www.thenewsherald.com Open in urlscan Pro
192.0.66.168 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://a2journal.com/
Effective URL:
https://www.thenewsherald.com/
Submission: On August 11 via api (August 11th 2021, 4:22:03 am UTC) from US

Summary HTTP 119 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 38 IPs in 4 countries across 32 domains to perform 119 HTTP transactions. The main IP is 192.0.66.168, located in United States and belongs to AUTOMATTIC, US. The main domain is www.thenewsherald.com.
TLS certificate: Issued by R3 on June 22nd 2021. Valid for: 3 months.

This is the only time www.thenewsherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	96.45.83.7 96.45.83.7	16552 (TIGGEE) (TIGGEE)
1 23	192.0.66.168 192.0.66.168	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	99.86.4.81 99.86.4.81	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:f400:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.82.152.48 13.82.152.48	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.84.254.59 52.84.254.59	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
4	52.84.44.170 52.84.44.170	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
11	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:21a... 2600:9000:21a1:a600:10:ce97:9fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	13.224.96.53 13.224.96.53	16509 (AMAZON-02) (AMAZON-02)
5	18.214.172.53 18.214.172.53	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:217... 2600:9000:2175:8a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.16.107.122 2.16.107.122	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	54.209.104.184 54.209.104.184	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
119	38

1 96.45.83.7 (United States) 1 redirects

ASN16552 (TIGGEE, US)
PTR: redirection.dnsmadeeasy.com

a2journal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 192.0.66.168 (United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

www.thenewsherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-81.fra6.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:f400:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.82.152.48 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prodmg2.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.84.254.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-254-59.mrs52.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.84.44.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-44-170.mrs52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21a1:a600:10:ce97:9fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.durationmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.96.53 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-53.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.214.172.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-172-53.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d8730240078d0337c723f8c64d8f17d9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2175:8a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-jsonp.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.107.122 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-122.deploy.static.akamaitechnologies.com

ntvcld-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.209.104.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-104-184.compute-1.amazonaws.com

be.durationmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	thenewsherald.com 1 redirects www.thenewsherald.com	594 KB
19	googlesyndication.com d8730240078d0337c723f8c64d8f17d9.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	399 KB
12	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	138 KB
7	durationmedia.net tag.durationmedia.net be.durationmedia.net	41 KB
6	googletagservices.com www.googletagservices.com	202 KB
5	google.com adservice.google.com www.google.com	1 KB
5	postrelease.com jadserve.postrelease.com	5 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com	1 KB
4	amazon-adsystem.com c.amazon-adsystem.com	36 KB
4	parsely.com cdn.parsely.com p1.parsely.com	39 KB
3	criteo.com 1 redirects gum.criteo.com mug.criteo.com	6 KB
3	google-analytics.com www.google-analytics.com	21 KB
3	ntv.io s.ntv.io	111 KB
2	akamaihd.net ntvcld-a.akamaihd.net	41 KB
2	moatads.com z.moatads.com s-jsonp.moatads.com	55 KB
2	gstatic.com fonts.gstatic.com	48 KB
2	google.de adservice.google.de www.google.de	1 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	89 KB
1	adsrvr.org match.adsrvr.org	547 B
1	rlcdn.com api.rlcdn.com	332 B
1	criteo.net static.criteo.net	38 KB
1	quantcount.com rules.quantcount.com	437 B
1	facebook.net connect.facebook.net	26 KB
1	googletagmanager.com www.googletagmanager.com	84 KB
1	indexww.com js-sec.indexww.com	40 KB
1	windows.net prodmg2.blob.core.windows.net	143 KB
1	osano.com cmp.osano.com	83 KB
1	p-n.io cdn.p-n.io	70 KB
1	a2journal.com 1 redirects a2journal.com	170 B
0	digitalfirstmedia.com Failed marketplace.digitalfirstmedia.com Failed
119	32

	Domain	Requested by
23	www.thenewsherald.com	1 redirects www.thenewsherald.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.thenewsherald.com
6	www.googletagservices.com	www.thenewsherald.com securepubads.g.doubleclick.net
5	be.durationmedia.net	tag.durationmedia.net
5	jadserve.postrelease.com	s.ntv.io www.thenewsherald.com
4	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.google.com	www.thenewsherald.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	sb.scorecardresearch.com	2 redirects www.thenewsherald.com
4	c.amazon-adsystem.com	www.thenewsherald.com c.amazon-adsystem.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	s.ntv.io	www.thenewsherald.com s.ntv.io
2	gum.criteo.com	1 redirects static.criteo.net
2	ntvcld-a.akamaihd.net	www.thenewsherald.com
2	fonts.gstatic.com	fonts.googleapis.com
2	tag.durationmedia.net	www.googletagmanager.com tag.durationmedia.net
2	p1.parsely.com	www.thenewsherald.com
2	cdn.parsely.com	www.thenewsherald.com www.googletagmanager.com
1	mug.criteo.com
1	s-jsonp.moatads.com	www.thenewsherald.com
1	z.moatads.com	s.ntv.io
1	match.adsrvr.org	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	static.criteo.net	js-sec.indexww.com
1	pixel.quantserve.com	www.thenewsherald.com
1	www.google.de	www.thenewsherald.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	secure.quantserve.com
1	d8730240078d0337c723f8c64d8f17d9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	connect.facebook.net	www.thenewsherald.com
1	secure.quantserve.com	www.googletagmanager.com
1	pixel.wp.com	www.thenewsherald.com
1	www.googletagmanager.com	www.thenewsherald.com
1	stats.wp.com	www.thenewsherald.com
1	js-sec.indexww.com	www.thenewsherald.com
1	prodmg2.blob.core.windows.net	www.thenewsherald.com
1	cmp.osano.com	www.thenewsherald.com
1	cdn.p-n.io	www.thenewsherald.com
1	ajax.googleapis.com	www.thenewsherald.com
1	fonts.googleapis.com	www.thenewsherald.com
1	a2journal.com	1 redirects
0	marketplace.digitalfirstmedia.com Failed	www.thenewsherald.com
119	44

This site contains links to these domains. Also see Links.

Domain
www.legacy.com
www.michiganlottery.com
marketplace.newspaperclassifiedsmi.com
businessdirectory.thenewsherald.com
adportal.newspaperclassifiedsmi.com
jobs.thenewsherald.com
facebook.com
twitter.com
instagram.com
share.ntv.io
www.medianewsgroup.com
digitalfirstmedia.wd5.myworkdayjobs.com
www.pressandguide.com
www.voicenews.com
vip.wordpress.com

Subject Issuer	Validity	Valid
thenewsherald.com R3	`2021-06-22` - `2021-09-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
pushlycdn.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
cmp.osano.com Amazon	`2020-08-26` - `2021-09-25`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2021-05-17` - `2022-05-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.durationmedia.net Amazon	`2020-09-07` - `2021-10-07`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.thenewsherald.com/
Frame ID: 2A6A8CC2A6B89EF87528460E99C67673
Requests: 85 HTTP requests in this frame

Frame: https://marketplace.digitalfirstmedia.com/promos/wordpress.asp?nid=20
Frame ID: 57549C3313B1A7EADD68C578AC142DC4
Requests: 1 HTTP requests in this frame

Frame: https://d8730240078d0337c723f8c64d8f17d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 85C6B58E3E8D6AB713CFCCDF1204DBAB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGqSEqaZCdAJrgIfbqnl9GMMdEsvdp4HFwXBLwPBg6X40foqpvdp7e7eoRHcJIewKBpxQfTFXnwPSkh0o59viAjTNOKrVicUklzz_ZvDmNDBxrDsuftGiNZw0wXN2qYXHxwnF0V1fRnR-XiHJ2m-d18WoNEGa9DsimUMxZA5lae8jDSxKF7oaY_XN7NhcIn1B2qM2-Q70XQVyNYXoCEk_d1pk6STaiODrbOBpS__Itt-qpR1lP5_BVrmWgwVOF6Y7k8cP8IfDbdgb-0X_tiz7RbjtYjC2UHZM4SUDbci0ol8a_KedDrvZRvuZb5J_SuCayAQx6UuBMzg&sai=AMfl-YRykA0C4sARjsnHbW8fWK99XQyFIbtRljd9IqL-On7Gs5EMmIVbtoDpiL6gWbu8-lL6HRrv0GKvmwOLKwWE5el6AOgIRydIBxk8TnSeXztyqXXuRFuz4sWTX3rA_2I&sig=Cg0ArKJSzG5Rw-RpgbRhEAE&adurl=
Frame ID: D4ACA157C56C982BD6B12B62E272BB97
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjx225rZi1oqHAqbhtkarb6CN7zB2tba6SfX8UPvk9DAmxCtNEt3nDg0MDk78LZ4394lTD4b4L4Pfij3SIqXuJON7v5EKDaaHTom9gJ14nCSzZ_NYzUSRiG25cZ7taj4pa7T7OHZYAPe5_qyr8ndt2Ykg2zYO_-qWDjjppZ3v4mAb6nU3j9GqRsRpa8AhssrKXivvLHIG62APFFIiVnRH0_WvYLMgeL2RQjo_ekQFQJd0I2f04Ldn9I0HCR71iR2TQyPvHnWEKx8yNceyuBn0RhO7iJz2kldpMePP9kIZvxa_tBAPXXBC3pG8vkP6AvObXaPsY2S8CDg&sai=AMfl-YS6rheOcoUH0dpI_nTFeqvZVqJwcBbgAqjN0dscMX9bOogUUM6ELzpqruj3FJbM_C1BuctiCfrd9-P3EPtb8o0xkcIy3pOuV6EY9zng8EgyZHBJZx3GKZ75ni_pnbE&sig=Cg0ArKJSzPcdMLceSFNpEAE&adurl=
Frame ID: 8DE764F5A2ED29C2862CD082699E9F0E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM7GD_zCSq_flt_t9AjXgyTtpAl69humPXwQzIeRggZFkFo0XBZLs1yoWdS2n4Wb8da_bcqmMDe-r9tn3NMBkjieiub0aQYB21OA-comt-gIttEQ6HVAvIFj8qjQ-O-ey8YnehGPu9mYPm4OLfMrpOhnLBzPJNnVODfpKsFg6Tv4KaeHG63tmcR_Zt7XokHhbK4jOBId1vNrgnVEaatWpi1dbP-VA_7g11cq8eJHW8KIwTVlKXH5deN983VNF0HSY88OhJ0etZN4zJW_bdBHjoUGU_JCVyPKX4FbYD0uQGNseX-hqxVzCypUWBOmfrbVYh3bprpvMoMA&sai=AMfl-YQraSpci6KyPVm3ea2vrYZfeNFOLrK-RpCxvbEGsRXri9VS6BkWq48WeUITXssgnLo0AXvkDJQQOqzPr792dTcIUQTJyrQAb9ZbnLMpFe6_a6xG_dF-gKyiEpfOhpI&sig=Cg0ArKJSzOrMZvWK9EjLEAE&adurl=
Frame ID: 82164173F80AA639ECB16C25A5208048
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBADVme3rs_Oljez7VE7UIx9jXmN4Gbpl25j2WPYNSNhB0Bw9fK-8SnEmP82O7QvX8wdDv2pWsNamUepLKgYKl_OkQPEDGL3qij2tJz5cWX0G4vGNlIzyYEk3jyrn-Yt6zWGZFcbxUVB1QJvALDa33aNq4zsn42I4miEIiDYJQHFGpm1Ipgc6B7uV2MBQMbHEgr09CRnkpUfaPO-uOi0nvRXsmqGYbnoLxDHuSVlL4s_qaXiuv2ZtF-aTPUb0epB89j66AsYcGyG6xKzJzqPd4RifSxkrIsyzcAVr_t0ZYUvtRdQrM-HGxHOXDQMMtT7WfzOxcOZ6Fvg&sai=AMfl-YSBH8o5-WM792OUBF-EqsnWrXgOBc473MBw5GkN1xDP_KfF7qcX496jigw6KUdkPa1gH6icX0OeP0NuHHIMiX3Y6i8WBfB4utp2D4vsVScBeIKdFH2VDN03NzMc59Y&sig=Cg0ArKJSzMJsAp06mO8UEAE&adurl=
Frame ID: CCE70B1888E04CD12B96E9AC394E5B1E
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.thenewsherald.com
Frame ID: 1AEE0B1F1744C7EE78B7F05DA33285CC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2C4C5EB2C71AC9A5ACDFC40B9D1CB06D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F2C9DCC108DC48B51EEF91CD5D82BF26
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://a2journal.com/ HTTP 302
http://www.thenewsherald.com/ HTTP 301
https://www.thenewsherald.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

