ESF
date
Fri, 12 Nov 2021 05:29:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Nov 2021 05:29:08 GMT
video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/ Frame 5294 		39 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video-js.min.css
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da3370ea81bf9fec16d0edc044663f919e8662c07c1d9e1e346c139f3e3aa0d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1224576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9062
timing-allow-origin
*
last-modified
Tue, 26 Jan 2021 19:48:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6010721a-9c87"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EF6bCGzrWpvbYSBiS2t5xiHS1Uv9JpEWy34LxBOg7tUSZTcl3hkcymv8AlIZlRaUO6jcPGakpEIyKyODI6QiVaLN0HFOqxx7Vtwlpy9610BXv%2Bcewk2MT%2FiL%2BuzP739oEfBUSNXkVUs7q%2FHHhAr796Aq"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6acd5c660a894e3e-FRA
expires
Wed, 02 Nov 2022 05:29:08 GMT
stn_trk.gif
s2l.sendtonews.com/ Frame 5294 		26 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=5Ly84TZuwEdyoIyi&instance=886404&version=65.21.7&age=211112&cmd=PRE_INIT&key=BxUBWx6L&order=1&EXTREF=https://times-herald.com/&REF=https://times-herald.com/&canonical=https://times-herald.com/
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.5.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-5-11.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:09 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
tinypass.min.js
cdn.tinypass.com/api/ 		395 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=4bp4mEttTF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
050b148131dfe07343c59b0638b6ee9e1357c61734b00c436183c7ec1810263b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
15
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wn
prod-dash-10-0-132-103
last-modified
Thu, 11 Nov 2021 14:27:42 GMT
server
cloudflare
etag
W/"404565-1636640862000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.000
cache-control
public, max-age=7200
cf-ray
6acd5c663e3205f5-FRA
expires
Fri, 12 Nov 2021 07:29:08 GMT
Logo-343c6a748ac336ca96afdf9d72fdeb3d70f1478434f3566ae459fd1707da8d18.svg
squareoffs.com/assets/ Frame 8460 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squareoffs.com/assets/Logo-343c6a748ac336ca96afdf9d72fdeb3d70f1478434f3566ae459fd1707da8d18.svg
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/square_offs/21442
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
343c6a748ac336ca96afdf9d72fdeb3d70f1478434f3566ae459fd1707da8d18
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://squareoffs.com/square_offs/21442
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Thu, 14 Sep 2017 14:19:55 GMT
server
Cowboy
age
604576
x-served-by
cache-dca17769-DCA, cache-fra19171-FRA
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
image/svg+xml
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1636694949.813400,VS0,VE1
content-length
7797
x-cache-hits
1, 1
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-134257521-1&cid=337475894.1636694948&jid=18936759&_u=YEBAAAAAAAAAAC~&z=1142648930
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 05:29:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-134257521-1&cid=337475894.1636694948&jid=18936759&_u=YEBAAAAAAAAAAC~&z=1142648930
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 05:29:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 8460 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/square_offs/21442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5314
date
Fri, 12 Nov 2021 04:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 12 Nov 2021 06:00:34 GMT
quant.js
secure.quantserve.com/ Frame 8460 		0
0
proximanova-regular-webfont-a3dd3c312a0b1fe05a7ca3f47ffb8eb8f8f20f20ad89acfb22587d0950797d43.woff
squareoffs.com/assets/ Frame 8460 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/assets/proximanova-regular-webfont-a3dd3c312a0b1fe05a7ca3f47ffb8eb8f8f20f20ad89acfb22587d0950797d43.woff
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/assets/square_offs/embeds-fb800dfa34a15a03607c5580d368033cdc9e250f73fbbcdc2b45b75f41b8af00.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
a3dd3c312a0b1fe05a7ca3f47ffb8eb8f8f20f20ad89acfb22587d0950797d43
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://squareoffs.com/assets/square_offs/embeds-fb800dfa34a15a03607c5580d368033cdc9e250f73fbbcdc2b45b75f41b8af00.css
Origin
https://squareoffs.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Thu, 14 Sep 2017 14:19:55 GMT
server
Cowboy
age
83153
x-served-by
cache-dca17750-DCA, cache-fra19171-FRA
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
application/font-woff
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1636694949.950723,VS0,VE1
content-length
23956
x-cache-hits
1, 1
share-12x12-94155bf0e642b3c87d1f2b225bf5a40a34ac6a436fac465f9c6f53fa20dbd163.svg
squareoffs.com/assets/ Frame 8460 		965 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squareoffs.com/assets/share-12x12-94155bf0e642b3c87d1f2b225bf5a40a34ac6a436fac465f9c6f53fa20dbd163.svg
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/assets/square_offs/embeds-fb800dfa34a15a03607c5580d368033cdc9e250f73fbbcdc2b45b75f41b8af00.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
94155bf0e642b3c87d1f2b225bf5a40a34ac6a436fac465f9c6f53fa20dbd163
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://squareoffs.com/assets/square_offs/embeds-fb800dfa34a15a03607c5580d368033cdc9e250f73fbbcdc2b45b75f41b8af00.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Thu, 14 Sep 2017 14:19:55 GMT
server
Cowboy
age
84971
x-served-by
cache-dca17722-DCA, cache-fra19171-FRA
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
image/svg+xml
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1636694949.968515,VS0,VE1
content-length
965
x-cache-hits
1, 1
proximanova-light-webfont-85dfe57bc8a34df8e5525df72f2bc17e4c10d7938c7cacb7fe11e73ee8dd5dd8.woff
squareoffs.com/assets/ Frame 8460 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/assets/proximanova-light-webfont-85dfe57bc8a34df8e5525df72f2bc17e4c10d7938c7cacb7fe11e73ee8dd5dd8.woff
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/assets/square_offs/embeds-fb800dfa34a15a03607c5580d368033cdc9e250f73fbbcdc2b45b75f41b8af00.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
85dfe57bc8a34df8e5525df72f2bc17e4c10d7938c7cacb7fe11e73ee8dd5dd8
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://squareoffs.com/assets/square_offs/embeds-fb800dfa34a15a03607c5580d368033cdc9e250f73fbbcdc2b45b75f41b8af00.css
Origin
https://squareoffs.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Thu, 14 Sep 2017 14:19:55 GMT
server
Cowboy
age
364216
x-served-by
cache-dca17748-DCA, cache-fra19171-FRA
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
application/font-woff
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1636694949.969369,VS0,VE1
content-length
26400
x-cache-hits
1, 1
fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
squareoffs.com/assets/ Frame 8460 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/assets/fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/assets/square_offs/embeds-fb800dfa34a15a03607c5580d368033cdc9e250f73fbbcdc2b45b75f41b8af00.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://squareoffs.com/assets/square_offs/embeds-fb800dfa34a15a03607c5580d368033cdc9e250f73fbbcdc2b45b75f41b8af00.css
Origin
https://squareoffs.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Thu, 14 Sep 2017 14:21:35 GMT
server
Cowboy
age
419079
x-served-by
cache-dca17782-DCA, cache-fra19171-FRA
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
application/font-woff2
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1636694949.969598,VS0,VE0
content-length
77160
x-cache-hits
2, 10
proximanova-semibold-webfont-07a0545c00ecfd98dfa3f8a6dff5451780a679455680e517cec826b92ba6be4d.woff2
squareoffs.com/assets/ Frame 8460 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/assets/proximanova-semibold-webfont-07a0545c00ecfd98dfa3f8a6dff5451780a679455680e517cec826b92ba6be4d.woff2
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/assets/square_offs/embeds-fb800dfa34a15a03607c5580d368033cdc9e250f73fbbcdc2b45b75f41b8af00.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
07a0545c00ecfd98dfa3f8a6dff5451780a679455680e517cec826b92ba6be4d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://squareoffs.com/assets/square_offs/embeds-fb800dfa34a15a03607c5580d368033cdc9e250f73fbbcdc2b45b75f41b8af00.css
Origin
https://squareoffs.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:08 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Thu, 14 Sep 2017 14:19:55 GMT
server
Cowboy
age
553915
x-served-by
cache-dca17744-DCA, cache-fra19171-FRA
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
application/font-woff2
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1636694949.969736,VS0,VE1
content-length
20784
x-cache-hits
1, 1
popup.js
downloads.mailchimp.com/js/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/js/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-78.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
650e65709312c691110957b8a8cc1609ac7b5685f265e1e06f389d271da4fedf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:28:14 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 May 2020 15:07:49 GMT
Server
AmazonS3
Age
75
ETag
W/"9e882a863f24e02737da75af35a34ee6"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA60-P1
X-Amz-Cf-Id
WP3aZkFYTZemRZxeFnVBrH420QPzfQv3wCSlDpOO1Ur-yldtRCy2Qw==
rid
match.adsrvr.org/track/ Frame 5294 		109 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
c57abf22db8651e54c067baf23d8d877406e0db419922e853a5faa9696fc834f

Request headers

Referer
https://times-herald.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 12 Nov 2021 05:29:09 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://times-herald.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 12 Dec 2021 05:29:09 GMT
/
id.sv.rkdms.com/identity/ Frame 5294 		2 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=times-herald.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.5.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-5-56.compute-1.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://times-herald.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://times-herald.com
date
Fri, 12 Nov 2021 05:29:09 GMT
access-control-allow-credentials
true
server
nginx/1.20.1
content-length
2
vary
Origin
content-type
application/json
identity
api.rlcdn.com/api/ Frame 5294 		44 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://times-herald.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 12 Nov 2021 05:29:09 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://times-herald.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
update
squareoffs.com/embed_stats/ Frame 8460 		0
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/embed_stats/update
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/square_offs/21442
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosnif
X-Frame-Options ALLOWALL
X-Xss-Protection 0

Request headers

X-NewRelic-ID
VgYAVFFWGwIEUVhaDwg=
X-CSRF-Token
VlHfqg+WbJglCtBJ94tYi9UchNPY7+dfLMV7Yt4nZWyQmP097FfAv4CimYyHALpUcfwYODdORIlavHnheKykWg==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://squareoffs.com/square_offs/21442
X-Requested-With
XMLHttpRequest

Response headers

date
Fri, 12 Nov 2021 05:29:09 GMT
access-control-request-method
*
x-content-type-options
nosnif
via
1.1 vegur, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-xss-protection
0
x-request-id
11f068f2-c413-4d7f-8aa7-4d7116845c8e
x-served-by
cache-dca17779-DCA, cache-fra19171-FRA
x-runtime
0.014305
x-newrelic-app-data
PxQFUVFWDwYTVVVXDgkPX0YdFHANCBcQXw5UB0oXUV9RAF0+QhVSFhcZQhECAkxWEkhRTAcBBVRcBQYBUFRWVwZTDVALDAAeA0sJUARSB1dUDwFUXlsJAARTV1QbHAZKRgMOAVVeVgAEVVtaDVsFUQNHFQdQDUAHOQ==
server
Cowboy
x-timer
S1636694949.150947,VS0,VE111
x-frame-options
ALLOWALL
strict-transport-security
max-age=300
access-control-allow-origin
*
expires
Fri, 12 Nov 2021 05:29:39 GMT
cache-control
max-age=30, public
accept-ranges
bytes
x-cache-hits
0, 0
cx.cce.js
cdn.cxense.com/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Jul 2021 14:49:19 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5864
Expires
Fri, 12 Nov 2021 06:29:09 GMT
execute
c2.piano.io/xbuilder/experience/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=4bp4mEttTF
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fea3a167c05831b15a1d88b3f273a54afc56d9d590ae9a9b82416c535c295ce
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Referer
https://times-herald.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 12 Nov 2021 05:29:09 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id
0dngiqd6op
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://times-herald.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
6acd5c68b9376928-FRA
get.js
buy.tinypass.com/api/v3/anon/captcha/ 		153 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=4bp4mEttTF
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
716d7ed46b92f75d5ceaa85e20f49ef8c60dabb7e9b5b037183a16bea902f314
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id
Clw1g2rKHuL
pragma
wn
prod-dash-10-0-94-165
last-modified
Fri, 12 Nov 2021 04:55:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.012
cache-control
public, max-age=1200
cf-ray
6acd5c68990e05f5-FRA
expires
Fri, 12 Nov 2021 05:49:09 GMT
9cc27608-a02c-40f0-8072-8db97647a1ce
https://times-herald.com/ Frame 5294 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://times-herald.com/9cc27608-a02c-40f0-8072-8db97647a1ce
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
70681.js
ad.broadstreetads.com/zdisplay/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.broadstreetads.com/zdisplay/70681.js?b=&kw=friday&skw=true&ts=1636694948070&target=street-tdwbyumbj4
Requested by
Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.175.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-175-67.compute-1.amazonaws.com
Software
/
Resource Hash
1ea627eba935354a841bd4ae0131cb2f88148c972dd94eb2df2e5c2a95f531be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:09 GMT
Connection
keep-alive
transfer-encoding
chunked
x-hostname
ip-10-154-142-108
content-type
application/javascript
common.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame 75D7 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-78.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:05 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 May 2020 15:07:51 GMT
Server
AmazonS3
Age
4
ETag
W/"82e72d627b04e1654282023cca1d1e69"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA60-P1
X-Amz-Cf-Id
QNnKmlR9ojRYJ2AUz135I84bxS5dsPo6vW0Ct_Tm7kjI-g3AaHawIg==
banner.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame 75D7 		1005 B
943 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/banner.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-78.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:28:59 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 May 2020 15:07:52 GMT
Server
AmazonS3
Age
20
ETag
W/"78d1bdd981816cfbeb6954a85f9efa58"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA60-P1
X-Amz-Cf-Id
vUrwBs4pfkbHhPW7kyVhIcnQIIP8UzCsyc8AMjaoFvwq216eDtlLKQ==
common.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame 32B5 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-78.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 May 2020 15:07:51 GMT
Server
AmazonS3
Age
8
ETag
W/"82e72d627b04e1654282023cca1d1e69"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA60-P1
X-Amz-Cf-Id
isBJ6co9Me9Ft_WmSafl93nePIkbBQ-kZqcRkr2DZ0k_okhAWoJksA==
layout-1.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame 32B5 		804 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/layout-1.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-78.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60defd0229880a6f78696fcf8e687f94e43fc8bb5ff66028e23e546d0345d2f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:28:16 GMT
Via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
Last-Modified
Fri, 22 May 2020 15:07:51 GMT
Server
AmazonS3
Age
72
ETag
"33e182d2957d66f0239c291b39120c17"
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
804
X-Amz-Cf-Id
pOD0T-stqCT9Qa2b7nkh4hdVjK0X1VistIiJ51JGiDUq7_sI1-EGVQ==
modal.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/modal.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-78.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc2fb6603f1299fb85244d8a40ec6fbf764d3a7cf74e50e6b66e2df487ace61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:28:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 May 2020 15:07:52 GMT
Server
AmazonS3
Age
37
ETag
W/"4cb20646e6160144096c6e61f322a18b"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA60-P1
X-Amz-Cf-Id
ZPDwbistQE_u2FzWoJCOKIXx7eGtnypaC3Q8NluABKYeI9Kjmo2zug==
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=363111547455573&ev=Microdata&dl=https%3A%2F%2Ftimes-herald.com%2F&rl=&if=false&ts=1636694948912&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Newnan%20Times-Herald%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22The%20Newnan%20Times-Herald%22%2C%22og%3Asite_name%22%3A%22The%20Newnan%20Times-Herald%22%2C%22og%3Adescription%22%3A%22Local%20news%20and%20information%20from%20The%20Newnan%20Times-Herald%20in%20Newnan%2C%20Georgia.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fd2s94cyhu2tzlj.cloudfront.net%2Fstatic%2Fglobal%2Fog-logo-default.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%22300%22%2C%22og%3Aimage%3Aheight%22%3A%22300%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Ftimes-herald.com%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1636694948334.1840821239&it=1636694948108&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Fri, 12 Nov 2021 05:29:09 GMT
data_read.php
embed.sendtonews.com/player4/ Frame 5294 		31 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=5Ly84TZuwEdyoIyi&instance=886404&version=65.21.7&age=211112&ESG_key=f9GyrBkw&type=full&EXTREF=https://times-herald.com/&REF=https://times-herald.com/&ogSet=1
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.208.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-208-58.compute-1.amazonaws.com
Software
Apache /
Resource Hash
06504ec91ab3d2fe8a4c20bb19f5db129010affaa0628be25d64eed6a031c4f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:09 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1, no-cache="set-cookie"
Connection
keep-alive
Content-Length
6852
Expires
Fri, 12 Nov 2021 05:29:10 GMT
stn_trk.gif
s2l.sendtonews.com/ Frame 5294 		26 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=5Ly84TZuwEdyoIyi&instance=886404&version=65.21.7&age=211112&cmd=PRE_INIT&key=BxUBWx6L&order=2&EXTREF=https://times-herald.com/&REF=https://times-herald.com/&canonical=https://times-herald.com/
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.5.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-5-11.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:09 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
0.js
player.sendtonews.com/bidderFiles/ Frame 5294 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
bf1eb99c30d828154b1f083be6b4bde59bea2d9566b481462c642851991b16e3

Request headers

Referer
https://times-herald.com/
Origin
https://times-herald.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:54:48 GMT
content-encoding
gzip
age
2061
x-cache
Hit from cloudfront
content-length
1032
access-control-allow-origin
*
last-modified
Fri, 10 Sep 2021 22:58:48 GMT
server
Apache
etag
"a9c-5cbac0ee11a00-gzip"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 02cd8164e89a1598d410a9198582d47d.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-amz-cf-id
lR-eoi2ALaOpBRov3ZrGyru_kvXah6hc0DVdUU-oYA0XrrfdV8ZVaA==
expires
Fri, 12 Nov 2021 05:54:41 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame 5294 		0
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
6acd5c698e094ea3-FRA
date
Fri, 12 Nov 2021 05:29:09 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 5294 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://times-herald.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 16:21:35 GMT
x-content-type-options
nosniff
age
47254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 16:21:35 GMT
50b4ziqyxtm90a8onl8p73scenp7lj46.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 5294 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/50b4ziqyxtm90a8onl8p73scenp7lj46.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35c1ad13060bba557c2bb9b75824da0245c9fc6d0fe56d0e5c507c9be827cd5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:41:05 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Fri, 12 Nov 2021 04:41:03 GMT
server
AmazonS3
age
2885
etag
"bca4f36ac61ea06df81108134d7da7b7"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
2250
x-amz-cf-id
xehknKNRbIPvG3s48P-Gif5FiLcNOoG77G14f20lPJ_j-DlNfH65TA==
qcojidsu33t7ucx8haxk6be6liolhe61.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 5294 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/qcojidsu33t7ucx8haxk6be6liolhe61.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b249f71ddc55b91f541e187dfae13730aee8676be99baa23c9188b17691f5319