119
Requests

99 %
HTTPS

50 %
IPv6

32
Domains

44
Subdomains

38
IPs

4
Countries

2335 kB
Transfer

5878 kB
Size

0
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.legacy.com/obituaries/heritage/?_ga=2.75653526.2003150047.1624044399-1915874180.1621146819
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://www.michiganlottery.com/
Title: Lottery

Search URL Search Domain Scan URL

URL: https://marketplace.newspaperclassifiedsmi.com/
Title: Marketplace

Search URL Search Domain Scan URL

URL: https://businessdirectory.thenewsherald.com/marketplace/
Title: Business Directory

Search URL Search Domain Scan URL

URL: https://businessdirectory.thenewsherald.com/marketplace/todays_ads/
Title: Today’s Ads

Search URL Search Domain Scan URL

URL: https://adportal.newspaperclassifiedsmi.com/migroup-adportal/classified/index.html
Title: Place a Classified Ad

Search URL Search Domain Scan URL

URL: http://jobs.thenewsherald.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://facebook.com/The-News-Herald/298791049014
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/NewsHeraldMI
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/newsheraldmi
Title: Instagram

Search URL Search Domain Scan URL

URL: http://share.ntv.io/sponsored/dont-settle-for-government-surveillance-coins/?ntv_a=ZMwGAA4hNA1BwRA
Title:

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/
Title: MediaNews Group

Search URL Search Domain Scan URL

URL: https://digitalfirstmedia.wd5.myworkdayjobs.com/MNG
Title: Work With Us

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/advertise-with-us/
Title: MediaNews Group Advertising

Search URL Search Domain Scan URL

URL: http://www.pressandguide.com/
Title: Press & Guide

Search URL Search Domain Scan URL

URL: https://www.voicenews.com/
Title: The Voice

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/copyright/
Title: Copyright 2021 MediaNews Group, Inc.

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/arbitration/
Title: Arbitration

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/
Title: Powered by WordPress.com VIP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://a2journal.com/ HTTP 302
http://www.thenewsherald.com/ HTTP 301
https://www.thenewsherald.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1628655689135&ns_c=UTF-8&c8=The%20News%20Herald%20%E2%80%93%20Southgate%2C%20MI%20News%2C%20Sports%2C%20Weather%20%26%20Things%20to%20Do&c7=https%3A%2F%2Fwww.thenewsherald.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1628655689135&ns_c=UTF-8&c8=The%20News%20Herald%20%E2%80%93%20Southgate%2C%20MI%20News%2C%20Sports%2C%20Weather%20%26%20Things%20to%20Do&c7=https%3A%2F%2Fwww.thenewsherald.com%2F&c9=

Request Chain 116

https://sb.scorecardresearch.com/c2/6035443/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 121

https://gum.criteo.com/sid/json?origin=publishertag&domain=thenewsherald.com&sn=ChromeSyncframe&so=0&topUrl=www.thenewsherald.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=F1pUw3xiT1A5cDl3ZjlnVlgzVHYvZEMzWTdiT1ZmUER3MldsRUFCYjlLUktRZ1VxQVZhWTlIQWdwcXBuUklBTTZybUFuVkhNd1lRS1RCeWlMUXNnMUk3KzZ1Qkd2ZDI5Y3NxOWFjc0taZDJLQmQrZnRROUpNYXZPU09yV3lQN1BaOE5KbkhIbU1aR1FJUGZaOGZuRkVEVnVUYmdpbVd3TTR0S2RXaW8vVHgxdWFYOXlOSlJPUUNrMDBtWk81YVRlMS9aSS8wbGxlK3pQMHNxL3IrcllXaTc1YkVDbklqZm93TUF1d3g3ZnRLY2g4Nm9helh2clAzS2l4V1B6QlM3d1dEY2owZi9CTXNNdWxaSGowOFh4c0pZQVkydz09fA&cppv=2

119 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thenewsherald.com/
Redirect Chain

http://a2journal.com/
http://www.thenewsherald.com/
https://www.thenewsherald.com/

206 KB
41 KB

84ms
27ms

Document
text/html

192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenewsherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

dd8500332bf3704965f6a75ebaf2a3c401d9e9b87c3c18c5c50615884d194c36

Security Headers

Name

Value

Content-Security-Policy

default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Request headers

:method: GET
:authority: www.thenewsherald.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

server: nginx
date: Wed, 11 Aug 2021 04:21:27 GMT
content-type: text/html; charset=UTF-8
content-length: 40777
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.thenewsherald.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/d2U47>; rel=shortlink
content-encoding: gzip
x-rq: hhn2 0 2 9980
cache-control: max-age=300, must-revalidate
age: 275
x-cache: hit
vary: Accept-Encoding
accept-ranges: bytes

Redirect headers

Server: nginx
Date: Wed, 11 Aug 2021 04:21:27 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.thenewsherald.com/

GET
H2 200 /
www.thenewsherald.com/_static/ 94 KB
14 KB 29ms
27ms Stylesheet
text/css 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewsherald.com/_static/??-eJyNj0sOwjAMRC+EsYDyWyDEUVLHKgYnqeJUKLcnqJt2x2o0mvcWg58RJJJOng3JDL1YwV4TvUGlzy5XtFKVt0HitgEbXBovw8BeHCsHjmVVRnWVMygPjup/etuWfSVRiuXHkEoLCBOMOg0SDS0TPryhM+MyvwipF2Vw/skmKcJ8oS33cNud9pdjd+6uhy96MV30
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4362beb9c95b7eea7208a013293a5a210bba089fe41f3b157a81ab94682f618a

Request headers

:path: /_static/??-eJyNj0sOwjAMRC+EsYDyWyDEUVLHKgYnqeJUKLcnqJt2x2o0mvcWg58RJJJOng3JDL1YwV4TvUGlzy5XtFKVt0HitgEbXBovw8BeHCsHjmVVRnWVMygPjup/etuWfSVRiuXHkEoLCBOMOg0SDS0TPryhM+MyvwipF2Vw/skmKcJ8oS33cNud9pdjd+6uhy96MV30
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:27 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Mon, 09 Aug 2021 22:18:13 GMT
server: nginx
age: 104413
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14133

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1011 B 35ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=5.8

Requested by

Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3aa29d6340c1d354b2594b02413c66ec2775832ca183a3787514b03215069157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.thenewsherald.com
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 04:21:27 GMT
server: ESF
date: Wed, 11 Aug 2021 04:21:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Aug 2021 04:21:27 GMT

GET
H2 200 /
www.thenewsherald.com/_static/ 86 KB
17 KB 33ms
31ms Stylesheet
text/css 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewsherald.com/_static/??-eJyNjEsKgDAMBS9kTauo3YhnkRqK2k8gKeLtrQv37h7DzIOLlMtJMAnEoigUvyeGA4VWdyqjWw0xbyUgw7VvHoVBMinKXBfLHbB1zA38+KneB95mibMZO2uGqbf6AWMeMCI=
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c695c464e7b164a6e4a7d0fb695b615d947828135114fe1d1ef8acd82d3ee1

Request headers

:path: /_static/??-eJyNjEsKgDAMBS9kTauo3YhnkRqK2k8gKeLtrQv37h7DzIOLlMtJMAnEoigUvyeGA4VWdyqjWw0xbyUgw7VvHoVBMinKXBfLHbB1zA38+KneB95mibMZO2uGqbf6AWMeMCI=
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:27 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Thu, 05 Aug 2021 09:56:20 GMT
server: nginx
age: 456908
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 17618

GET
H2 200 sso-tools.min.js Show response
www.thenewsherald.com/wp-content/client-mu-plugins/src/SSO/assets/js/ 5 KB
2 KB 37ms
35ms Script
application/javascript 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewsherald.com/wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1628088843g
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: af67e6d6566ed18d58231218b42e4c563d550f4cba2fdcb8351e221d020057af

Request headers

:path: /wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1628088843g
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:27 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Wed, 04 Aug 2021 14:54:03 GMT
server: nginx
age: 466438
etag: W/"610aaa0b-151c"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1458
expires: Thu, 11 Aug 2022 04:21:27 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
88 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Requested by

Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 18:37:48 GMT
x-content-type-options: nosniff
age: 121419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89476
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 18:37:48 GMT

GET
H2 200 / Show response
www.thenewsherald.com/_static/ 8 KB
2 KB 38ms
36ms Script
application/javascript 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewsherald.com/_static/??-eJzTLy/QTc7PK0nNK9EvyClNz8wr1k9M0c1JrEwtKtbPQuLopqQV6GUV6+gTrQOo2j7X1tDMyMLAyNDEwigLAKv5Jrk=
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 486e7061a989cf1c6834390c0fdc9a8d181f9179efe68fe8c35c254ff2d49de6

Request headers

:path: /_static/??-eJzTLy/QTc7PK0nNK9EvyClNz8wr1k9M0c1JrEwtKtbPQuLopqQV6GUV6+gTrQOo2j7X1tDMyMLAyNDEwigLAKv5Jrk=
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:27 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Tue, 03 Aug 2021 20:11:22 GMT
server: nginx
age: 115134
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2421

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 351 KB
70 KB 1152ms
1086ms Script
application/javascript 99.86.4.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=Mr4wSkZIapeF8TmatKcHWDmGX9a5dwW92QON&ver=5.8
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-81.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b748b68db03e4ea32ffda55c871e9066f416ce13e1841f109171677a996802b

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 03:07:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"e9ea03e4997bd2cec737780070512c0c"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: 33tVFOgUUGLP5nBWQR-GpaCoGrsnEfRglkaSPd2Kps6G5wxMukE3tQ==

GET
H2 200 dfm-pushly.min.js Show response
www.thenewsherald.com/wp-content/plugins/dfm-pushly/static/js/ 160 B
237 B 37ms
36ms Script
application/javascript 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewsherald.com/wp-content/plugins/dfm-pushly/static/js/dfm-pushly.min.js?m=1628021483g
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0