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:40:01 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Thu, 11 Nov 2021 04:31:05 GMT
server
AmazonS3
age
3453
etag
"2bd984600bb8a0de53a8717e79fac4cc"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
2420
x-amz-cf-id
K4OX3SioZl_vgpS0fiAcxv5IhgJmr-HMAmt-imLCWY0_HHjgJypCAA==
qhvqfuw5p6bibemy69v9pplhv8msdu67.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 5294 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/qhvqfuw5p6bibemy69v9pplhv8msdu67.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d62fc75ea85ec70ab5dffeeeccfa4ee1e0fe2d5baa3beb8b5a3ed62769fc3f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:40:01 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Wed, 10 Nov 2021 04:31:03 GMT
server
AmazonS3
age
14279
etag
"10193cfc1a57d06b0474bbf01cd10c00"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
2422
x-amz-cf-id
eEL3BsjRU8MXiYPPvwTD1DE2Bx6SU1KLim40JQuVjZG_oP6I4itmxQ==
49ilzl4ag3dxj3zdfz8zcjcraof4hkf5.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 5294 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/49ilzl4ag3dxj3zdfz8zcjcraof4hkf5.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08ed458f82f64909d713a755ddcd69142e7d508b99033f662d4d83513118e3ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:23:36 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 04:01:02 GMT
server
AmazonS3
age
4160
etag
"4e0df73200992f51b9115c7a6cf45709"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
2346
x-amz-cf-id
g9ru9mLFBCFzwUB25XDEc4-JlE6tVS7L98Cu0zNJDfeCDq7qEE_EDA==
7elcse2iimi1gpb0pis14izwhpf4sy2f.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 5294 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/7elcse2iimi1gpb0pis14izwhpf4sy2f.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b1fd3a4c261d49722d1f81c39f4bb3dbe21d59c76538b6e17701af181c98c07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 02:04:41 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Sat, 06 Nov 2021 03:11:02 GMT
server
AmazonS3
age
12887
etag
"4d3d79651908b4396eeb362a3a052ea4"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
2605
x-amz-cf-id
Fy22J9G2j66lBIXAhVwZvmFqG4Iqr1RODnOm9nMTOSTG4ine92Bc9g==
zyolmtc50jnhy1tooj2or8pw2ebptaz6.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 5294 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/zyolmtc50jnhy1tooj2or8pw2ebptaz6.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32ee23f97d4f0a488396e1c55e6821394dbb1dcec920f4e5227c575e36d2024c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 02:15:35 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Fri, 05 Nov 2021 02:46:05 GMT
server
AmazonS3
age
11912
etag
"698164c81bd33f830b25afbd9a4abc91"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
2459
x-amz-cf-id
DzFJCzrHIEcHC4vvLn2geMN663XsJ76R84n7rKk2OlWrZE3WsadDiQ==
8i51cmm5m9hat5s28m4rvcj41h6e1365.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 5294 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/8i51cmm5m9hat5s28m4rvcj41h6e1365.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a38d9553b887014c29c7dbc697ba3283256d61127c05fdb7187974af8f6e5db9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 05:39:09 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 03:16:03 GMT
server
AmazonS3
age
85801
etag
"4e6e30626a7d52b921ef1505bf7774fa"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
2483
x-amz-cf-id
65sJXZDyXyLCNG7hEGlVqdnlW3cBvhN7fcPeQpUIlzTmVJER7DTL7g==
qmsnbqcvl8ddsxwefrgh5z9i12ps0aia.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 5294 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/qmsnbqcvl8ddsxwefrgh5z9i12ps0aia.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0e81e43883c7c84e882f56c98339b4a6555918aef155d2d4aa701f5c6ee797a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 06:17:27 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Wed, 03 Nov 2021 18:41:03 GMT
server
AmazonS3
age
83503
etag
"4caa7ddfe9f74b629a4211f879c4e89c"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
2103
x-amz-cf-id
WYfSJ5B4lbvS33Rn4cSaZx_HZCDlPUUMl30PQvUGdtg6sGOxB_T_nA==
d4r5musxri508ndxpz6bl57k7ehywfnz.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 5294 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/d4r5musxri508ndxpz6bl57k7ehywfnz.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d69717c6953d5ba7398fabfdd38108d65b0cbcbc85a5d64ecf8403ec06910c4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 08:24:38 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Wed, 03 Nov 2021 07:26:03 GMT
server
AmazonS3
age
75871
etag
"98fe5845cee9cc5882c58c009a9fe1df"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
2377
x-amz-cf-id
BrUtgxxycnoyoj2U5_LxDelAU8MJDiEc2PCo7W5a8VKr97RW9S-RpA==
ugtcrwp8uf01owg8b8pagcg1bfwvbr8k.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 5294 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ugtcrwp8uf01owg8b8pagcg1bfwvbr8k.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d69717c6953d5ba7398fabfdd38108d65b0cbcbc85a5d64ecf8403ec06910c4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 06:17:27 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Wed, 03 Nov 2021 07:21:03 GMT
server
AmazonS3
age
83503
etag
"98fe5845cee9cc5882c58c009a9fe1df"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
2377
x-amz-cf-id
KaWPZ0ftL6VKuLlfCT2YbfbNOaZnjQHIe5-Lic2q5tVXZrxLsQk8Vg==
truncated
/ Frame 5294 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://times-herald.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 5294 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://times-herald.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 16:21:35 GMT
x-content-type-options
nosniff
age
47254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 16:21:35 GMT
bridge3.489.0_en.html
imasdk.googleapis.com/js/core/ Frame CC09 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194780
date
Wed, 10 Nov 2021 22:24:04 GMT
expires
Thu, 10 Nov 2022 22:24:04 GMT
last-modified
Wed, 10 Nov 2021 22:20:22 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
111905
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
data_stn_l.php
timber.sendtonews.com/timber/ Frame 5294 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=BxUBWx6L&ES_key=BxUBWx6L&ES_ID=15412&S_RKEY=0&USR_ID=297886404&ST_usrKey=5Ly84TZuwEdyoIyi&SM_ID=0&C_ID=7795&C_companyName=BENN%20Solutions&version=650210070&sC_ID=0&AC_ID=2010&TYPE=FULL&EXTREF=https://times-herald.com/&REF=https://times-herald.com/&PLAYERWIDTH=790&PLAYERCODE=NVFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.207.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-207-51.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:09 GMT
Server
Apache
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1
Connection
keep-alive
Content-Length
0
Expires
Fri, 12 Nov 2021 05:29:10 GMT
stn_trk.gif
s2l.sendtonews.com/ Frame 5294 		26 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=5Ly84TZuwEdyoIyi&instance=297886404&version=65.21.7&age=211112&cmd=GET&key=BxUBWx6L&c_id=7795&seq=0&order=3&EXTREF=https://times-herald.com/&REF=https://times-herald.com/&playerCfg=FP&canonical=https://times-herald.com/
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.5.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-5-11.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:09 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
client.js
s0.2mdn.net/instream/video/ Frame 5294 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Nov 2021 05:29:09 GMT
50b4ziqyxtm90a8onl8p73scenp7lj46.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame 5294 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/50b4ziqyxtm90a8onl8p73scenp7lj46.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b378347205506f9a92df5278fa781b56d39fcd8dc833ae780fb19e98ada4b2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:41:06 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Fri, 12 Nov 2021 04:41:03 GMT
server
AmazonS3
age
2884
etag
"606931009c7851948bf676755c674e76"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
36732
x-amz-cf-id
H99AJYoxBelygnQm2KjjD_UplMBz2ZLtDYV7d88EWshjj1fXOTJWZA==
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 5294 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 19:11:32 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
37069
etag
"cb93bb50e5d021cc38de445a672c18a2"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
1094
x-amz-cf-id
hv7r0IcyhRIlNNayceBdkP9I4ViaXrIIbbgQ424Bf6-YY5ul26gZQQ==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 5294 		322 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 14:00:06 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
55745
etag
"311cf2edc46e82f2a6911332b7db54e1"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
322
x-amz-cf-id
6a79r82v9hjBSO2zGp4mEFFVW-iQgs-TWpDk_QS5jXnHVQ21RgyfEQ==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 5294 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 14:52:45 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
52645
etag
"8be584e844dabfe22970a0cb943c047e"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
832
x-amz-cf-id
c7jJYFAf3WE5T1SktI_gcnYPWpqt51O6n3LbzxSuCpzsTVEzah-ODA==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 5294 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:01:55 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
8843
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
773
x-amz-cf-id
JJB0w8HfqQuYsxBUTogQDHB4JXcCOE5XeT_Nnfl0hsXJlV80JwjdIg==
71196.js
ad.broadstreetads.com/zdisplay/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.broadstreetads.com/zdisplay/71196.js?b=&kw=friday&skw=true&ts=1636694948070&target=street-pu7gj8tjow
Requested by
Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.175.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-175-67.compute-1.amazonaws.com
Software
/
Resource Hash
31ba236d84be419d9798961682432aedaff6b393c9cf4f98c66a392da3592f5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:09 GMT
Connection
keep-alive
Content-Length
1606
x-hostname
ip-10-154-142-108
content-type
application/javascript
headerstats
as-sec.casalemedia.com/ Frame 5294 		0
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Ftimes-herald.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://times-herald.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 05:29:09 GMT
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.74], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://times-herald.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Fri, 12 Nov 2021 05:29:09 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 92EE 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 12 Nov 2021 05:40:32 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 5294 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SendtonewsDirect
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.100.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-100-237.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://times-herald.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://times-herald.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
avjp
sendtonews-d.openx.net/v/1.0/ Frame 5294 		106 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sendtonews-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Ftimes-herald.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=634f80ca-0caa-4119-97cf-f11ba034516c&nocache=1636694949214&schain=1.0%2C1!sendtonews.com%2CO4wACfhWioz-Uwcj4Xhchg%2C1%2C83333e9b-c5c1-406f-8d7f-54464c9a6ea0%2C%2C&auid=540931806&vwd=790&vht=444
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://times-herald.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 05:29:09 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://times-herald.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
tag
pi979-10rsz.ads.tremorhub.com/ad/ Frame 5294 		55 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pi979-10rsz.ads.tremorhub.com/ad/tag?adCode=pi979-nj3gh&playerWidth=790&playerHeight=444&srcPageUrl=https%3A%2F%2Ftimes-herald.com%2F&supplyCode=pi979-10rsz&c4=ic_5619313,ic_3003652,ic_0858141,ic_2416407,ic_1612662,ic_8328276,ic_5043113,ic_3890383,ic_7287399,ic_8555203&schain=1.0,1!sendtonews.com,O4wACfhWioz-Uwcj4Xhchg,,83333e9b-c5c1-406f-8d7f-54464c9a6ea0,,&transactionId=634f80ca-0caa-4119-97cf-f11ba034516c&referrer=https%3A%2F%2Ftimes-herald.com%2F&hb=1&fmt=json
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:f315:7277:7529:ffc5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5073bc1b2078fd089ec0aa323292bc187a5b2516fd42ee563cd6e42fa4d3361c

Request headers

Referer
https://times-herald.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 05:29:10 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://times-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
prebid
ib.adnxs.com/ut/v3/ Frame 5294 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
9d267677812fea6e2ceb67a1727b1924dacbf2d36997fa7d6e9150b9c47199e1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://times-herald.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 05:29:09 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
dbbd4a89-bda7-4651-a8ea-c679edfefdf2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://times-herald.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
229991
search.spotxchange.com/openrtb/2.3/dados/ Frame 5294 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229991
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://times-herald.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Fri, 12 Nov 2021 05:29:09 GMT
X-SpotX-Timing-Transform
0.000411
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.000805
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000289
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.026811
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000269
X-fe
090
Last-Modified
Fri, 12 Nov 2021 05:29:09 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.022708
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://times-herald.com
X-SpotX-Timing-Page-Misc
0.002299
X-SpotX-Timing-Page-Exception
0.000018
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.022708
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 5294 		173 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.177.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-177-113.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
557effec31a040ba0bb41d0c08560abea37bc1a98d5aee13fdc81cc2ccd5d79c

Request headers

Referer
https://times-herald.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 05:29:09 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://times-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
167
expires
0
cygnus
htlb.casalemedia.com/ Frame 5294 		25 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438214&v=8.1&r=%7B%22id%22%3A%22139f8753fa8b514%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22141156a147d7a64%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%2C%22sid%22%3A%22790x444%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A790%2C%22h%22%3A444%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%2C%22sizes%22%3A%5B%5B790%2C444%5D%5D%2C%22playerSize%22%3A%5B%5B790%2C444%5D%5D%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftimes-herald.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22sid%22%3A%22O4wACfhWioz-Uwcj4Xhchg%22%2C%22hp%22%3A1%2C%22rid%22%3A%2283333e9b-c5c1-406f-8d7f-54464c9a6ea0%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2292643243-db69-4832-b736-e5b17161de3d%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-12T05%3A29%3A09%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D&ac=j&sd=1&nf=1
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ef4d72b11c66c58f7cfed7e691031f2770cc0a17ecd09888b6fdf5ab59c63bb1