Request headers

:path: /wp-content/plugins/dfm-pushly/static/js/dfm-pushly.min.js?m=1628021483g
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:27 GMT
x-rq: hhn2 0 2 9980
last-modified: Tue, 03 Aug 2021 20:11:23 GMT
server: nginx
age: 115134
etag: "6109a2eb-a0"
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 160
expires: Thu, 11 Aug 2022 04:21:27 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ 389 KB
83 KB 48ms
13ms Script
application/javascript 2600:9000:211e:f400:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Requested by

Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:f400:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

3cc60560fce1a83f47edff6103dcb11c53d6d3cf57a41d11c6d352f88b9f61a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 20:52:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26911
x-cache: Hit from cloudfront
content-length: 84620
x-xss-protection: mode=block
last-modified: Tue, 10 Aug 2021 20:52:16 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "33c71f95565b696bd028cd00ddbe674c"
strict-transport-security: max-age=2592000
content-type: application/javascript; charset=utf-8
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: ZmHpklxRWkiw_TNjgrxrKOAKzUYWETy0f_08dE4Kj5CxLjKqbjgoMg==

GET
H/1.1 200
OK mg2nw.min.js Show response
prodmg2.blob.core.windows.net/newsletterwidget/mngcep/ 142 KB
143 KB 516ms
112ms Script
application/javascript 13.82.152.48
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prodmg2.blob.core.windows.net/newsletterwidget/mngcep/mg2nw.min.js
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.82.152.48 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1994c60967493250d994f00dac0d8fa3b6ac442a090bc147691e0ce948f5b26c

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Aug 2021 04:21:27 GMT
Last-Modified: Wed, 26 May 2021 12:25:15 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: UAPhrGrDHF720fH0zq0Q6Q==
ETag: 0x8D9204150CC0C86
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 3e82aaba-101e-0036-3668-8e8b2d000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 145533

GET
H/1.1 200
OK 185707-192819229389900.js Show response
js-sec.indexww.com/ht/p/ 145 KB
40 KB 822ms
746ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d291e19bc493b58f49dd2322bd5e7b4a381ddb12db0400b1090db28b1a58681d

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 04:21:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Aug 2021 04:20:30 GMT
Server: Apache
ETag: "902818-24543-5c940f052e9ed"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3599
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 40734
Expires: Wed, 11 Aug 2021 05:21:28 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
25 KB 45ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

185af343fe43fa051254ebb9a1cccfbeef76d9641fc62da7f047d55a085ecea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "955 / 438 of 1000 / last-modified: 1628633652"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25131
x-xss-protection: 0
expires: Wed, 11 Aug 2021 04:21:28 GMT

GET
H2 200 modernearthy.css
www.thenewsherald.com/wp-content/themes/assets/static/css/ 361 KB
57 KB 58ms
57ms Stylesheet
text/css 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewsherald.com/wp-content/themes/assets/static/css/modernearthy.css?ver=1628021483
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 13a6caa9ee89b65ebef98247e903d299280c1d32eda5785a95d5fae0ff56f91a

Request headers

:path: /wp-content/themes/assets/static/css/modernearthy.css?ver=1628021483
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:28 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Mon, 09 Aug 2021 20:10:32 GMT
server: nginx
age: 115083
etag: W/"61118bb8-5a437"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 57957
expires: Thu, 11 Aug 2022 04:21:28 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.thenewsherald.com/wp-includes/js/ 18 KB
5 KB 58ms
57ms Script
application/javascript 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewsherald.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:28 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Tue, 20 Jul 2021 17:58:32 GMT
server: nginx
age: 1832976
etag: W/"60f70ec8-4705"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4998
expires: Thu, 11 Aug 2022 04:21:28 GMT

GET
H2 200 News-HeraldMI-logo.png
www.thenewsherald.com/wp-content/uploads/2021/06/ 290 KB
291 KB 29ms
28ms Image
image/png 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewsherald.com/wp-content/uploads/2021/06/News-HeraldMI-logo.png
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9dd097769c6b71f1957d8d36b5a19c52e12f23fab71c5f7dda3551bfd1a32014

Request headers

:path: /wp-content/uploads/2021/06/News-HeraldMI-logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:28 GMT
x-rq: hhn2 109 86 443
last-modified: Mon, 21 Jun 2021 18:44:56 GMT
server: nginx
etag: "794d39352971a87f"
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 297316
expires: Fri, 24 Jun 2022 04:30:40 GMT

GET
H2 200 / Show response
www.thenewsherald.com/_static/ 18 KB
8 KB 28ms
28ms Script
application/javascript 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewsherald.com/_static/??/wp-content/plugins/photonfill/vendor/picturefill.min.js,/wp-content/plugins/photonfill/vendor/lazysizes.min.js?m=1628021483j
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4d5f2c09a690b52d4d5aacf685ce7e137ef476f335b705223373f6a986bcb287

Request headers

:path: /_static/??/wp-content/plugins/photonfill/vendor/picturefill.min.js,/wp-content/plugins/photonfill/vendor/lazysizes.min.js?m=1628021483j
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:28 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Tue, 03 Aug 2021 20:11:23 GMT
server: nginx
age: 115134
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7899

GET
H2 200 ads.js Show response
www.thenewsherald.com/wp-content/themes/wp-mason/static/js/ 87 B
208 B 28ms
28ms Script
application/javascript 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewsherald.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969

Request headers

:path: /wp-content/themes/wp-mason/static/js/ads.js?ver=1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:28 GMT
x-rq: hhn2 177 253 80
last-modified: Mon, 21 Jun 2021 21:37:08 GMT
server: nginx
age: 4146647
etag: "60d10684-57"
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 87
expires: Thu, 11 Aug 2022 04:21:28 GMT

GET
H2 200 / Show response
www.thenewsherald.com/_static/ 98 KB
28 KB 29ms
29ms Script
application/javascript 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewsherald.com/_static/??-eJyVyzsOwjAMANALQSxagcqAOIsJhiT4U9VGqLenA0MnBOuTHrzGbTYN0oAoJOSA7hQOHhg1Q3PIJmKacnnqI0nV1HwDP7zReL5VZv8niV1pUsIpyvzlLSLopqt5Z7sgf85ZTrtDN+z749B37Q1ZPVVH
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5dfbbbdb34bba4d26aa6997dca6eb32bb14418f105dd58172df84b3d6580c8f9

Request headers

:path: /_static/??-eJyVyzsOwjAMANALQSxagcqAOIsJhiT4U9VGqLenA0MnBOuTHrzGbTYN0oAoJOSA7hQOHhg1Q3PIJmKacnnqI0nV1HwDP7zReL5VZv8niV1pUsIpyvzlLSLopqt5Z7sgf85ZTrtDN+z749B37Q1ZPVVH
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:28 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Mon, 09 Aug 2021 20:10:32 GMT
server: nginx
age: 115134
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 28653

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 371 KB
109 KB 152ms
65ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ad39c6a1b09e253bd1b3a9e89ec01e9e5016648d3b47a7f5f0b93ae52e69d811

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 04:21:29 GMT
Content-Encoding: gzip
x-amz-request-id: 4SJ2FFB77E55AFF8
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: Y/sHgB45zCIatTip7niQqSSMI0HCi3/GuRVo4cHL4TqYyBQT9xcS7Fc1n7EY5aV25zV/m51iGwQ=
Last-Modified: Wed, 04 Aug 2021 14:17:16 GMT
Server: AmazonS3
ETag: "2961bf28a7d4c32f1b84975c0cd9b1e7"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 / Show response
www.thenewsherald.com/_static/ 2 KB
910 B 28ms
27ms Script
application/javascript 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewsherald.com/_static/??/wp-content/themes/wp-mason/static/js/logo-img-attr.min.js,/wp-includes/js/wp-embed.min.js?m=1628547493j
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e495b3895c84a5a975d1dd28e402554288ba25172ac0bf57aa577eac8b3cf79d

Request headers

:path: /_static/??/wp-content/themes/wp-mason/static/js/logo-img-attr.min.js,/wp-includes/js/wp-embed.min.js?m=1628547493j
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:28 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Mon, 09 Aug 2021 22:18:13 GMT
server: nginx
age: 75001
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 861

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thenewsherald.com/ 50 KB
19 KB 113ms
37ms Script
application/javascript 52.84.254.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thenewsherald.com/p.js?ver=2.5.0
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.254.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-254-59.mrs52.r.cloudfront.net
Software: nginx /
Resource Hash: 8e58de0f702f009e49520a5b938fd5d2c80d7c607a1639e1eb40b637f717d9f2

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: public
date: Tue, 10 Aug 2021 05:30:45 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 18:41:07 GMT
server: nginx
age: 82243
etag: W/"610adf43-c8b1"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d3dc7fce70a4cf01f01f6bf06755098c.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: MRS52-P2
x-amz-cf-id: ZC7PB6-ci65x32MrgRcaAMh3fRpr8W7q1-MK8LEw89E4KBjAX6YwSQ==
expires: Wed, 11 Aug 2021 05:30:45 GMT

GET
H2 200 e-202132.js Show response
stats.wp.com/ 9 KB
3 KB 60ms
18ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202132.js
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-nc: HIT cdg
date: Wed, 11 Aug 2021 04:21:28 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 31 Jul 2022 22:40:53 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 101ms
36ms Script
application/javascript 52.84.44.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.44.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-44-170.mrs52.r.cloudfront.net
Software: Server /
Resource Hash: e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-version-id: cdBhoWYDE8U.miXtMaq72_QdUztpgDZw
content-encoding: gzip
server: Server
age: 579
etag: f8520ea4ebd91256d6b4f461d472242a
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 51f76c8cc795edfca51e07563f87887d.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Wed, 11 Aug 2021 04:11:49 GMT
x-amz-cf-pop: MRS52-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 6iI5PL7J9849eFli2zq6JgNmTezcgjsidB5NFJfylgfCPdmiKZUy0A==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 402 KB
84 KB 64ms
42ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Requested by

Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7313338c143c8ddd48d725ff90906bcaa655f492f1d60f3418970481c68ff338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85057
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 11 Aug 2021 04:21:28 GMT

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141

Request headers

Origin: https://www.thenewsherald.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: font/truetype

GET wordpress.asp
marketplace.digitalfirstmedia.com/promos/ Frame 5754 0
0

GET
H2 200 pubads_impl_2021080501.js Show response
securepubads.g.doubleclick.net/gpt/ 328 KB
115 KB 101ms
36ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

999dd215435801026f51fb5847df0b1127bd49541ef7d9aeb8b799a9669d8c56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 08:37:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116820
x-xss-protection: 0
expires: Wed, 11 Aug 2021 04:21:29 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 161 B
766 B 101ms
36ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thenewsherald.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ab3e8e0a96f1443da691215a577c803ff484fae50d0ffdb07934fb9a1d0f0a08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109
x-xss-protection: 0
expires: Wed, 11 Aug 2021 04:21:29 GMT