Request headers

Referer
https://times-herald.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 05:29:09 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.74], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://times-herald.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Fri, 12 Nov 2021 05:29:09 GMT
translator
hbopenbid.pubmatic.com/ Frame 5294 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://times-herald.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://times-herald.com
date
Fri, 12 Nov 2021 05:29:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cx.js
cdn.cxense.com/ 		116 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b64f53bf69d080d62a915b32b4c7c8a2b31a787b3ccf64c4a63aeba170355c22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Oct 2021 12:43:03 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27751
Expires
Fri, 12 Nov 2021 06:29:09 GMT
8f3cabe1-0b58-44ac-8396-6f35056bcbe1.jpg
cdn.broadstreetads.com/assets/ 		945 KB
947 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.broadstreetads.com/assets/8f3cabe1-0b58-44ac-8396-6f35056bcbe1.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bb2af38bc333efe5be6960b1be435a54c276c5bdce0c93baf4963de5455465a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:09 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-length
967730
last-modified
Tue, 09 Nov 2021 14:09:35 GMT
server
cloudflare
etag
"dac366f254ad10f179aac25f0375084e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UC1Ob25FlAIsLhYGGOKN4vy8OqTOXQB%2BdvgwvvFUpD4usM%2FUUqylLOdrgVRRfe74TabvPI%2FP2LJqlZNoQUQ9fY8xdcGoFGLd7v2mpvnTJuFxlZxwhpUImbGwuXdlVt8W8N%2FtkIeEeo7r9yO8ux3BP8rGanw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
max-age=315576000
accept-ranges
bytes
cf-ray
6acd5c6bce656931-FRA
x-amz-cf-id
t0s5wN5W1Myl5ITqJG4K63Zad4qWfdKT7tGn5IE9CO2UnvCnhI7_Eg==
71198.js
ad.broadstreetads.com/zdisplay/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.broadstreetads.com/zdisplay/71198.js?b=c326712,a417683&kw=friday&skw=true&ts=1636694948070&target=street-b8o3y5v3n4
Requested by
Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.175.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-175-67.compute-1.amazonaws.com
Software
/
Resource Hash
c1fdbf6b308a364cb4fefeae59a3c069657114b9a60e7a023e9d0924a6eae4de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:09 GMT
Connection
keep-alive
Content-Length
1622
x-hostname
ip-10-154-142-108
content-type
application/javascript
dbd5bef5-f7cb-4e7a-ae44-cc5b75d4b108.jpg
cdn.broadstreetads.com/assets/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.broadstreetads.com/assets/dbd5bef5-f7cb-4e7a-ae44-cc5b75d4b108.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a57ac12e8bcdc9af47ce4c727282656ac6f371dff7e41199682d7300dd805aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:09 GMT
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1412196
cf-polished
origFmt=jpeg, origSize=92795
x-cache
Miss from cloudfront
access-control-max-age
3000
content-disposition
inline; filename="dbd5bef5-f7cb-4e7a-ae44-cc5b75d4b108.webp"
access-control-allow-methods
GET, HEAD
content-length
36534
last-modified
Tue, 26 Oct 2021 18:32:15 GMT
server
cloudflare
etag
"fdbd1792936cca0d77b4c8ecdb526a14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZ6O3VcMEAu%2B1ZRK7209ARu68OG0F3AUUZvh%2BUN4cg1NFfH%2FyMgIIMD9lQwGY6AaWfrZEq0x06ue2mwArRQ3Gd1mKGwRWO5ACCwhs1%2FCJQlYCVTo4%2B7ERVjl%2FRCMZiqx9gN1RFQhJzZ%2FshCJtXupCpxkZ7I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
max-age=315576000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
cf-ray
6acd5c6c8f9e6931-FRA
x-amz-cf-id
3Hdf7ay9qhqPVB-FkmV1tPdEfD39AQPVsY9Ih7xUBvF8Gq4SAL2rOQ==
cf-bgj
imgq:100,h2pri
71195.js
ad.broadstreetads.com/zdisplay/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.broadstreetads.com/zdisplay/71195.js?b=c326712,a417683,c322403,a412059&kw=friday&skw=true&ts=1636694948070&target=street-tg2bcwd8xc
Requested by
Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.175.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-175-67.compute-1.amazonaws.com
Software
/
Resource Hash
bc74990207779c0aef3688299bb1be59ae430549d8371bd399bd8867e7dbbf62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:09 GMT
Connection
keep-alive
Content-Length
1593
x-hostname
ip-10-154-142-108
content-type
application/javascript
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151509
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:09 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3103
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=259200
cf-ray
6acd5c6cbfa82bdd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 15 Nov 2021 05:29:09 GMT
icon
onesignal.com/api/v1/apps/f1b2d330-0153-4b42-b0d8-3f7b0cb52493/ 		176 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/f1b2d330-0153-4b42-b0d8-3f7b0cb52493/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151509
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ffc95f33655841ce7fe8d4945eb8ee98a6481bff8fc587f29f3ecbf5854deb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
1f8a67de-49d9-41ce-a000-4417953bab4b
x-runtime
0.010501
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"7ffc95f33655841ce7fe8d4945eb8ee9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
6acd5c6d1fac691c-FRA
access-control-allow-headers
SDK-Version
f2f3664f-a1e1-4bcb-a64a-d91d7a5acde1.jpg
cdn.broadstreetads.com/assets/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.broadstreetads.com/assets/f2f3664f-a1e1-4bcb-a64a-d91d7a5acde1.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfced497f64fa32d9976c782cb08c2f2198ede2a5a043ec7136310267859f51a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:09 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-length
88473
last-modified
Mon, 01 Nov 2021 12:56:54 GMT
server
cloudflare
etag
"248bb8ae9184d15daff753732d7537fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AO%2FEIO%2BolMr%2FGGP6vcUSjyG5Q8P4RopILHiimQe6kbRrBASECZZy3YuquAg57%2F5eouT5mOy2SvEd7m%2FBPUSHCLEFv7hziqCS3XL8Ts0vULmgg2vC5ZyBuhjLi9WSkXSO16pvgP6hxTXc%2FHNEWH9HdTb%2B%2F8k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
max-age=315576000
accept-ranges
bytes
cf-ray
6acd5c6d38be6931-FRA
x-amz-cf-id
1v0GwgF_DEbtehdmeBkcXryTyUDQ6Gx_tQEBFhmSxxuLRTKH0Gl_jA==
76404.js
ad.broadstreetads.com/zdisplay/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.broadstreetads.com/zdisplay/76404.js?b=c326712,a417683,c322403,a412059,c237734,a299454&kw=friday&skw=true&ts=1636694948070&target=street-tu4vr3orww
Requested by
Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.175.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-175-67.compute-1.amazonaws.com
Software
/
Resource Hash
3e171a3e0c3998638c2d5134ea7e90822741763641c3f5317b4694dcce5b1b0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:10 GMT
Connection
keep-alive
Content-Length
1624
x-hostname
ip-10-154-142-108
content-type
application/javascript
ads
pubads.g.doubleclick.net/gampad/ Frame 5294 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=/92056281/newnantimesherald-tier_1&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https://times-herald.com/&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=1611370&cust_params=sessionKey=297886404-5Ly84TZuwEdyoIyi%26schain=sendtonews.com,O4wACfhWioz-Uwcj4Xhchg%26content=4735%26placementType=TIER_1%26embed=BxUBWx6L%26domain=times-herald.com%26player_size=large%26player_width=790%26player_height=444%26player_type=full%26version=65.21.7%26player_status=NVFNLNOY%26play_code=2010%26view100=0%26excl_cat=stl_id00014%26rand=3%26devicetype=desktop%26iris_id=iris_7aea670292f3a151%26iris_context=ic_5619313,ic_3003652,ic_0858141,ic_2416407,ic_1612662,ic_8328276,ic_5043113,ic_3890383,ic_7287399,ic_8555203
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a7c251d0d232898d0801d3859a47b00904a43d5897de2367eb9fb88472b8a8f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
925
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://times-herald.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
d7374a02-74b7-426e-bd37-c2bdac9a6d07.jpg
cdn.broadstreetads.com/assets/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.broadstreetads.com/assets/d7374a02-74b7-426e-bd37-c2bdac9a6d07.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85279118979fbfb69e6b9656e9826a3529105e722948dc035f1cd9643811c477

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:10 GMT
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
247062
cf-polished
origFmt=jpeg, origSize=115601
x-cache
Hit from cloudfront
access-control-max-age
3000
content-disposition
inline; filename="d7374a02-74b7-426e-bd37-c2bdac9a6d07.webp"
access-control-allow-methods
GET, HEAD
content-length
47696
last-modified
Mon, 08 Nov 2021 17:28:05 GMT
server
cloudflare
etag
"c46a3548c1f705c5a6e07a900cd5551e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNJnL9cZ4ry7gDkEtlP%2FRJO1RcKGWDrTshb9dGV%2FwG%2FYdaM%2FMqP2mt95ORR7hWG4aUrmZtwVqsWtGOv0DLkOk0xPvc%2BWl7qVs4Eq7JgfXy1xlgDKyt0RCV5Lg0%2FO4FsYV3ioNmvQTmJJquC%2FO8Mo6z9GILs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
max-age=315576000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
cf-ray
6acd5c6e7a856931-FRA
x-amz-cf-id
X0ULcZIodCCFhudoIlX4ZIphd6LKBZyvQ1DQrzfSry7Mxa2oNveIPA==
cf-bgj
imgq:100,h2pri
81230.js
ad.broadstreetads.com/zdisplay/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.broadstreetads.com/zdisplay/81230.js?b=c326712,a417683,c322403,a412059,c237734,a299454,c326529,a417449&kw=friday&skw=true&ts=1636694948070&target=street-fbxt9lq7r4
Requested by
Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.175.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-175-67.compute-1.amazonaws.com
Software
/
Resource Hash
810c238f04f6445267ae8abc1774c43266c52b182ec081abc1315fb23d5b872d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:10 GMT
Connection
keep-alive
Content-Length
1623
x-hostname
ip-10-154-142-108
content-type
application/javascript
apple-icon-152x152.png
d2s94cyhu2tzlj.cloudfront.net/favicon/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s94cyhu2tzlj.cloudfront.net/favicon/apple-icon-152x152.png
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-219.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eed33dd0f0e3dab598e272caa590f9460b5a79045278fb6373ae4753828e7e77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:11 GMT
Via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
Last-Modified
Tue, 10 Nov 2015 14:57:27 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P3
ETag
"f2cbfde43edc43d5bd2e9fdf0ab536e5"
X-Cache
Miss from cloudfront
Content-Type
image/png
Cache-Control
max-age= 3153600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6625
X-Amz-Cf-Id
VwoM5rE3yc9sX4DFymqet1ZWJkbKUSZRj7ldTfXePycs56CoE605zw==
7d591c3b-8fe3-4837-9b6e-747e223cee5e.jpg
cdn.broadstreetads.com/assets/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.broadstreetads.com/assets/7d591c3b-8fe3-4837-9b6e-747e223cee5e.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d927790c5a4f5cf2b509e7ec4cba8cb221459a97272e1e17f8a4b43ead8cb252

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:10 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1208008
cf-polished
origFmt=jpeg, origSize=166537
x-cache
Hit from cloudfront
access-control-max-age
3000
content-disposition
inline; filename="7d591c3b-8fe3-4837-9b6e-747e223cee5e.webp"
access-control-allow-methods
GET, HEAD
content-length
72846
last-modified
Tue, 19 Oct 2021 13:17:48 GMT
server
cloudflare
etag
"f87c0ed3fe1a0d420e8260415f127b11"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXo0Ec4OF%2FNlZVQLQcmDdXr0aflnhS1bNH4EqD60mgTe6%2BeftMKLzSmwjEhEdksjmV%2FUz%2Fmdwk74tUA0lI1kNURno7B2H9EYCvOLURIzs5Hsdqu%2FKSvyKltUug16dLuQItYMduUDg1VR7zpKzC2lpO6HsZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
max-age=315576000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
cf-ray
6acd5c6f8c106931-FRA
x-amz-cf-id
Van7Zh43xu4bsibOiLw-jLkTmK1I8S6IvqI_VqQl8vh2E8g0pG-VDA==
cf-bgj
imgq:100,h2pri
81231.js
ad.broadstreetads.com/zdisplay/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.broadstreetads.com/zdisplay/81231.js?b=c326712,a417683,c322403,a412059,c237734,a299454,c326529,a417449,c321373,a410711&kw=friday&skw=true&ts=1636694948070&target=street-hjkojmbeog
Requested by
Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.175.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-175-67.compute-1.amazonaws.com
Software
/
Resource Hash
5e5d54b6951aab3eb0c02c294a9cf6b08c2aa43cd6a8a0ec22e5f7405c15af43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:10 GMT
Connection
keep-alive
Content-Length
1636
x-hostname
ip-10-154-142-108
content-type
application/javascript
integrator.js
adservice.google.com/adsid/ Frame 5294 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times-herald.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 05:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
50b4ziqyxtm90a8onl8p73scenp7lj46.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame 5294 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/50b4ziqyxtm90a8onl8p73scenp7lj46.jpg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b378347205506f9a92df5278fa781b56d39fcd8dc833ae780fb19e98ada4b2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:41:06 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Fri, 12 Nov 2021 04:41:03 GMT
server
AmazonS3
age
2885
etag
"606931009c7851948bf676755c674e76"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
36732
x-amz-cf-id
EQJdmuzG3fJsZMmYaGMJPAJnziPke36_Fd-9esERoaFLGsHF95coWQ==
p760461o076q86oos984462397407no9base.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ Frame 5294 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/p760461o076q86oos984462397407no9base.en.vtt
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3eec79bcb7a6221660fb3cf740e08bc61e42a36253087b910a8fa95a19f83060

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:11 GMT
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb5.cloudfront.net (CloudFront)
last-modified
Fri, 12 Nov 2021 04:37:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
"d075bb26339084713a2a72382fa6d685"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
3247
x-amz-cf-id
2y0bGfZjHnc5KvKifZjfzktiQpV8n0EaqxOsHFvtX-47FbAu16A88Q==
stn_trk.gif
s2l.sendtonews.com/ Frame 5294 		26 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=5Ly84TZuwEdyoIyi&instance=297886404&version=65.21.7&age=211112&ldt=IMA&key=BxUBWx6L&seq=1&order=4&recoveryMethod=SSAI&imaVersion=3.489.0&blocked=false&recovered=false
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.5.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-5-11.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:10 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
4r1r3rnqq7n9653n296non36rn20r79qplaylist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ Frame 5294 		291 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/4r1r3rnqq7n9653n296non36rn20r79qplaylist.m3u8
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c6dde6cf7ba51a7e97bc97b2ba7bed8ac688ecb1e2ab559dc8345fa6998f5c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:11 GMT
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Fri, 12 Nov 2021 04:36:52 GMT
server
AmazonS3
etag
"ea982b38737ab519b8f903200c393429"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
PY6pnArZbyyR4VO6JMBA5FTaKWn2E68lvaLG5E05nnML5oHeIzxAGg==
ff4f915a-6455-4c9d-800f-0ac51e913fe1.jpg
cdn.broadstreetads.com/assets/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.broadstreetads.com/assets/ff4f915a-6455-4c9d-800f-0ac51e913fe1.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a6ff18d4fd7d9d506a55ac7e28b7d4b44e700f32733cbaf43281573ef530db9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:10 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
274012
cf-polished
origSize=27116, status=webp_bigger
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-length
24522
last-modified
Mon, 08 Nov 2021 17:13:25 GMT
server
cloudflare
etag
"83e522ff91e019e86547bb9acddf0485"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMXkRUx899U%2FirceMIrkkjPBqCq3nbFUHid8zHrIX5OVmVAdbiWfL2f4rbdswezkz8HE1f0sk3wgTHcbgvdUBWMNc10qge8833zHPi9BI2c7AQ3PLzL8B4hh7iPY%2Fy4k3Axk5FvEQUw5lDO20vQ9cweVibE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
max-age=315576000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
cf-ray
6acd5c708dbb6931-FRA
x-amz-cf-id
dpR1-Ox930XgisKTiKXIEJEhFHbEhJW1dntVzTsSIZe-gY8a9YaQDw==
cf-bgj
imgq:100,h2pri
76399.js
ad.broadstreetads.com/zdisplay/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.broadstreetads.com/zdisplay/76399.js?b=c326712,a417683,c322403,a412059,c237734,a299454,c326529,a417449,c321373,a410711,c326524,a417444&kw=friday&skw=true&ts=1636694948070&target=street-eh1wqbixmo
Requested by
Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.175.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-175-67.compute-1.amazonaws.com
Software
/
Resource Hash
1ec7b80d10335a8cc6f19bc02636e0e3772ee22090317746b754fcf2a7bdcfe5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:10 GMT
Connection
keep-alive
Content-Length
1646
x-hostname
ip-10-154-142-108
content-type
application/javascript
00e60d95-0170-490a-8351-552cbe14e1c3
https://times-herald.com/ Frame 5294 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://times-herald.com/00e60d95-0170-490a-8351-552cbe14e1c3
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
3aa21185-0c81-4ace-8550-7be101ff7f27
https://times-herald.com/ Frame 5294 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://times-herald.com/3aa21185-0c81-4ace-8550-7be101ff7f27
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
ca3cdaeb-72ad-4642-af19-ea2c58833bd9
https://times-herald.com/ Frame 5294 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://times-herald.com/ca3cdaeb-72ad-4642-af19-ea2c58833bd9
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
ads
pubads.g.doubleclick.net/gampad/ Frame CC09 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fnewnantimesherald-tier_1&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D297886404-5Ly84TZuwEdyoIyi%26schain%3Dsendtonews.com%2CO4wACfhWioz-Uwcj4Xhchg%26content%3D4735%26placementType%3DTIER_1%26embed%3DBxUBWx6L%26domain%3Dtimes-herald.com%26player_size%3Dlarge%26player_width%3D790%26player_height%3D444%26player_type%3Dfull%26version%3D65.21.7%26player_status%3DNVFNLNOY%26play_code%3D2010%26view100%3D0%26excl_cat%3Dstl_id00014%26rand%3D3%26devicetype%3Ddesktop%26iris_id%3Diris_7aea670292f3a151%26iris_context%3Dic_5619313%2Cic_3003652%2Cic_0858141%2Cic_2416407%2Cic_1612662%2Cic_8328276%2Cic_5043113%2Cic_3890383%2Cic_7287399%2Cic_8555203&url=https%3A%2F%2Ftimes-herald.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Ftimes-herald.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1721&hl=en&cmsid=2460952&vconp=2&video_doc_id=1611370&vpa=auto&vpmute=true&kfa=0&tfcd=0&sdkv=h.3.489.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=4238746883&sdk_apis=2%2C8&sid=CE0F4D51-9E32-4F1D-8866-842679B51EA8&nel=1&eid=44750821%2C44750824%2C44752711&dlt=1636694948052&idt=1325&dt=1636694950101&cookie_enabled=1&correlator=3189265664589363&scor=3175337641144723&ged=ve4_td2_tt1_pd2_la2000_er3873.200.4317.990_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
225f5fa8-9161-4422-8b8d-376ec7f1bd4c.jpg
cdn.broadstreetads.com/assets/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.broadstreetads.com/assets/225f5fa8-9161-4422-8b8d-376ec7f1bd4c.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b7a9551d70ff7cbebc82fe6ddadad6e950e033fff588968078c784d56e18969

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:10 GMT
via
1.1 54fc556adf6e8c787574c6f132d70179.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1220424
cf-polished
origFmt=jpeg, origSize=129197
x-cache
Hit from cloudfront
access-control-max-age
3000
content-disposition
inline; filename="225f5fa8-9161-4422-8b8d-376ec7f1bd4c.webp"
access-control-allow-methods
GET, HEAD
content-length
50782
last-modified
Fri, 30 Apr 2021 12:52:09 GMT
server
cloudflare
etag
"23e25dd64099b0540a3a694f060eecc5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jocQvwVDIFoUn47Ac2KPJtl7l7W52vQeozUQvhTHOy0uDi4DElDYRmKhoRdZmfHvzxFFDWtZASBH0t998a92PwHhGDUE7uur4guRGwuQSQdGVzzpeomVVEbOOGKMLuHWpcYBtXr%2BUx5dG1cXjMFf9XJF8kE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
max-age=315576000
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
cf-ray
6acd5c714ecd6931-FRA
x-amz-cf-id
hrs6LxHvqQxLGL1DIstNpyrTKqHXTamZsXSQytLwyqpRaoc_3msnzg==
cf-bgj
imgq:100,h2pri
76400.js
ad.broadstreetads.com/zdisplay/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.broadstreetads.com/zdisplay/76400.js?b=c326712,a417683,c322403,a412059,c237734,a299454,c326529,a417449,c321373,a410711,c326524,a417444,c219448,a275816&kw=friday&skw=true&ts=1636694948070&target=street-hhpfqmy8bk
Requested by
Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.175.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-175-67.compute-1.amazonaws.com
Software
/
Resource Hash
f6a6bbaffea98dec18cb6ecbea8b8b04512225a0ac2d0831d18940ec4841bf05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:10 GMT
Connection
keep-alive
Content-Length
1615
x-hostname
ip-10-154-142-108
content-type
application/javascript
2ecfd0f2-1fe2-45ec-b536-bc9ca109cb7c.jpg
cdn.broadstreetads.com/assets/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.broadstreetads.com/assets/2ecfd0f2-1fe2-45ec-b536-bc9ca109cb7c.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fdb7bdc3ad89c3d903262fb47d71c1fc6fb532b3dd727aff12aae6b06d9e5dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:10 GMT
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1277990
cf-polished
origFmt=jpeg, origSize=87324
x-cache
Hit from cloudfront
access-control-max-age
3000
content-disposition
inline; filename="2ecfd0f2-1fe2-45ec-b536-bc9ca109cb7c.webp"
access-control-allow-methods
GET, HEAD
content-length
33614
last-modified
Tue, 12 Oct 2021 13:25:02 GMT
server
cloudflare
etag
"5c23a9c7584041c10410f6f9d3323a35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VMDmT5NyraWCj4bbdlKCELvlBPbVMDOH6AWjoDYThqebUOL2SrOSK2HTrQin6r3nHr29R1R%2FO5fyHt7wZ5I2PfQNRRURrfDGOufrflNbJ%2FQsGhKagTgXsY0j4fTlK2Vm%2FRcBkrCEzvUvbkCyj9mm2nNM34%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
max-age=315576000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
cf-ray
6acd5c7208036931-FRA
x-amz-cf-id
cXTZMpXT_0e-S7XamHPSv_ItPfhCxn1OVFR_1ooCRTMWKkcFqE8_Fw==
cf-bgj
imgq:100,h2pri
76401.js
ad.broadstreetads.com/zdisplay/ 		476 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.broadstreetads.com/zdisplay/76401.js?b=c326712,a417683,c322403,a412059,c237734,a299454,c326529,a417449,c321373,a410711,c326524,a417444,c219448,a275816,c320055,a408545&kw=friday&skw=true&ts=1636694948070&target=street-vr2onsi0v4
Requested by
Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.175.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-175-67.compute-1.amazonaws.com
Software
/
Resource Hash
03bb7f49922676a893af10d8cc7c45f2e72bab252966fcf2a2cdd0b339ea42c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:10 GMT
Connection
keep-alive
Content-Length
476
x-hostname
ip-10-154-142-108
content-type
application/javascript
76402.js
ad.broadstreetads.com/zdisplay/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.broadstreetads.com/zdisplay/76402.js?b=c326712,a417683,c322403,a412059,c237734,a299454,c326529,a417449,c321373,a410711,c326524,a417444,c219448,a275816,c320055,a408545&kw=friday&skw=true&ts=1636694948070&target=street-c1xiugavio
Requested by
Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.175.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-175-67.compute-1.amazonaws.com
Software
/
Resource Hash
0e3cf924a216d3914482046b875bad4283d222ba8ea30da3c6116f4ebdacdb4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:10 GMT
Connection
keep-alive
Content-Length
1596
x-hostname
ip-10-154-142-108
content-type
application/javascript
4r1r3rnqq7n9653n296non36rn20r79q.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ Frame 5294 		810 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/4r1r3rnqq7n9653n296non36rn20r79q.m3u8
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
663d915bd74c43cdb101c195718b94bf0acd8df20a1f0b2302290d7b80fd21c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:12 GMT
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
810
last-modified
Fri, 12 Nov 2021 04:37:19 GMT
server
AmazonS3
etag
"8aebb5de81e23c0823eb76418cdd5a3a"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
0psDaRRyxTFsaCVL_1jgZPs2Yva_FYQfrWS18VmzVjNQghFcqi4xbA==
d3c9300b-bb97-4a6a-952b-bd9cc5c8d9e7.jpg
cdn.broadstreetads.com/assets/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.broadstreetads.com/assets/d3c9300b-bb97-4a6a-952b-bd9cc5c8d9e7.jpg
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0fff4c13c4a680d00840a649017e08b6f874844073d41734af69e79a57356ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:10 GMT
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
124014
cf-polished
origFmt=jpeg, origSize=192617
x-cache
Hit from cloudfront
access-control-max-age
3000
content-disposition
inline; filename="d3c9300b-bb97-4a6a-952b-bd9cc5c8d9e7.webp"
access-control-allow-methods
GET, HEAD
content-length
96036
last-modified
Fri, 13 Aug 2021 11:48:15 GMT
server
cloudflare
etag
"49639521470694f82f40127c915c3722"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvwbomjY3YkTGD3Nk%2BkI6XFnrokDBbnedwesWecEI9Q2VgNYKx0dNAIyyRlMe4V5diP8NeImtWJfWGEeG3XSvqet8CR7w2zrLrdw%2FSN4RbuzNGMd80oM2%2BoDeezzR1oy6UtuvcJ2tWg6I3QO3qpDgTl%2Bico%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
max-age=315576000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
cf-ray
6acd5c736a1a6931-FRA
x-amz-cf-id
s-TbXAAOsL1kqahIekhCVQsdkRKt7veXKhNCe6YCIsfailhLol5wSA==
cf-bgj
imgq:100,h2pri
71190.js
ad.broadstreetads.com/zdisplay/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.broadstreetads.com/zdisplay/71190.js?b=c326712,a417683,c322403,a412059,c237734,a299454,c326529,a417449,c321373,a410711,c326524,a417444,c219448,a275816,c320055,a408545,c304652,a389052&kw=friday&skw=true&ts=1636694948070&target=street-g0a1bfhb1s
Requested by
Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.175.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-175-67.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
71192.js
ad.broadstreetads.com/zdisplay/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.broadstreetads.com/zdisplay/71192.js?b=c326712,a417683,c322403,a412059,c237734,a299454,c326529,a417449,c321373,a410711,c326524,a417444,c219448,a275816,c320055,a408545,c304652,a389052&kw=friday&skw=true&ts=1636694948070&target=street-ljtrlgicg0
Requested by
Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.175.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-175-67.compute-1.amazonaws.com
Software
/
Resource Hash
15d719e9d60acc44e977f228cc56f7ff3ff957c85c392cf4796e57c5ce3cadd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:11 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Length
5999
x-hostname
ip-10-154-142-108
content-type
application/javascript
4r1r3rnqq7n9653n296non36rn20r79q-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ Frame 5294 		363 KB
364 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/4r1r3rnqq7n9653n296non36rn20r79q-00001.ts
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25c4d0baa9c2403c717f217f754d405793210ab4d51f1f92f62ea25442806b61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:12 GMT
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
371676
last-modified
Fri, 12 Nov 2021 04:37:17 GMT
server
AmazonS3
etag
"354bd434b9c6dc1737aefe85af116bc1"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
3gH1SiGjfNyobzWWAg4g9A-Gje204mxXicbfe5qqKU7bfcgctw_yNw==
a60edb90-b7ca-4490-8348-b4103e33464f.webp
cdn.broadstreetads.com/uploads/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.broadstreetads.com/uploads/a60edb90-b7ca-4490-8348-b4103e33464f.webp
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b94bb8a135e9bd48aaaddae91579583347fce4e6a493962301ef70594ba8fdf7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:11 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
137565
x-cache
Miss from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-length
51236
last-modified
Wed, 10 Nov 2021 14:12:57 GMT
server
cloudflare
etag
"1beaac80b5f74d34e3297de8321e1411"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FFqQrStr%2BivyRXi%2F15agneXls%2FWN2XOKoNyyOutmReYfHNNbxc4F%2B5r2HiAsbiq4HwtKs0goCDIgFvAMxSsM2Na6aLMdJFFmSw7UVeiP%2F3UJxcHut5qXRfapv6n9yzFVcOSOitym3BRWwmTtvhr8a7Tze4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
max-age=315576000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
cf-ray
6acd5c75fe176931-FRA
x-amz-cf-id
gdOmYaoprIYmrXcp4GptixzAvbnVwg_Cnyu5wP72wcP6eLddBOFbRw==
usync.html
eus.rubiconproject.com/ Frame 47DD 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Nov 2021 05:29:13 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame D5F1 		668 B
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4725d02e1be7aa4bdfd5cdf6f805657ba7490bd24bc0cdef2043db9d6b20c870