GET
H2 200 common.chunk.min.js Show response
www.thenewsherald.com/wp-content/themes/assets/static/js/ 42 KB
10 KB 28ms
27ms Script
application/javascript 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewsherald.com/wp-content/themes/assets/static/js/common.chunk.min.js
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/_static/??-eJyVyzsOwjAMANALQSxagcqAOIsJhiT4U9VGqLenA0MnBOuTHrzGbTYN0oAoJOSA7hQOHhg1Q3PIJmKacnnqI0nV1HwDP7zReL5VZv8niV1pUsIpyvzlLSLopqt5Z7sgf85ZTrtDN+z749B37Q1ZPVVH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: dbae94cba2ba3d07d6ae6e79a7c60c4efc36deb442e193ab18e0fd0cd4d97eef

Request headers

:path: /wp-content/themes/assets/static/js/common.chunk.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: gzip
x-rq: hhn2 177 253 80
last-modified: Wed, 23 Jun 2021 21:06:38 GMT
server: nginx
age: 4146646
etag: W/"60d3a25e-a62f"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10587
expires: Thu, 11 Aug 2022 04:21:29 GMT

GET
H2 200 common-async.chunk.min.js Show response
www.thenewsherald.com/wp-content/themes/assets/static/js/ 56 KB
8 KB 28ms
28ms Script
application/javascript 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewsherald.com/wp-content/themes/assets/static/js/common-async.chunk.min.js
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/_static/??-eJyVyzsOwjAMANALQSxagcqAOIsJhiT4U9VGqLenA0MnBOuTHrzGbTYN0oAoJOSA7hQOHhg1Q3PIJmKacnnqI0nV1HwDP7zReL5VZv8niV1pUsIpyvzlLSLopqt5Z7sgf85ZTrtDN+z749B37Q1ZPVVH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ea03e7bb14df931f8a649756cffe9465c815aa0efc23acce14b50e21c3d20ad

Request headers

:path: /wp-content/themes/assets/static/js/common-async.chunk.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: gzip
x-rq: hhn2 177 253 80
last-modified: Wed, 23 Jun 2021 21:06:38 GMT
server: nginx
age: 4146645
etag: W/"60d3a25e-e145"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8564
expires: Thu, 11 Aug 2022 04:21:29 GMT

GET
H2 200 modernearthy-async.chunk.min.js Show response
www.thenewsherald.com/wp-content/themes/assets/static/js/ 5 KB
2 KB 28ms
28ms Script
application/javascript 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewsherald.com/wp-content/themes/assets/static/js/modernearthy-async.chunk.min.js
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/_static/??-eJyVyzsOwjAMANALQSxagcqAOIsJhiT4U9VGqLenA0MnBOuTHrzGbTYN0oAoJOSA7hQOHhg1Q3PIJmKacnnqI0nV1HwDP7zReL5VZv8niV1pUsIpyvzlLSLopqt5Z7sgf85ZTrtDN+z749B37Q1ZPVVH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 99ff0f06144001dc0b81b59a9c58560585a9567ebde6e9f465fab855929263e3

Request headers

:path: /wp-content/themes/assets/static/js/modernearthy-async.chunk.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: gzip
x-rq: hhn2 177 253 80
last-modified: Wed, 23 Jun 2021 21:06:38 GMT
server: nginx
age: 4146645
etag: W/"60d3a25e-133c"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1492
expires: Thu, 11 Aug 2022 04:21:29 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 400ms
98ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1628655689037&plid=84839780&idsite=thenewsherald.com&url=https%3A%2F%2Fwww.thenewsherald.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.thenewsherald.com%2F&sref=&sts=1628655689035&slts=0&title=The+News+Herald+%E2%80%93+Southgate%2C+MI+News%2C+Sports%2C+Weather+%26+Things+to+Do&date=Wed+Aug+11+2021+06%3A21%3A29+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=20630434&u=pid%3D27383655b34b848a781166ab2966de2b
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 04:21:29 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 11-Aug-2021 04:21:29 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
115 B 19ms
18ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.0&blog=192784543&post=0&tz=-4&srv=www.thenewsherald.com&host=www.thenewsherald.com&ref=&fcp=1659&rand=0.9232128192924922
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 dab3e1c6f6e5e5becfbc3874c8063e64.jpg
www.thenewsherald.com/wp-content/uploads/2020/05/ 51 KB
51 KB 142ms
141ms Image
image/webp 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewsherald.com/wp-content/uploads/2020/05/dab3e1c6f6e5e5becfbc3874c8063e64.jpg?w=535
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: da78d141b0313472cd2fc65694ca14e6848c2999b681885f29de5a6b801942c6

Request headers

:path: /wp-content/uploads/2020/05/dab3e1c6f6e5e5becfbc3874c8063e64.jpg?w=535
pragma: no-cache
cookie: test; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.thenewsherald.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1628655689035%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=27383655b34b848a781166ab2966de2b%22%2C%22session_count%22:1%2C%22last_session_ts%22:1628655689035}
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
x-rq: hhn2 109 195 443
last-modified: Wed, 11 Aug 2021 04:21:29 GMT
server: nginx
etag: "46a3d65a15917c64"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 52224
expires: Thu, 11 Aug 2022 04:21:29 GMT

GET
H2 200 NHS-L-VanFire00815-02-e1628647176554.jpg
www.thenewsherald.com/wp-content/uploads/2021/08/ 16 KB
16 KB 120ms
119ms Image
image/webp 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewsherald.com/wp-content/uploads/2021/08/NHS-L-VanFire00815-02-e1628647176554.jpg?w=370
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c32bd7b5f038fed72808e226c5900753132d469884c0533817e9c48328c8ef9

Request headers

:path: /wp-content/uploads/2021/08/NHS-L-VanFire00815-02-e1628647176554.jpg?w=370
pragma: no-cache
cookie: test; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.thenewsherald.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1628655689035%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=27383655b34b848a781166ab2966de2b%22%2C%22session_count%22:1%2C%22last_session_ts%22:1628655689035}
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
x-rq: hhn2 109 32 443
last-modified: Wed, 11 Aug 2021 04:21:29 GMT
server: nginx
etag: "dfd49df53a6668ca"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16202
expires: Thu, 11 Aug 2022 04:21:29 GMT

GET
H2 200 0A10B8E9-46A5-41F5-A50F-12BDFC7279AB_1_201_a.jpg
www.thenewsherald.com/wp-content/uploads/2021/08/ 23 KB
23 KB 302ms
301ms Image
image/webp 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewsherald.com/wp-content/uploads/2021/08/0A10B8E9-46A5-41F5-A50F-12BDFC7279AB_1_201_a.jpg?w=323
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ee833de2d9680f7291a7d3d4e55ed18492d09bb3123b2e427676578d13aefb65

Request headers

:path: /wp-content/uploads/2021/08/0A10B8E9-46A5-41F5-A50F-12BDFC7279AB_1_201_a.jpg?w=323
pragma: no-cache
cookie: test; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.thenewsherald.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1628655689035%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=27383655b34b848a781166ab2966de2b%22%2C%22session_count%22:1%2C%22last_session_ts%22:1628655689035}
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
x-rq: hhn2 109 139 443
last-modified: Wed, 11 Aug 2021 04:21:29 GMT
server: nginx
etag: "75ec041fa165192e"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23902
expires: Thu, 11 Aug 2022 04:21:29 GMT

GET
H2 200 NHS-L-KeepHopeAlive-0811-04.jpg
www.thenewsherald.com/wp-content/uploads/2021/08/ 5 KB
5 KB 29ms
28ms Image
image/webp 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewsherald.com/wp-content/uploads/2021/08/NHS-L-KeepHopeAlive-0811-04.jpg?w=323
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 372930d7d823798ce39df56c2644c2220c97c25413f91570e74ea03b36106617

Request headers

:path: /wp-content/uploads/2021/08/NHS-L-KeepHopeAlive-0811-04.jpg?w=323
pragma: no-cache
cookie: test; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.thenewsherald.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1628655689035%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=27383655b34b848a781166ab2966de2b%22%2C%22session_count%22:1%2C%22last_session_ts%22:1628655689035}
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
x-rq: hhn2 109 198 443
last-modified: Tue, 10 Aug 2021 20:57:12 GMT
server: nginx
etag: "bbcf8ac2efdaca6f"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5176
expires: Wed, 10 Aug 2022 20:57:12 GMT

GET
H2 200 NHS-L-JoshuaStevens-0811-01-e1628615925743.jpg
www.thenewsherald.com/wp-content/uploads/2021/08/ 10 KB
11 KB 29ms
28ms Image
image/webp 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewsherald.com/wp-content/uploads/2021/08/NHS-L-JoshuaStevens-0811-01-e1628615925743.jpg?w=194
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e7792b8590d9e36bf7fcab8b4fafe6e08e7ed3d7e0761607af149f2ecdd49e9a

Request headers

:path: /wp-content/uploads/2021/08/NHS-L-JoshuaStevens-0811-01-e1628615925743.jpg?w=194
pragma: no-cache
cookie: test; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.thenewsherald.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1628655689035%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=27383655b34b848a781166ab2966de2b%22%2C%22session_count%22:1%2C%22last_session_ts%22:1628655689035}
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
x-rq: hhn2 109 200 443
last-modified: Tue, 10 Aug 2021 18:21:46 GMT
server: nginx
etag: "65810d385d08bec9"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10682
expires: Wed, 10 Aug 2022 18:21:46 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
434 B 145ms
144ms XHR
text/plain 52.84.44.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/cdn/prod/config?src=3391&u=https%3A%2F%2Fwww.thenewsherald.com%2F

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.44.170 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-44-170.mrs52.r.cloudfront.net

Software

Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
via: 1.1 51f76c8cc795edfca51e07563f87887d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MRS52-P1
x-amz-rid: 1XW780KN04J8RR214K6B
vary: Accept-Encoding
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.thenewsherald.com
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
x-amz-cf-id: zCNogBK2HOHEc3fpeDQOAHm7j7AiIWMstuzCYovn9lBbbZPfm7b0Fg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
374 B 153ms
152ms XHR
text/javascript 52.84.44.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3391&u=https%3A%2F%2Fwww.thenewsherald.com%2F&pid=8QzPniLy9Recr&cb=0&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-SBB%22%2C%22s%22%3A%5B%22970x30%22%2C%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-interstitial%22%2C%22s%22%3A%5B%221x1%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-top_leaderboard%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22970x30%22%2C%22300x50%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube1_RRail_ATF%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%2C%22160x600%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube2_RRail_mid%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube3_RRail_lower%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube3b_Flex%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube4_BottomLine%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube_Article%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-bottom_leaderboard%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Sponsorship_1%22%2C%22s%22%3A%5B%22300x50%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Sponsorship_2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22300x50%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Sponsorship_3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22300x50%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Sponsorship_4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22300x50%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-mobile_adhesion%22%2C%22s%22%3A%5B%22300x50%22%2C%22320x50%22%2C%22728x90%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.44.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-44-170.mrs52.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
via: 1.1 51f76c8cc795edfca51e07563f87887d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MRS52-P1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thenewsherald.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: -jTQmWoCVvQGpjmXh_3ZWP10h__mtk78rOQ9crKzfihcsQ7zIOtcsA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 95ms
32ms XHR
application/javascript 52.84.44.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.44.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-44-170.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-version-id: UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 68950
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 01 Jul 2021 22:05:10 GMT
server: AmazonS3
date: Tue, 10 Aug 2021 09:12:20 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 0ea0aa067bccec2bca8820a976e6164b.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: MRS52-P1
x-amz-cf-id: u2EISSyyx48K9PN4OB8qiTW0Dz_ubhzC91T7QkIBBmPRA-iWcRNU_A==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 2695
date: Wed, 11 Aug 2021 03:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Wed, 11 Aug 2021 05:36:34 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thenewsherald.com/ 50 KB
19 KB 37ms
37ms Script
application/javascript 52.84.254.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thenewsherald.com/p.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.254.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-254-59.mrs52.r.cloudfront.net
Software: nginx /
Resource Hash: 8e58de0f702f009e49520a5b938fd5d2c80d7c607a1639e1eb40b637f717d9f2