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 12 Nov 2021 05:29:13 GMT
content-type
text/html
content-length
421
content-encoding
gzip
via
1.1 google
alt-svc
clear
sync
ups.analytics.yahoo.com/ups/55953/ Frame 5294
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=92643243-db69-4832-b736-e5b17161de3d&_origin=1&gdpr=1&gdpr_consent=
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=92643243-db69-4832-b736-e5b17161de3d&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:13 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 05:29:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=92643243-db69-4832-b736-e5b17161de3d&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
sync
ups.analytics.yahoo.com/ups/55986/ Frame 5294
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=YY37qQAD9ROwYQBG&_origin=0&gdpr=0&gdpr_consent=&_test=YY37qQAD9ROwYQBG
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YY37qQAD9ROwYQBG&_origin=0&gdpr=0&gdpr_consent=&_test=YY37qQAD9ROwYQBG&apid=UP786680b7-4379-11ec-a004-02c1570f7238
0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YY37qQAD9ROwYQBG&_origin=0&gdpr=0&gdpr_consent=&_test=YY37qQAD9ROwYQBG&apid=UP786680b7-4379-11ec-a004-02c1570f7238
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:13 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YY37qQAD9ROwYQBG&_origin=0&gdpr=0&gdpr_consent=&_test=YY37qQAD9ROwYQBG&apid=UP786680b7-4379-11ec-a004-02c1570f7238
date
Fri, 12 Nov 2021 05:29:13 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/57304/ Frame 5294
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP786680b7-4379-11ec-a004-02c1570f7238
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP786680b7-4379-11ec-a004-02c1570f7238&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA3ODY2ODBiNy00Mzc5LTExZWMtYTAwNC0wMmMxNTcwZjcyMzg%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEHAaUGSN47GY2DtrZyKYFhE&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEHAaUGSN47GY2DtrZyKYFhE&google_cver=1&apid=UP786680b7-4379-11ec-a004-02c1570f7238
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEHAaUGSN47GY2DtrZyKYFhE&google_cver=1&apid=UP786680b7-4379-11ec-a004-02c1570f7238
Requested by
Host: times-herald.com
URL: https://times-herald.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://times-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:29:13 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEHAaUGSN47GY2DtrZyKYFhE&google_cver=1&apid=UP786680b7-4379-11ec-a004-02c1570f7238
date
Fri, 12 Nov 2021 05:29:13 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.js
eus.rubiconproject.com/ Frame 47DD 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
24cfa815e675621b16b7e1c89c0db7d3ff93eab7f758f2c885f478ae9e8a992f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 05:29:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83142
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Sat, 13 Nov 2021 04:34:55 GMT
sd
eu-u.openx.net/w/1.0/ Frame D5F1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4bee618d-fba9-4700-958a-332558855505
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4bee618d-fba9-4700-958a-332558855505
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 05:29:13 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 12 Nov 2021 05:29:13 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x27 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4bee618d-fba9-4700-958a-332558855505
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Nov 2021 05:29:12 GMT
p-25CIknq_eSg16.gif
pixel.quantserve.com/pixel/ Frame D5F1 		0
0
sd
eu-u.openx.net/w/1.0/ Frame D5F1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7126898115398932943
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7126898115398932943
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 05:29:13 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 05:29:13 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7126898115398932943
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame D5F1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=79844605-cd32-3128-4e10-9860f193fe1f&gdpr=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 05:29:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame D5F1 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTVlYjk1Y2YtMDQ0NS02ZjhjLTViZjAtYzJkOTNiNzEzMDdm
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 05:29:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D5F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENVlsOq4o_xsut8Y7p0HeYA&google_cver=1
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENVlsOq4o_xsut8Y7p0HeYA&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 05:29:13 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 05:29:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENVlsOq4o_xsut8Y7p0HeYA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 47DD 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secure.quantserve.com
URL
https://secure.quantserve.com/quant.js
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dataLayer object| Typekit object| html5 object| Modernizr object| broadstreet function| fbq function| _fbq function| OneSignal function| loadScript function| getStoreKey function| readStore function| writeStore function| resizeSOEmbed object| observer function| initPostRobot object| google_tag_manager object| AttachEvents function| $ function| jQuery function| FastClick object| Foundation function| define function| require object| dojo object| dijit object| dojox object| dojo_request_script_callbacks object| google_tag_data string| GoogleAnalyticsObject function| ga number| __oneSignalSdkLoadCount function| __jp0 object| __post_robot_10_0_31__ object| gaplugins object| gaGlobal object| gaData object| tp number| pnInitPerformance function| ___tp number| google_global_correlator string| __tpVersion object| jQuery112404812639579558098 object| googletag object| SWG object| cX object| kw object| config boolean| broadstreetLoaded function| SignupForm function| PopupSignupForm object| parts object| s2nVideo object| PianoESPConfig function| cxCCE_callQueueExecute object| cxTest object| closure_lm_439166 function| cx_callQueueExecute function| cx_pollActivity function| cx_pollActiveTime function| cx_pollFragmentMessage object| cXNative boolean| broadstreetScriptRan object| broadstreetModules undefined| module undefined| exports object| parkaveConfig