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: public
date: Tue, 10 Aug 2021 05:30:45 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 18:41:07 GMT
server: nginx
age: 82244
etag: W/"610adf43-c8b1"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d3dc7fce70a4cf01f01f6bf06755098c.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: MRS52-P2
x-amz-cf-id: XYRvZmn_QOoiPyXz_9im7T2xzA72n4Um7R81_ih8yLZ0DtxeTHAhuQ==
expires: Wed, 11 Aug 2021 05:30:45 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 24ms
7ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 18 Aug 2021 04:21:29 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 20ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: ZugtERmFTIk0bmrDocw4Ow63r10M+Zwwk7kjP9M8ztQIRN9EpUtivls6/2kUpYSblJEmwKsKfSFdBM5TjMRibQ==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Wed, 11 Aug 2021 04:21:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dm.js Show response
tag.durationmedia.net/pubs/1000032/ 24 KB
8 KB 472ms
429ms Script
application/javascript 2600:9000:21a1:a600:10:ce97:9fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.durationmedia.net/pubs/1000032/dm.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a1:a600:10:ce97:9fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fdf2977c4059ef04b96a95516683080b5638115ff47f5c850babff2c3d8719ee

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-version-id: OGx9Ks9Yo4GlDO7KK.DejbMd.iVCvVNb
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 17:45:24 GMT
server: AmazonS3
x-amz-cf-pop: MUC51-C1
etag: "c051080b81c02655d16d2ded325fab9c"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 d2a533a811199647ab596e15f24c5cce.cloudfront.net (CloudFront)
cache-control: public,max-age=900
date: Wed, 11 Aug 2021 04:21:30 GMT
accept-ranges: bytes
content-length: 7815
x-amz-cf-id: fC6Yej4naCKY27-teee1HyK3hHGACePFc_6tMTR07ySX3bgxT5iMng==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1628655689135&ns_c=UTF-8&c8=The%20News%20Herald%20%E2%80%93%20Southgate%2C%20MI%20News%2C%20Sports%2C%20Weather%20%26%20Things%20to%20Do&c7=...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1628655689135&ns_c=UTF-8&c8=The%20News%20Herald%20%E2%80%93%20Southgate%2C%20MI%20News%2C%20Sports%2C%20Weather%20%26%20Things%20to%20Do&c7...

64 B
329 B

47ms
46ms

Image
image/gif

13.224.96.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1628655689135&ns_c=UTF-8&c8=The%20News%20Herald%20%E2%80%93%20Southgate%2C%20MI%20News%2C%20Sports%2C%20Weather%20%26%20Things%20to%20Do&c7=https%3A%2F%2Fwww.thenewsherald.com%2F&c9=
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-53.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: Y163RIAcbAUTnraDyHIk3KpDh951Ur-CFBhsZ3b3zp9DHD94iOhapQ==

Redirect headers

date: Wed, 11 Aug 2021 04:21:29 GMT
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1628655689135&ns_c=UTF-8&c8=The%20News%20Herald%20%E2%80%93%20Southgate%2C%20MI%20News%2C%20Sports%2C%20Weather%20%26%20Things%20to%20Do&c7=https%3A%2F%2Fwww.thenewsherald.com%2F&c9=
content-length: 262
x-amz-cf-id: ZI_oQI-sG6RwX301wO2GUVegQxEE6dQC3PZ1Pa5OQ8nAvKt8G3c4Jg==

GET
H2 200 t Show response
jadserve.postrelease.com/ 18 KB
4 KB 441ms
241ms Script
text/javascript 18.214.172.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.thenewsherald.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-172-53.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: dc10a1d5400b43cc621aa1974366897dc89b74bf2b0b7be10c4d1767115f90b4

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 3318
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thenewsherald.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thenewsherald.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 close_54x54.png
www.thenewsherald.com/wp-content/client-mu-plugins/src/Ads/assets/img/ 1 KB
1 KB 29ms
29ms Image
image/png 192.0.66.168
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewsherald.com/wp-content/client-mu-plugins/src/Ads/assets/img/close_54x54.png
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/_static/??-eJyNj0sOwjAMRC+EsYDyWyDEUVLHKgYnqeJUKLcnqJt2x2o0mvcWg58RJJJOng3JDL1YwV4TvUGlzy5XtFKVt0HitgEbXBovw8BeHCsHjmVVRnWVMygPjup/etuWfSVRiuXHkEoLCBOMOg0SDS0TPryhM+MyvwipF2Vw/skmKcJ8oS33cNud9pdjd+6uhy96MV30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.168 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 76db8eaafd56a116fa9f722f596da45b0ef936a6975861fe6b481fe3bccd2398

Request headers

:path: /wp-content/client-mu-plugins/src/Ads/assets/img/close_54x54.png
pragma: no-cache
cookie: test; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.thenewsherald.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1628655689035%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=27383655b34b848a781166ab2966de2b%22%2C%22session_count%22:1%2C%22last_session_ts%22:1628655689035}; ntvSession={}
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thenewsherald.com
referer: https://www.thenewsherald.com/_static/??-eJyNj0sOwjAMRC+EsYDyWyDEUVLHKgYnqeJUKLcnqJt2x2o0mvcWg58RJJJOng3JDL1YwV4TvUGlzy5XtFKVt0HitgEbXBovw8BeHCsHjmVVRnWVMygPjup/etuWfSVRiuXHkEoLCBOMOg0SDS0TPryhM+MyvwipF2Vw/skmKcJ8oS33cNud9pdjd+6uhy96MV30
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thenewsherald.com/_static/??-eJyNj0sOwjAMRC+EsYDyWyDEUVLHKgYnqeJUKLcnqJt2x2o0mvcWg58RJJJOng3JDL1YwV4TvUGlzy5XtFKVt0HitgEbXBovw8BeHCsHjmVVRnWVMygPjup/etuWfSVRiuXHkEoLCBOMOg0SDS0TPryhM+MyvwipF2Vw/skmKcJ8oS33cNud9pdjd+6uhy96MV30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
x-rq: hhn2 177 253 80
last-modified: Mon, 21 Jun 2021 21:37:07 GMT
server: nginx
age: 4146645
etag: "60d10683-547"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1351
expires: Thu, 11 Aug 2022 04:21:29 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 172 KB
23 KB 546ms
546ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=704745063681041&correlator=2914782596710989&output=ldjh&impl=fifs&eid=31062147%2C31062218%2C20211866&vrg=2021080501&ptt=17&sc=1&sfv=1-0-38&ecs=20210811&iu_parts=8013%2Cthenewsherald.com%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%7C300x1050%7C160x600%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%7C970x90%7C970x250%2C300x50%2C970x250%7C728x90%7C970x90%2C970x250%7C970x90%7C728x90%2C970x250%7C970x90%7C728x90%2C728x90&prev_scp=POS%3Dinterstitial%26kv%3Dhome%26RPN%3D95%26rurl%3Dhttp%253A%252F%252Fwww.thenewsherald.com%252F%26amznbid%3D2%26amznp%3D2%7CPOS%3Dtop_leaderboard%26kv%3Dhome%26RPN%3D95%26rurl%3Dhttp%253A%252F%252Fwww.thenewsherald.com%252F%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube1_RRail_ATF%26kv%3Dhome%26RPN%3D95%26rurl%3Dhttp%253A%252F%252Fwww.thenewsherald.com%252F%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube2_RRail_mid%26kv%3Dhome%26RPN%3D95%26rurl%3Dhttp%253A%252F%252Fwww.thenewsherald.com%252F%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube3_RRail_lower%26kv%3Dhome%26RPN%3D95%26rurl%3Dhttp%253A%252F%252Fwww.thenewsherald.com%252F%26amznbid%3D2%26amznp%3D2%7CPOS%3Dbottom_leaderboard%26kv%3Dhome%26RPN%3D95%26rurl%3Dhttp%253A%252F%252Fwww.thenewsherald.com%252F%26amznbid%3D2%26amznp%3D2%7CPOS%3DSponsorship_1%26kv%3Dhome%26RPN%3D95%26rurl%3Dhttp%253A%252F%252Fwww.thenewsherald.com%252F%26amznbid%3D2%26amznp%3D2%7CPOS%3DSponsorship_2%26kv%3Dhome%26RPN%3D95%26rurl%3Dhttp%253A%252F%252Fwww.thenewsherald.com%252F%26amznbid%3D2%26amznp%3D2%7CPOS%3DSponsorship_3%26kv%3Dhome%26RPN%3D95%26rurl%3Dhttp%253A%252F%252Fwww.thenewsherald.com%252F%26amznbid%3D2%26amznp%3D2%7CPOS%3DSponsorship_4%26kv%3Dhome%26RPN%3D95%26rurl%3Dhttp%253A%252F%252Fwww.thenewsherald.com%252F%26amznbid%3D2%26amznp%3D2%7CPOS%3Dmobile_adhesion%26kv%3Dhome%26RPN%3D95%26rurl%3Dhttp%253A%252F%252Fwww.thenewsherald.com%252F%26amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1628655689&dt=1628655689290&dlt=1628655687635&idt=1622&frm=20&biw=1600&bih=1200&oid=3&adxs=800%2C436%2C1138%2C1135%2C1135%2C436%2C1140%2C160%2C160%2C160%2C-12245933&adys=177%2C303%2C460%2C1839%2C3805%2C5920%2C17%2C1557%2C2471%2C3523%2C-12245933&adks=2427953683%2C3755794694%2C2137906733%2C2107375071%2C607022022%2C1281828211%2C2102088114%2C3035188092%2C2600197332%2C2600197333%2C3753559505&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thenewsherald.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1280x251%7C1280x251%7C304x1064%7C304x600%7C304x600%7C1280x5584%7C1300x50%7C1280x5584%7C1280x5584%7C1280x5584%7C728x0&msz=1x1%7C1280x250%7C300x600%7C304x600%7C304x600%7C1280x250%7C300x50%7C1280x250%7C1280x250%7C1280x250%7C0x0&ga_vid=64273941.1628655689&ga_sid=1628655689&ga_hid=420689093&ga_fc=false&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C132&ohw=1%2C1280%2C300%2C304%2C304%2C1280%2C300%2C1280%2C1280%2C1280%2C0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C0%7C4%7C5%7C6%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

fc7ff7b3f77149dbf868ef6d63e91255c52334f3a7bc431478024fa6e2e271ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22422
x-xss-protection: 0
google-lineitem-id: -2,-2,4788924865,4788924865,-2,-2,-2,4788924865,4788924865,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,138313334945,138313334690,-2,-2,-2,138313335122,138313334942,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thenewsherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d8730240078d0337c723f8c64d8f17d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 85C6 6 KB
3 KB 47ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8730240078d0337c723f8c64d8f17d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d8730240078d0337c723f8c64d8f17d9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thenewsherald.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://www.thenewsherald.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 11 Aug 2021 04:21:29 GMT
expires: Thu, 11 Aug 2022 04:21:29 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rules-p-BdLLmNP313cFc.js Show response
rules.quantcount.com/ 3 B
437 B 92ms
30ms Script
application/javascript 2600:9000:2175:8a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-BdLLmNP313cFc.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2175:8a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 03:33:23 GMT
via: 1.1 51f76c8cc795edfca51e07563f87887d.cloudfront.net (CloudFront)
age: 3829
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:20:10 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: MRS52-P1
accept-ranges: bytes
x-amz-cf-id: HTembanzNUZ6AeEXWOCDB-F15wevNSnkGP_HtG9wFWoc-uUg7We_1A==