34 Cookies

Domain/Path Name / Value
times-herald.com/ Name: CraftSessionId
Value: 19dgve3jqqf9qeknspu89radjc
embed.sendtonews.com/ Name: AWSELBCORS
Value: AB7769910C09524E3F673477D3796BB23C89D09F9B37FBACFC54F04D5C3B577F4373300E1D526649A7A34046C53C69BF23A13465C21D74FB538059D02697B129752C89191F
.times-herald.com/ Name: _ga
Value: GA1.2.337475894.1636694948
.times-herald.com/ Name: _gid
Value: GA1.2.107204986.1636694948
.times-herald.com/ Name: _gat_UA-134257521-1
Value: 1
.times-herald.com/ Name: _fbp
Value: fb.1.1636694948334.1840821239
.list-manage.com/ Name: _abck
Value: 03353300A018C51D77A3B2098AA6DD57~-1~YAAQoV5swUVlag59AQAAwPueEgYupUoNzQht/0QN1RAenwYZIcwaAEjyIJ3zzGe0JiTPgf+umwfDgCqfIIm+Kkc8jUWz995dUhxy31p246q5ucUXUVfxwbSzsqGFjgXQuDlLfQYu70PGdB39aIx8C3OYwZL/xkYDcoe7RzFAy+88jLKs4e2iTpQWOWt0A7MwdcX4m1+aUHUNTVM54yoHLzYizQQGamjebIzY3UTseINpyf4Xdzz0BU4+5sum4QExsBJG5ajZl1MlxepJjteyYXzmMpBwWFAfTk3JZec9DPVzuBNF+qTrud8xpy/JEpuIdo+5U0MYnVBxdKDQvFTVjMJNHGxm4ikOmemFaPGWcxKoRIxK4gfEsV/43Q9NAOuH/Q==~-1~-1~-1
.us12.list-manage.com/ Name: ak_bmsc
Value: C98B84DE53715639892FE313DB8D9B70~000000000000000000000000000000~YAAQoV5swUZlag59AQAAwPueEg2TdPyh+dgmR+YCtTBA/zkXsvWdX18X7b3WIp1H2+WJRwvqYbWArukn8Yfk6z+asngoXdyHmCxsbYULBnLFzLEM3Q8ogkxFO25KRoaS19pJsg3d15uNrdj9+hzY3g8OFap88TNL4t3cYZeruIRvmO8WZJ6ivD9ktD1uxYbUnRtKIkNXxve1hfl4iXoygATSR4kqnetql05O866RS1oVzihUXogH13O0eowlgN1kVgj6iA2FSZ783iHfD1dFrcW7eSqA3fu0rKTbrwRskjZ9p+X4RNTLt0J6ULcdnUFVC0DelZC//Ka8WGnLLaZM3DlHDP3ZoJDpj3UMuBkKogb5MmAGMASYEaPZe+ieO0aEETtHu4PsVQB0qvKUPHTcvlmh3Qw=
.list-manage.com/ Name: bm_sz
Value: 2046B98E21C9439ADBBA5EB162700923~YAAQoV5swUdlag59AQAAwPueEg06reKGf6VBRSf8hAABMn0GJ80E32EUCw3vDg97g2Ciwmmlvqs7mjTFt+lNWFkQ/D6O9WTpxn8h3y5MFjEW+7z/0fDPtzW+kuqcJFxyAdElhPnUOtZmS2qk8hdtHxyNow/ubjie1PmYZr0G4N1AibnVDHtsviPekrsR9a4JD6N301ouIbwza6rbvd0obpGrAIRC6FFlYpI5rULsCT2IfSiPdBpL3ID2Ll/v1DLXbser01KPXZ/8jEv5YdLmq5d2hwTa7ZZABUZawLPYuBpz4/AJsrCt9g==~3359792~4408114
.broadstreetads.com/ Name: streetsign1
Value: 747ye3mk74000000000000000000000000000000000000000000000000000000
squareoffs.com/ Name: testcookie
Value: testcookie
.adsrvr.org/ Name: TDID
Value: 92643243-db69-4832-b736-e5b17161de3d
squareoffs.com/ Name: _square_offs_session
Value: UDFVcGt5M2hmb3oxVDRWYXRFUlIvOWhkbGhMODBHU0ZJSDV3U096R0hpenNBc3dnWlh4T3VsQTdTTklSbzh1dWJIcWhteVVYZStLZVlXeFpOMXpWOFl2am1TOWo1VVlpUDVTajZ6dldQNHZiSDJIakpzdUVQWW1jalVZM054OEpra1NORFN1aU1aOUJac1M0MEdSR0k2SGRubUQ2eWdRLzV5djFjL0w1bWxqMVBnS1B1QjRYdVVjeGIvOGQ2eHNyRDc1VUtxaFZZdFk5QVVNOGRFY0tTdz09LS0xcXFxVHdmN3lMdmJ0Q2poVndjbWxnPT0%3D--b50abaea30eb9d26b6a0d5e1730f9a12f60a70ff
.piano.io/ Name: __cf_bm
Value: UCAGhBKSCM6LdO7UGODAyf66dt_j5CYK.FgiqpKNARE-1636694949-0-AZiM8OZCiDQlMA8urMgYgrNRVR6IIVX9nHe2lTPdsCPp0m33CgsB6m+72wrNF81JfnW88Hhf0/RjsAz9XkZammo=
.times-herald.com/ Name: __tbc
Value: %7Bjzx%7D59pgiOXPeM1STaSQ52R8DOGPKtGNzOixxPt8aXpwZaxNbdg37q0DiQHpn_ABF1j8R1WiYLw8TY2G0psRyek9eKJgkSaPHh7Rc4bS0lH2SG_EUqvRJhI8dl1IGf592btN56xut4KSxwUvBifrF0GT6A
.times-herald.com/ Name: cX_P
Value: 3lD12cxCIYHexGPT90c9GV00AZLc2OsADOQMd2tJJySgGMMq90AsUkj8t7d5
.times-herald.com/ Name: __pat
Value: -18000000
.times-herald.com/ Name: __pvi
Value: %7B%22id%22%3A%22v-kvvxwwx9d18tn6it%22%2C%22domain%22%3A%22.times-herald.com%22%2C%22time%22%3A1636694949120%7D
.times-herald.com/ Name: xbc
Value: %7Bjzx%7D-nyFgQ9y2c_R20F5Sba1RrNFE1c4T7AAJ3x9s8gJ8CFYLeR4PjAsp2ptnAzlNZnSls-tJ7Ia-n2Fu2x1BGlRj-6Zqlt5yahPnPsXmIzdEvl6maS9U3r-_B6wBbbrCKZwfx4A7FurhRlAU6N5_yYkY_t7iAloRv0QOKs7jam3ahDk1HiuTzTKSaYn9yT1TkYJv-xc652U1zoet3Re8qzLmQ
.openx.net/ Name: i
Value: aa28795c-64b5-0edf-14c6-508895b4cde2|1636694949
.adnxs.com/ Name: icu
Value: ChgI99FAEAoYASABKAEwpfe3jAY4AUABSAEQpfe3jAYYAA..
.adnxs.com/ Name: uuid2
Value: 5565151585842591223
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjI2If7guqSOhAFOAFaBmFkYXB0dmAC
.openx.net/ Name: pd
Value: v2|1636694953|gekin0vNiygu
.advertising.com/ Name: APID
Value: UP786680b7-4379-11ec-a004-02c1570f7238
.yahoo.com/ Name: A3
Value: d=AQABBKn7jWECEF1IIXjpiTngreunWpkezakFEgEBAQFNj2GXYQAAAAAA_eMAAA&S=AQAAAulf-xddamwQFz70iQokwMU
.doubleclick.net/ Name: IDE
Value: AHWqTUmWzENrlV7BO2A9MZlLGW8XbHFqr3rpu1cwNxcx1TCJlquSVBRoxTLaI5UxjsI
.yahoo.com/ Name: APID
Value: UP786680b7-4379-11ec-a004-02c1570f7238
.yahoo.com/ Name: APIDTS
Value: 1636694953
.mathtag.com/ Name: uuid
Value: 4bee618d-fba9-4700-958a-332558855505
.adform.net/ Name: C
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YY37qQAD9ROwYQBG
.adform.net/ Name: uid
Value: 7126898115398932943
.analytics.yahoo.com/ Name: IDSYNC
Value: "187s~21hh:1776~21hh"

2 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://ad.broadstreetads.com/zdisplay/71190.js?b=c326712,a417683,c322403,a412059,c237734,a299454,c326529,a417449,c321373,a410711,c326524,a417444,c219448,a275816,c320055,a408545,c304652,a389052&kw=friday&skw=true&ts=1636694948070&target=street-g0a1bfhb1s
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.broadstreetads.com
ads.adaptv.advertising.com
adservice.google.com
api.rlcdn.com
as-sec.casalemedia.com
assets.squareoffs.com
buy.tinypass.com
c1.adform.net
c2.piano.io
cdn.broadstreetads.com
cdn.cxense.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.resonate.com
cdn.tinypass.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
d29xw9s9x32j3w.cloudfront.net
d2s94cyhu2tzlj.cloudfront.net
downloads.mailchimp.com
embed.sendtonews.com
eu-u.openx.net
eus.rubiconproject.com
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.sv.rkdms.com
imasdk.googleapis.com
js-sec.indexww.com
match.adsrvr.org
mc.us12.list-manage.com
onesignal.com
p.typekit.net
pagead2.googlesyndication.com
pi979-10rsz.ads.tremorhub.com
pixel.advertising.com
pixel.quantserve.com
player.sendtonews.com
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
rum-static.pingdom.net
s0.2mdn.net
s2l.sendtonews.com
search.spotxchange.com
secure.quantserve.com
sendtonews-d.openx.net
squareoffs.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
timber.sendtonews.com
times-herald.com
token.rubiconproject.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
pixel.quantserve.com
secure.quantserve.com
100.25.5.11
104.18.12.242
13.32.121.78
142.250.185.130
142.250.185.98
15.197.193.217
151.101.194.202
151.101.2.49
151.101.66.202
159.203.158.205
18.156.0.31
18.157.100.237
18.66.139.104
18.66.97.25
185.29.134.244
185.33.221.53
185.64.189.112
185.94.180.124
2.18.234.21
23.23.175.67
23.37.38.181
23.37.42.132
2600:1f18:612b:4264:f315:7277:7529:ffc5
2606:4700:10::6814:14ef
2606:4700:20::ac43:4563
2606:4700::6810:135e
2606:4700::6810:2a41
2606:4700::6810:5714
2606:4700::6811:b9b1
2606:4700::6812:e134
2606:4700::6812:e234
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:400c:c00::9b
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00:2a7::268b
2a02:26f0:6c00::210:ba2a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.69.177.113
34.120.133.55
35.244.159.8
37.157.4.41
50.17.207.51
50.17.208.58
52.207.5.56
52.222.250.219
54.93.133.131
69.173.144.138
95.101.44.28
006dfcbdd4e2e23ab1a3f0415b9ede78173efe2e0476b43c4ad95a8d481b6c96
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
03bb7f49922676a893af10d8cc7c45f2e72bab252966fcf2a2cdd0b339ea42c4
050b148131dfe07343c59b0638b6ee9e1357c61734b00c436183c7ec1810263b
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
05f3e95ba069fb772d08cd0f9ad4acc5f82d831bf33c336401d2480709e8c080
06504ec91ab3d2fe8a4c20bb19f5db129010affaa0628be25d64eed6a031c4f6
07442f2bc9e417e7e700d142493b5564d926d3b28a365632e87f9e0a1c992b70
07a0545c00ecfd98dfa3f8a6dff5451780a679455680e517cec826b92ba6be4d
08ed458f82f64909d713a755ddcd69142e7d508b99033f662d4d83513118e3ca
0acb9c8e2e3b21b4e5f48f6eb5b3cac7149e724232e67bc6c273d83b14ec066e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1a06dcea4b23f87b80587a7a2f8e1d74c4ec7d6607d536b1dff2e8580129f8
0e3cf924a216d3914482046b875bad4283d222ba8ea30da3c6116f4ebdacdb4f
0f97ca583d04035bbb0ea5f1f2f298abb9ae28dcc4261a93408aa0e931111300
1091e2295930212d24d4e3a94e13ba1fed9a59b33b2997bccd1e0f678920b475
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12cb22da0710689f532ad62a3a154d27021dc0c424367d4c1269447499e507ed
137ff45ced6e6b7a4ead6d15d218769a5fd10d4a08ce6b68936e4a029b72b8f8
15d719e9d60acc44e977f228cc56f7ff3ff957c85c392cf4796e57c5ce3cadd0
16534145c570e8757046ab7f239531e4a9c80a4204fd3b696d99f1bf4f843b8f
190bc06195a2bebf1bc07b2dcc1605a1cc8f0eb51e76be183a03f4f4117aadab
1b172c33320977042fc6e37fd600373d29ae77eb1afd67e399a65f1a4a67bdcb
1ea627eba935354a841bd4ae0131cb2f88148c972dd94eb2df2e5c2a95f531be
1ec7b80d10335a8cc6f19bc02636e0e3772ee22090317746b754fcf2a7bdcfe5
1f57283f1effa064246ba12189917ca27257218dc007962791c399a067753a69
1fea3a167c05831b15a1d88b3f273a54afc56d9d590ae9a9b82416c535c295ce
223e8d52292b6faa0ed8d7e5b757ad20ab11db496184c0b25b7733a21a0657d4
2435386add96582c3e2deeb1ebfac41605d991f5863ff348c6c971e4de79fd96
24a5221f6ad7101792858297af0895a737ca1449147d9efff12f80211c55a824
24cfa815e675621b16b7e1c89c0db7d3ff93eab7f758f2c885f478ae9e8a992f
25c4d0baa9c2403c717f217f754d405793210ab4d51f1f92f62ea25442806b61
284f18323f6d4447450f7e91af3e577d448282f120f7feb6ac3167695728d265
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b378347205506f9a92df5278fa781b56d39fcd8dc833ae780fb19e98ada4b2d
2be2b2ab5c47f2c0ae09a10d8618ede01f45a9d71053c3c178afd9cd0ce16baf
2c347d58c696d6e371b92485f7705ffe574ed5eff3758f6fd919e6241caf19f2
2c5366109a81134583eeb2834c0deeb514064ce1ba4c0e0948bd63fc69bc965e
2d17c4fb02d2990b4e2c5d7dbf85041145f5fa81f576a02b180aadeaf3df060c
31ba236d84be419d9798961682432aedaff6b393c9cf4f98c66a392da3592f5a
32ee23f97d4f0a488396e1c55e6821394dbb1dcec920f4e5227c575e36d2024c
343c6a748ac336ca96afdf9d72fdeb3d70f1478434f3566ae459fd1707da8d18
3555d0ef36a1e60c440af1a787b4c3c094370c4c2dcb18dce0c3d5c29358414b
35c1ad13060bba557c2bb9b75824da0245c9fc6d0fe56d0e5c507c9be827cd5c
3710bca1a82a1b9d088cf05d2cca70cdf43852addd7c18d99970c225fc40d165
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
387a7f151716f87d8428dec2ad8d20ed98939e957d1ee2f66670d7930893652d
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3e171a3e0c3998638c2d5134ea7e90822741763641c3f5317b4694dcce5b1b0d
3eec79bcb7a6221660fb3cf740e08bc61e42a36253087b910a8fa95a19f83060
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4725d02e1be7aa4bdfd5cdf6f805657ba7490bd24bc0cdef2043db9d6b20c870
48bd13059915df71260813ff87c1db2be194b26305c9d173b0cb586627cadc95
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a57ac12e8bcdc9af47ce4c727282656ac6f371dff7e41199682d7300dd805aa
4b7a9551d70ff7cbebc82fe6ddadad6e950e033fff588968078c784d56e18969
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5073bc1b2078fd089ec0aa323292bc187a5b2516fd42ee563cd6e42fa4d3361c
5474ce70b42dee2593985430b6e47447120e347a2e9a91d0d38783b7bee238d3
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
557effec31a040ba0bb41d0c08560abea37bc1a98d5aee13fdc81cc2ccd5d79c
581b69c72c959619504267e69a81374230da12ed38f42be4574f2652609a08af
5da3370ea81bf9fec16d0edc044663f919e8662c07c1d9e1e346c139f3e3aa0d
5e5d54b6951aab3eb0c02c294a9cf6b08c2aa43cd6a8a0ec22e5f7405c15af43
5eaf05ffc6bfa41c2699ff795f500138b0cc7d7a784068fffe68ecb1419fbfad
5fdb7bdc3ad89c3d903262fb47d71c1fc6fb532b3dd727aff12aae6b06d9e5dd
60defd0229880a6f78696fcf8e687f94e43fc8bb5ff66028e23e546d0345d2f1
63c532c87ea8dcea9132f76536342b6b2cefcf2804dd3e32c475329b2e6322b6
650e65709312c691110957b8a8cc1609ac7b5685f265e1e06f389d271da4fedf
66284ad51096fc9f9978a815c30ff954a45429a32ffcd2b07125cbdb36df269e
662be1aec354405a1e75dd23df3c1e5b019ed17745e3832f1e564ebdfe070515
663d915bd74c43cdb101c195718b94bf0acd8df20a1f0b2302290d7b80fd21c5
6a6ff18d4fd7d9d506a55ac7e28b7d4b44e700f32733cbaf43281573ef530db9
6c58276d0c35cff48ddc5c559bfc2c42ce58edbdf56ae2ed69774a716f02ed1b
6dbaf56c796ee1e2933a62a06955905bd61e6f4d9092f063fa1738d6fe4a9193
70a794340737b2799b56919e27e430ba9c576b8484e8d93f6c3972f60b423f04
716d7ed46b92f75d5ceaa85e20f49ef8c60dabb7e9b5b037183a16bea902f314
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
741a8f6f62f6d725ff2491b6d5b9099b17d5eae7c7bc78ed1d75c849171ed66e
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c
7adc0e82d10de0c5af74d068b95973ff1528ff242d6e35390d3d5ef718291471
7ffc95f33655841ce7fe8d4945eb8ee98a6481bff8fc587f29f3ecbf5854deb9
810c238f04f6445267ae8abc1774c43266c52b182ec081abc1315fb23d5b872d
8210d763175441267564bdd86d0a932c9313964155aca17f1df5b02d80ccf1b7
827fc7cb94efc75845045480ec2a9a7723b6157ec678cae0029fad2155ecc67f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85279118979fbfb69e6b9656e9826a3529105e722948dc035f1cd9643811c477
85dfe57bc8a34df8e5525df72f2bc17e4c10d7938c7cacb7fe11e73ee8dd5dd8
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88e90c3e90e0fb549774fedcc2f3546f15dcd369645b6f51d03cd8aa4eca67ec
8bb2af38bc333efe5be6960b1be435a54c276c5bdce0c93baf4963de5455465a
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8efe32c962f8079bea440dbbc69c87fa1004a2e830e3266907bd53aab0df0c92
91c556fc678409fcee869c4a660246f66a861908fcdfaff5b352ed3d90da1940
94155bf0e642b3c87d1f2b225bf5a40a34ac6a436fac465f9c6f53fa20dbd163
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
95ea62b1500600dbaf8354a2a2a8f0f9e9d023217c53bb215a9aaa0524a44efb
968bb33d346e841f43ef36dc46d92b1529667f4bea4522ef4b3f5f3cfd2c1dc9
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
991d7e36f53d764f4fc88913216d30390563febaba6f4d203b4cd86487d37c24
9b1fd3a4c261d49722d1f81c39f4bb3dbe21d59c76538b6e17701af181c98c07
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c6dde6cf7ba51a7e97bc97b2ba7bed8ac688ecb1e2ab559dc8345fa6998f5c7
9d267677812fea6e2ceb67a1727b1924dacbf2d36997fa7d6e9150b9c47199e1
9d62fc75ea85ec70ab5dffeeeccfa4ee1e0fe2d5baa3beb8b5a3ed62769fc3f4
9f2c88715db2a0f68137f7997ada24031a865c804f07a5d089896b50c23c0736
9f3154bc00e1f14973185d5403f7ca44e2653f366faba400b367838bff8bbb24
9ffc522475e2de27b5bf1d3e219a1701265e0fc639b5313626ddb041ebd3872d
a02055bc0120f18ffc9878ec1dc0f672380f9314b8d393208d276bae99dfe557
a0be76c911338a04a147d23494fe0bba1e96cb78a4c6efce737b072466c8a346
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a38d9553b887014c29c7dbc697ba3283256d61127c05fdb7187974af8f6e5db9
a3dd3c312a0b1fe05a7ca3f47ffb8eb8f8f20f20ad89acfb22587d0950797d43
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7c251d0d232898d0801d3859a47b00904a43d5897de2367eb9fb88472b8a8f2
a8b7140dc41291d25aacedde3bb8a8444ab59cb993fb146beb0d1e830e5da1ed
aa081436fdbf78060847f4dbd6cc95f88a435c2f995e03aedf16cae94bb48762
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afb308bc7e35827ae006e8ebc5fbab50b898b20611718acd5675e4ea5ed3c92e
b033528103f70b1fc86db574626282c1aad0364701a0913659ab70747655455d
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b249f71ddc55b91f541e187dfae13730aee8676be99baa23c9188b17691f5319
b4629772d4a038c916f6dfc82da625ce6f407ee97f7c336aa913a94f11e34c1c
b64f53bf69d080d62a915b32b4c7c8a2b31a787b3ccf64c4a63aeba170355c22
b94bb8a135e9bd48aaaddae91579583347fce4e6a493962301ef70594ba8fdf7
bb59c96162ef122895d28efcb5b80b483cf15582fade93b8597eb9f6a3bc96d4
bc74990207779c0aef3688299bb1be59ae430549d8371bd399bd8867e7dbbf62
bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7
bede38aefade48d8e54d9e0898d23eb19412220c8231acc4be68a3918fc37a0d
bf1eb99c30d828154b1f083be6b4bde59bea2d9566b481462c642851991b16e3
c0d87d2c09a9c1ecca1b72540c7d7fe1c1527c8d4bf83d50e01c08bbe159ba35
c1fdbf6b308a364cb4fefeae59a3c069657114b9a60e7a023e9d0924a6eae4de
c57abf22db8651e54c067baf23d8d877406e0db419922e853a5faa9696fc834f
ca78fd91c1a8d1728a612132e65562f7d3a160787b839c99bbde20b21817dc01
cb5798a284da490e620ff00069f852bc690799e2af53b40c7e2f03209dd8a3e5
cfced497f64fa32d9976c782cb08c2f2198ede2a5a043ec7136310267859f51a
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e81e43883c7c84e882f56c98339b4a6555918aef155d2d4aa701f5c6ee797a
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d54277e2b1e52e392ebd29aa2988e3ebe9becd9b4b2684d6a971b7d24cffeb90
d69717c6953d5ba7398fabfdd38108d65b0cbcbc85a5d64ecf8403ec06910c4a
d927790c5a4f5cf2b509e7ec4cba8cb221459a97272e1e17f8a4b43ead8cb252
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc591529831452815b49e6da1cbae54e7e5b735db677cb15179fef2c90e14764
dd045dfe8ef608f8d54ae683d69c4e08749c96f28e1a40d993401c0a4572f8e3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0fff4c13c4a680d00840a649017e08b6f874844073d41734af69e79a57356ae
e18c8696764b459f2852bb672fe2e5e84920c13325840f3c9ce7e0ecb018630d
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9dcd362fc7e0369ee7d6c33bed757ac80d7f5ede16fae9b6d4a72c1c2dc6d32
edc2fb6603f1299fb85244d8a40ec6fbf764d3a7cf74e50e6b66e2df487ace61
eed33dd0f0e3dab598e272caa590f9460b5a79045278fb6373ae4753828e7e77
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4d72b11c66c58f7cfed7e691031f2770cc0a17ecd09888b6fdf5ab59c63bb1
f66c72eba2fc065baa8d7efee6e00af0dbc191d553f4bfa46369a0ee6be00020
f6a6bbaffea98dec18cb6ecbea8b8b04512225a0ac2d0831d18940ec4841bf05
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
fa457267fd29dcf33428475a737156cf5805df40ee67bee8d7a7d309ca470765