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1011 B 6ms
5ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1119
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Wed, 11 Aug 2021 05:02:50 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 197ms
98ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1628655689340&plid=84839780&idsite=thenewsherald.com&url=https%3A%2F%2Fwww.thenewsherald.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.thenewsherald.com%2F&sref=&sts=1628655689035&slts=0&title=The+News+Herald+%E2%80%93+Southgate%2C+MI+News%2C+Sports%2C+Weather+%26+Things+to+Do&date=Wed+Aug+11+2021+06%3A21%3A29+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=50707456&u=pid%3D27383655b34b848a781166ab2966de2b
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 04:21:29 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 11-Aug-2021 04:21:29 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=420689093&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thenewsherald.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=The%20News%20Herald%20%E2%80%93%20Southgate%2C%20MI%20News%2C%20Sports%2C%20Weather%20%26%20Things%20to%20Do&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAAEAjAAAAAC~&jid=777896921&gjid=1719515409&cid=64273941.1628655689&tid=UA-61435456-21&_gid=1006963771.1628655689&_r=1&gtm=2wg891TLFP4R&cd2=thenewsherald.com&cd3=thenewsherald.com&cd9=no&cd10=home&cd11=5.8&cd12=&cd13=WP&cd14=Home&cd15=&cd16=&cd17=&cd18=&cd19=&cd21=https%3A%2F%2Fwww.thenewsherald.com%2F&cd24=home&cd25=MICHIGAN&cd27=Home&cd28=https%3A%2F%2Fwww.thenewsherald.com%2F&cd29=Home&cd30=&cd32=p-BdLLmNP313cFc&cd33=21CM.Michigan&cd34=true&cd35=&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F87.0.4280.49%20Safari%2F537.36&cd51=&cd53=64273941.1628655689&z=569723024

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 04:21:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewsherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
467 B 41ms
14ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-61435456-21&cid=64273941.1628655689&jid=777896921&gjid=1719515409&_gid=1006963771.1628655689&_u=aChAAEAiAAAAAC~&z=413380513

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 11 Aug 2021 04:21:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.thenewsherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 17ms
16ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-61435456-21&cid=64273941.1628655689&jid=777896921&_u=aChAAEAiAAAAAC~&z=1255071841

Requested by

Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 04:21:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 36ms
17ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-61435456-21&cid=64273941.1628655689&jid=777896921&_u=aChAAEAiAAAAAC~&z=1255071841

Requested by

Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 04:21:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=802513666;labels=21CM.Michigan;source=gtm;rf=0;a=p-BdLLmNP313cFc;url=https%3A%2F%2Fwww.thenewsherald.com%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-1141246274-1628655689416;pbcn=u;pbc=;ns=0;ce=...
pixel.quantserve.com/ 35 B
371 B 12ms
10ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=802513666;labels=21CM.Michigan;source=gtm;rf=0;a=p-BdLLmNP313cFc;url=https%3A%2F%2Fwww.thenewsherald.com%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-1141246274-1628655689416;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=thenewsherald.com;je=0;sr=1600x1200x24;dst=1;et=1628655689416;tzo=-120;ogl=type.website%2Ctitle.The%20News%20Herald%2Cdescription.Southgate%252C%20MI%20News%252C%20Sports%252C%20Weather%20%26%20Things%20to%20Do%2Csite_name.The%20News%20Herald%2Cimage.https%3A%2F%2Fwww%252Ethenewsherald%252Ecom%2Fwp-content%2Fuploads%2F2021%2F06%2Fnewsheraldfallback%252Ejpg%2Clocale.en_US%2Curl.https%3A%2F%2Fwww%252Ethenewsherald%252Ecom

Requested by

Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 04:21:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 117 KB
38 KB 77ms
28ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2b12dde062253510003fb9fe9f4405bf1983f053bb9c7709a239ceee4c261af6

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: gzip
last-modified: Mon, 02 Aug 2021 10:15:57 GMT
server: nginx
etag: W/"6107c5dd-1d48a"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 12 Aug 2021 04:21:29 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
332 B 66ms
25ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.thenewsherald.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
547 B 144ms
47ms XHR
application/json 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185707
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: bd71c54932f19cc3526e3fcd4a206829198029baa00638aa0629522a6661c4a5

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewsherald.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 10 Sep 2021 04:21:29 GMT

GET
H2 200 dm.js Show response
tag.durationmedia.net/sites/10499/ 108 KB
30 KB 408ms
408ms Script
application/javascript 2600:9000:21a1:a600:10:ce97:9fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.durationmedia.net/sites/10499/dm.js
Requested by: Host: tag.durationmedia.net
URL: https://tag.durationmedia.net/pubs/1000032/dm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a1:a600:10:ce97:9fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 558202c76fb39ef9e08d8d0e69a15108c8b3ba6f6d6c8ba13a076cd11c9735f0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-version-id: itJl718vv26m_295vFrl8tYU8l.kq4af
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 20:15:24 GMT
server: AmazonS3
x-amz-cf-pop: MUC51-C1
etag: "89c83bba839988c2e23369244aad83f0"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 d2a533a811199647ab596e15f24c5cce.cloudfront.net (CloudFront)
cache-control: public,max-age=900
date: Wed, 11 Aug 2021 04:21:30 GMT
accept-ranges: bytes
content-length: 30117
x-amz-cf-id: oiCKyFQvHWiTpJuREEvQ-9EG5y7q_-DY1yCoOv-CodUugvm-IaE0Rg==

GET
H/1.1 200
OK click-out-icon.css
s.ntv.io/css/ 618 B
1 KB 37ms
37ms Stylesheet
text/css 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/css/click-out-icon.css
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8e41a8e6b02e146fe25fa71262a12a24c80ee7e0debfcae0757a4fe6c67de5a9

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 04:21:29 GMT
Last-Modified: Wed, 13 Sep 2017 22:37:26 GMT
Server: AmazonS3
x-amz-request-id: 880B72DFDE73E1A1
ETag: "43c31858c9aac81661d142577cb1fc68"
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 618
x-amz-id-2: oJuMSYYTkoOSfPRAwKWeUHSB/I4XdenD8NLhFAx/kTATfZPgnOYWZme29G+bjHzZ0WiWyUBL9lM=

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/ 22 KB
22 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=5.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thenewsherald.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 22:35:32 GMT
x-content-type-options: nosniff
age: 107157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22340
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 02:52:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 22:35:32 GMT

GET
H2 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v13/ 25 KB
25 KB 33ms
11ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v13/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=5.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad15918ec10a62580864ae3198a9d9545f260fe70e6cb9aa65901a5b02584fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thenewsherald.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 13:05:58 GMT
x-content-type-options: nosniff
age: 54931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25984
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:28 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 13:05:58 GMT

GET
H2 200 moatcontent.js Show response
z.moatads.com/nativonielsen548znrb18/ 167 KB
55 KB 114ms
36ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=14342
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:04:05 GMT
server: AmazonS3
x-amz-request-id: 541CA3CB462144FD
etag: "774acff2cee5852cdfc3fd8471cb2667"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=17491
accept-ranges: bytes
content-length: 55696
x-amz-id-2: WNwhnB94WoMq7DmM1MaoToceuK3QbHC7vn11hUldfKqO5oRdP3/lkIWqAFpXgth7b2BO5KLt3DE=

GET
H/1.1 200
OK 0D69413BFDBA4A01B3E0EC14DA2032C6.jpeg
ntvcld-a.akamaihd.net/image/upload/w_300,h_200,c_pad,f_auto/assets/ 39 KB
39 KB 125ms
49ms Image
image/png 2.16.107.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntvcld-a.akamaihd.net/image/upload/w_300,h_200,c_pad,f_auto/assets/0D69413BFDBA4A01B3E0EC14DA2032C6.jpeg
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-122.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8eabf05770287f769527d8c263e665f52e6705be1b0fc850ec139cec883b8145

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 04:21:29 GMT
X-Check-Cacheable: YES
X-Serial: 967
ETag: "993b0a008d279efd65dbc42ac1379d85"
Content-Type: image/png
Cache-Control: private, no-transform, max-age=2126374
Last-Modified: Fri, 09 Jul 2021 19:00:35 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 39596
Server: Akamai Image Manager
Expires: Sat, 04 Sep 2021 19:01:03 GMT

GET
H/1.1 200
OK 42A6AD92ADFD4A50B668D2C6E7CF03D4.png
ntvcld-a.akamaihd.net/image/upload/w_60,h_30,c_fit,f_auto,fl_lossy,e_sharpen:70/assets/ 1 KB
2 KB 107ms
31ms Image
image/png 2.16.107.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntvcld-a.akamaihd.net/image/upload/w_60,h_30,c_fit,f_auto,fl_lossy,e_sharpen:70/assets/42A6AD92ADFD4A50B668D2C6E7CF03D4.png
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-122.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 1b6a77e9c9a7cc90685d523055d3df7ea756b7e091454c6b6cfd195020f4da78

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 04:21:29 GMT
Last-Modified: Thu, 05 Aug 2021 18:02:02 GMT
Server: Akamai Image Manager
ETag: "153864ff0662b1b6e71f15617f8a760b"
Content-Type: image/png
Cache-Control: private, no-transform, max-age=262804
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1421
Expires: Sat, 14 Aug 2021 05:21:33 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 104ms
101ms Image
image/gif 18.214.172.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=46,302&ntv_ui=405c3b78-a242-4f18-85ff-1437f87618f4&ntv_a=gtMGAjtNNATboQA&ntv_fl=CF4se3gYGjAPzQcMJoAeWU51oihjJvbHx5SO_mrHcccmUJcMsjlJ3rCSVXVTTSg03UCpAkpuUrn4CF8_6hEQTsMdwJHaBL4toQb1_7bU3QxRNvjvkcIwZkv0tvH-cT08&ord=1358490124&ntv_ht=SVATYQA&ntv_tad=16&ntv_it
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-172-53.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 04:21:29 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 103ms
100ms Image
image/gif 18.214.172.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=405c3b78-a242-4f18-85ff-1437f87618f4&ntv_fl=CF4se3gYGjAPzQcMJoAeWU51oihjJvbHx5SO_mrHcccmUJcMsjlJ3rCSVXVTTSg03UCpAkpuUrn4CF8_6hEQTsMdwJHaBL4toQb1_7bU3QxRNvjvkcIwZkv0tvH-cT08&ntv_ht=SVATYQA&ntv_at=321,322,333&ntv_a=AAAAAAAAAATboQA&ntv_jlt=1962&ntv_jad=458&ntv_jte=16&ntv_it
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-172-53.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 04:21:29 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 104ms
102ms Image
image/gif 18.214.172.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=9fa19996-ade3-4003-b7df-585814cbc07a&ntv_fl=CF4se3gYGjAPzQcMJoAeWRblcKelHk30A57G2j64Jae_olk9msATJH_keT6-4xNjuFtpH0WWBICjDqjPf212kGLn0hvSDwG9zIZYAjZHnWmkOtnvmz8t_BXT-Hpm-3EU&ntv_ht=SVATYQA&ntv_at=303&ntv_a=AAAAAAAAAATroQA&ord=1628655689736&ntv_dpl=1009,1011,1028,1050,1003,1019,101951,1006,1007&ntv_it
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-172-53.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 04:21:29 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 104ms
102ms Image
image/gif 18.214.172.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1096269&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-172-53.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 04:21:29 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK click-out-icon.ttf
s.ntv.io/font/ 1 KB
2 KB 110ms
37ms Font
application/octet-stream 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/font/click-out-icon.ttf?sjshwd
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/css/click-out-icon.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ee2214a948aa510978878e09453b21c85f1bcfe78a7c55412268ad85a5fb147d

Request headers

Origin: https://www.thenewsherald.com
Referer: https://s.ntv.io/css/click-out-icon.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 04:21:29 GMT
Last-Modified: Tue, 04 Oct 2016 00:20:40 GMT
Server: AmazonS3
x-amz-request-id: AC8FC5A61A32D72F
ETag: "f587575d5d6dc5e7dc296da77fb11396"
Access-Control-Allow-Methods: GET
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1092
x-amz-id-2: HpmlO9jp42YcpH/ytKgJ6y3WOr8NGe0HL5xeSJfJ9rdt9gQvyYNLG9CGGlqG2AwyIUAjwpZku7A=

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D4AC 0
0 41ms
40ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGqSEqaZCdAJrgIfbqnl9GMMdEsvdp4HFwXBLwPBg6X40foqpvdp7e7eoRHcJIewKBpxQfTFXnwPSkh0o59viAjTNOKrVicUklzz_ZvDmNDBxrDsuftGiNZw0wXN2qYXHxwnF0V1fRnR-XiHJ2m-d18WoNEGa9DsimUMxZA5lae8jDSxKF7oaY_XN7NhcIn1B2qM2-Q70XQVyNYXoCEk_d1pk6STaiODrbOBpS__Itt-qpR1lP5_BVrmWgwVOF6Y7k8cP8IfDbdgb-0X_tiz7RbjtYjC2UHZM4SUDbci0ol8a_KedDrvZRvuZb5J_SuCayAQx6UuBMzg&sai=AMfl-YRykA0C4sARjsnHbW8fWK99XQyFIbtRljd9IqL-On7Gs5EMmIVbtoDpiL6gWbu8-lL6HRrv0GKvmwOLKwWE5el6AOgIRydIBxk8TnSeXztyqXXuRFuz4sWTX3rA_2I&sig=Cg0ArKJSzG5Rw-RpgbRhEAE&adurl=

Requested by

Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 04:21:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 11 Aug 2021 04:21:29 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame D4AC 18 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 03:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 03:02:11 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame D4AC 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 03:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 03:25:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D4AC 124 KB
37 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508775336984"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Wed, 11 Aug 2021 04:21:29 GMT

GET
H2 200 10909995965095651102
tpc.googlesyndication.com/simgad/ Frame D4AC 87 KB
87 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10909995965095651102

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77eed0056cd7e2c43bfc9c23198628c4a0a396807feb3e97e6b8958d4e25aec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:55:44 GMT
x-content-type-options: nosniff
age: 123945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89256
x-xss-protection: 0
last-modified: Thu, 04 Jun 2020 13:22:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:55:44 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 34ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508781313717"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27998
x-xss-protection: 0
expires: Wed, 11 Aug 2021 04:21:29 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8DE7 0
0 41ms
40ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjx225rZi1oqHAqbhtkarb6CN7zB2tba6SfX8UPvk9DAmxCtNEt3nDg0MDk78LZ4394lTD4b4L4Pfij3SIqXuJON7v5EKDaaHTom9gJ14nCSzZ_NYzUSRiG25cZ7taj4pa7T7OHZYAPe5_qyr8ndt2Ykg2zYO_-qWDjjppZ3v4mAb6nU3j9GqRsRpa8AhssrKXivvLHIG62APFFIiVnRH0_WvYLMgeL2RQjo_ekQFQJd0I2f04Ldn9I0HCR71iR2TQyPvHnWEKx8yNceyuBn0RhO7iJz2kldpMePP9kIZvxa_tBAPXXBC3pG8vkP6AvObXaPsY2S8CDg&sai=AMfl-YS6rheOcoUH0dpI_nTFeqvZVqJwcBbgAqjN0dscMX9bOogUUM6ELzpqruj3FJbM_C1BuctiCfrd9-P3EPtb8o0xkcIy3pOuV6EY9zng8EgyZHBJZx3GKZ75ni_pnbE&sig=Cg0ArKJSzPcdMLceSFNpEAE&adurl=

Requested by

Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 04:21:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 11 Aug 2021 04:21:29 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame 8DE7 18 KB
7 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 03:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 03:24:56 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 8DE7 2 KB
1 KB 42ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 03:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 03:26:39 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8DE7 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508775336984"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Wed, 11 Aug 2021 04:21:29 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 8DE7 0
0 31ms
13ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT06M88_rr0liPTyuhQLRnRUnCqoosvI8a-0O6YXsv_j7PafdrRt57xUEU1dP_xSwKD80Lr
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H3-29 200 6780118929543340433
tpc.googlesyndication.com/simgad/ Frame 8DE7 94 KB
94 KB 26ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6780118929543340433

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

825fc3f452eb981db8536fd1d68e1fc83a362462f09b248666f4a4ea69972bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:17:36 GMT
x-content-type-options: nosniff
age: 97433
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96550
x-xss-protection: 0
last-modified: Thu, 04 Jun 2020 13:23:20 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 01:17:36 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8216 0
0 39ms
39ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM7GD_zCSq_flt_t9AjXgyTtpAl69humPXwQzIeRggZFkFo0XBZLs1yoWdS2n4Wb8da_bcqmMDe-r9tn3NMBkjieiub0aQYB21OA-comt-gIttEQ6HVAvIFj8qjQ-O-ey8YnehGPu9mYPm4OLfMrpOhnLBzPJNnVODfpKsFg6Tv4KaeHG63tmcR_Zt7XokHhbK4jOBId1vNrgnVEaatWpi1dbP-VA_7g11cq8eJHW8KIwTVlKXH5deN983VNF0HSY88OhJ0etZN4zJW_bdBHjoUGU_JCVyPKX4FbYD0uQGNseX-hqxVzCypUWBOmfrbVYh3bprpvMoMA&sai=AMfl-YQraSpci6KyPVm3ea2vrYZfeNFOLrK-RpCxvbEGsRXri9VS6BkWq48WeUITXssgnLo0AXvkDJQQOqzPr792dTcIUQTJyrQAb9ZbnLMpFe6_a6xG_dF-gKyiEpfOhpI&sig=Cg0ArKJSzOrMZvWK9EjLEAE&adurl=

Requested by

Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 04:21:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame 8216 18 KB
7 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 03:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 03:24:56 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 8216 2 KB
1 KB 37ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 03:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 03:26:39 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8216 124 KB
37 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508775336984"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Wed, 11 Aug 2021 04:21:29 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 8216 0
0 25ms
13ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSO-GnBZbYu4FaWV3XDIo-gTUrnsFbB9287zqb81GWqNmvlyV-823vFWDUIfOBhM8e0PywB
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H3-29 200 18310848917609845678
tpc.googlesyndication.com/simgad/ Frame 8216 68 KB
68 KB 22ms
11ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18310848917609845678

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

814aeb7e502572c5bd7a51b23b2e6a71c86cffb040621c4fa7dfe11f4a9d4499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:52:28 GMT
x-content-type-options: nosniff
age: 98941
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69583
x-xss-protection: 0
last-modified: Thu, 04 Jun 2020 13:23:18 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:52:28 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame CCE7 0
0 40ms
40ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBADVme3rs_Oljez7VE7UIx9jXmN4Gbpl25j2WPYNSNhB0Bw9fK-8SnEmP82O7QvX8wdDv2pWsNamUepLKgYKl_OkQPEDGL3qij2tJz5cWX0G4vGNlIzyYEk3jyrn-Yt6zWGZFcbxUVB1QJvALDa33aNq4zsn42I4miEIiDYJQHFGpm1Ipgc6B7uV2MBQMbHEgr09CRnkpUfaPO-uOi0nvRXsmqGYbnoLxDHuSVlL4s_qaXiuv2ZtF-aTPUb0epB89j66AsYcGyG6xKzJzqPd4RifSxkrIsyzcAVr_t0ZYUvtRdQrM-HGxHOXDQMMtT7WfzOxcOZ6Fvg&sai=AMfl-YSBH8o5-WM792OUBF-EqsnWrXgOBc473MBw5GkN1xDP_KfF7qcX496jigw6KUdkPa1gH6icX0OeP0NuHHIMiX3Y6i8WBfB4utp2D4vsVScBeIKdFH2VDN03NzMc59Y&sig=Cg0ArKJSzMJsAp06mO8UEAE&adurl=

Requested by

Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 04:21:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame CCE7 18 KB
7 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 03:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 03:24:56 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame CCE7 2 KB
1 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 03:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 03:26:39 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCE7 124 KB
37 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508775336984"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Wed, 11 Aug 2021 04:21:29 GMT

GET
H3-29 200 13114808219695817509
tpc.googlesyndication.com/simgad/ Frame CCE7 77 KB
77 KB 21ms
14ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13114808219695817509

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

924f3221554318faf7221fbc332dc6ba0e2812e37e75873a55f492a50f6cb07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 09:08:55 GMT
x-content-type-options: nosniff
age: 69154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79108
x-xss-protection: 0
last-modified: Thu, 04 Jun 2020 13:22:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
expires: Wed, 10 Aug 2022 09:08:55 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D4AC 0
0 76ms
40ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBt-FErSdDQmmQTGEMoxvCCdkEvHq6T69jiMbWcdWyRQBb6yo5MuRoj5VyzYY1GuIwB_8MMQumNKkS05dpKaiMWxoo5ZO0neXATnr0PlkBtTk6ctUZl3RzqPT77KO7R7Aew4ouuydIO3uhlHPmBfPeA0kGEolALus1saus4Fk6SWbmmbJWQ2Xe30pSMgGLFkGlNKum-ayZEVeQydaH8EbZ111IfRNvgesHRL04O8o3WCBKnn1LC5tlzAdxH9YPMjeyq_GFRtTiPgdsAsJz9G0A7HO1vVQ9xuJrpn1_6rAYkEBo2TTd17v6P9obrgksXtcLRUUOFFn-bkxA&sai=AMfl-YSWsz9CQgDzvPxVPW1d45EhFpthe-lIIKjSxpuIhVBfVRZHcjxnkGmc0Bp7wHxNyZJSjmrxy-4anl2fbPHsL-Wh8potfPheREg5lm8VvbhfuwDKMTEMrDxSioGAYIo&sig=Cg0ArKJSzJAjsQgzj2pwEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 04:21:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 11 Aug 2021 04:21:30 GMT

GET
DATA 200
OK truncated
/ Frame D4AC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f3020cd9a0dd2ebbe9ad9942b59596137baec85e90e56c4fcbc48a69557bff1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14342 Show response
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 321 B
612 B 399ms
398ms Script
application/octet-stream 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/14342?t=202171164
Requested by: Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9f5b7a9076a919ad9128bf694e00592271c49929ca0e60434eb7f66c64a8c539

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-version-id: rsQygLPKu05hF_J0tFftyopNnqEWimZb
last-modified: Wed, 11 Aug 2021 04:16:52 GMT
server: AmazonS3
x-amz-request-id: 7EYYWS9134PQDEC6
etag: "0d53a4f83f0b1676310e842af4c79209"
content-type: application/octet-stream
date: Wed, 11 Aug 2021 04:21:30 GMT
accept-ranges: bytes
content-length: 321
x-amz-id-2: HYEh8T0pVrHGLs0DZnfFsfYgGiDXFpxXZhttlPPfNgWycNvZzCN8xsAJLxFyIpza0a+tYe5ed5I=

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8DE7 0
0 39ms
39ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv646j9Em40Eq7TyHmVawDp60RkW8Rej2bPfuovH4SEWKP4hC4iHMjfn9-lUYU_xTTfaUvkIFqqMZS-GK_fVNXZDVjM7zPz3vjkiyIRrS9_yv5evJFzblIQ_zIeCw4l4zXS1Zh74M8d6jMuigO67TL4JiGqcjvKW5F_fV6wlWLYXXOS05Y3Ga9mgtVhqkbVcFvI0iPKGIzaSEUokoVH8K7VLCHnHfZLnk05Y2ys8KANwhz37txoRn3nUE4TRXwkNNqFeRSy0J_PwJdUKNhVhoCaQpAO_qpb9Ef6MsbFZHkwZsScu20fsuZyXwy8ODnoxdE0Dfp8M4G92uZw&sai=AMfl-YS2i_zsA2PqtXZR0Aw0Uct6gQ17X27Dlo_x-CIksvlOl5i9j4wJ2wvs6uY5s0Kxq5TpUEje9t-wMF7nFq0eZYTCqeqZ5iPRRptdUB3ipBaVrSsC1dhDzgVgR_v8PUs&sig=Cg0ArKJSzAl392wBP4vFEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 04:21:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 11 Aug 2021 04:21:30 GMT

GET
DATA 200
OK truncated
/ Frame 8DE7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f72170a79eab16e31a8e0673ab97dac81aca7a28ebd56fbd5980376893c78e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8216 0
0 41ms
41ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudPiYVwP2bKjz00-ZMcmJRdILLO_IIAYpNvp5-FbD5WPcltT76Evmr6aqIt8UoqYPCXYPiK8sqOZXA1tXmpDm41430fO_9aHN0n7IlBtgEgGOpTHCWC5Pu05hQwpJfuKIdsuvKelf-theVj7xQmONBY3LM2AcE_0Z3UDwPB2jwHIBVOvZc4s2TFMEzat_S4_cf-AsAdEUTJ0UgJ5NUlRcRqgg4-0bXeOPBvXlgSczJc61P5nH9HmqbucqDoaMJ_JceNHDESCsxm8OII_LSBR2rXHODv5gE05trmnsaMYpXds8GVUbdFZWghAqbId40wkUpnxUvl0KBBWHu&sai=AMfl-YTaIKWuy-UUfd5pqv9R9kP75zsyNUSJDywB-0BYy_k0QSGgeiaITv4PdclXeO6dBEu9Yon-w_KtlRUHsL2HdVPCGJnorJYAXlcU0vqXyuDJvC1gAs_lYSb-6iYB9NY&sig=Cg0ArKJSzAkbXqC2VxmUEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 04:21:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 11 Aug 2021 04:21:30 GMT

GET
DATA 200
OK truncated
/ Frame 8216 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e859918f11d65e8878b930ef13c150ef714a433861784dffe31057fb866fc5a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame CCE7 0
0 41ms
40ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpD7MM96Lz74PeKO7ZPUjk3OF10nBT0cEVzKUtPP5qVZFK3uaIYUV5ZBzlDeiJu4BS09mQ-viuFM90GwUaU_vBS8HBLbg57V06242TI72okeLTR0fxOjXgSHhP7S19hTftFJ5WCsDNvQYmYh-H941E9wjPHwY_qY_cUKVjjqzfSKjGCMnjr6t-yVQxgeRgWsg96yw6UEolPLVGJOTcxo_yoBMnEeW0WIlGArn5i-0tDb9WpCgqlHDVsE3JeFwj1jC-lqCNNv_pu94HnZlGISZ7_PrXABqVPLYA0JawXDA1jFAONgRP3_8fyEdd9cCEySSbbEqkFOHfvyyP&sai=AMfl-YTd4vl5rmpg0THln9TK7czb4YBGuRDqgoyZFhSwf7HFuDrAOVj2qTOph3Fgs-BtG_D-8yff2-rHTBMcW-fzKMOqo1yexErKE_izjSTrtpWSscZehtpRcMv6vQEGWGc&sig=Cg0ArKJSzBSS_ISxRH1sEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 04:21:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 11 Aug 2021 04:21:30 GMT

GET
DATA 200
OK truncated
/ Frame CCE7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 808f1e99d72536527e3026b9389c2373d5d99be820e0894eae69b8cade086519

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200 scriptloaded Show response
be.durationmedia.net/ 61 B
673 B 415ms
100ms Fetch
application/json 54.209.104.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://be.durationmedia.net/scriptloaded?siteId=10499

Requested by

Host: tag.durationmedia.net
URL: https://tag.durationmedia.net/sites/10499/dm.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.209.104.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-104-184.compute-1.amazonaws.com

Software

Resource Hash

9903035e5b61b366e5709819a66349add4a4d132af460c00dc37babc30774ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 04:21:30 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Content-Type: application/json
Access-Control-Allow-Origin: https://www.thenewsherald.com
Access-Control-Expose-Headers: Authorization
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Length: 61
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200 scriptloaded Show response
be.durationmedia.net/ 61 B
692 B 418ms
102ms Fetch
application/json 54.209.104.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://be.durationmedia.net/scriptloaded?siteId=10499

Requested by

Host: tag.durationmedia.net
URL: https://tag.durationmedia.net/sites/10499/dm.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.209.104.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-104-184.compute-1.amazonaws.com

Software

Resource Hash

9903035e5b61b366e5709819a66349add4a4d132af460c00dc37babc30774ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 04:21:30 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Content-Type: application/json
Access-Control-Allow-Origin: https://www.thenewsherald.com
Access-Control-Expose-Headers: Authorization
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
transfer-encoding: chunked
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D4AC 42 B
518 B 35ms
15ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujK4k8nz1VTNidxNEmygbrCuMgTWG-Jl0CR2kvwgntPG_PNmIgUM5xvhwgRgQajIuYO2Miu3piACVIOTq8Ci2JaZb7ZZfqm4BOB6sHr1VvnizRYuBG&sig=Cg0ArKJSzOhdzQ4Xn0Z6EAE&id=lidar2&mcvt=1000&p=185,1138,435,1438&asp=185,1138,435,1438&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210809&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2137906733&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628655689862&rpt=123&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 04:21:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 lb Show response
be.durationmedia.net/ 0
579 B 99ms
99ms Fetch 54.209.104.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://be.durationmedia.net/lb?s=10499&t=SD&c=4

Requested by

Host: tag.durationmedia.net
URL: https://tag.durationmedia.net/sites/10499/dm.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.209.104.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-104-184.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 04:21:33 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Access-Control-Allow-Origin: https://www.thenewsherald.com
Access-Control-Expose-Headers: Authorization
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: 0

POST
H/1.1 200 sponsorships Show response
be.durationmedia.net/ 498 B
1 KB 115ms
115ms Fetch
application/json 54.209.104.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://be.durationmedia.net/sponsorships

Requested by

Host: tag.durationmedia.net
URL: https://tag.durationmedia.net/sites/10499/dm.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.209.104.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-104-184.compute-1.amazonaws.com

Software

Resource Hash

5312873f712943dcf82c844d47b19f59fdb2b504dc5a9247b8a474a5a00c1149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 04:21:33 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Content-Type: application/json
Access-Control-Allow-Origin: https://www.thenewsherald.com
Access-Control-Expose-Headers: Authorization
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Length: 498
X-XSS-Protection: 1; mode=block
Expires: 0

OPTIONS
H/1.1 200 sponsorships
be.durationmedia.net/ Frame 0
0 99ms
99ms Preflight 54.209.104.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://be.durationmedia.net/sponsorships

Protocol

HTTP/1.1

Server

54.209.104.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-104-184.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thenewsherald.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.thenewsherald.com
Access-Control-Expose-Headers: Authorization
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Date: Wed, 11 Aug 2021 04:21:32 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Content-Length: 0
Connection: keep-alive

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1AEE 11 KB
5 KB 74ms
25ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.thenewsherald.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.thenewsherald.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thenewsherald.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://www.thenewsherald.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2418
set-cookie: uid=a4dc1a53-cb67-415e-99ba-de8a6d50c502; expires=Mon, 05 Sep 2022 04:21:52 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Wed, 11 Aug 2021 04:21:52 GMT
content-length: 4666

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 20ms
20ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021080501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40b0af59ac41057ec2c679936cd98a9406baf9481376f275dab23440238ff6dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 04:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8651
x-xss-protection: 0

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035443/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
349 B

40ms
40ms

Script
application/javascript

13.224.96.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-53.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:09:33 GMT
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 741
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: -Vwxrrsi7IVSsiz_48GE5U7UL5HT2-lGGI1QZydzvFoXg6Nimh878w==

Redirect headers

date: Wed, 11 Aug 2021 04:21:53 GMT
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: 0ODJvnzJd0dm6ZPiq-GK1ljx3ltmm4nTzHPGa3FBbs4IYxxHFrAlLw==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 04:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 11 Aug 2021 04:21:53 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2C4C 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thenewsherald.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://www.thenewsherald.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 10 Aug 2021 15:01:28 GMT
expires: Wed, 10 Aug 2022 15:01:28 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F2C9 783 B
531 B 23ms
23ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

47c59be02a06c3dbd2529680af94fede7d4d8fabab4be1a03f734a882ac25c84

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NeBIHVPK7oJfXcbzFKykkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thenewsherald.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://www.thenewsherald.com/

Response headers

expires: Wed, 11 Aug 2021 04:21:53 GMT
date: Wed, 11 Aug 2021 04:21:53 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-NeBIHVPK7oJfXcbzFKykkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C4C 35 KB
13 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 14:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13203
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 14:40:58 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1AEE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=thenewsherald.com&sn=ChromeSyncframe&so=0&topUrl=www.thenewsherald.com&cw=1
https://mug.criteo.com/sid?cpp=F1pUw3xiT1A5cDl3ZjlnVlgzVHYvZEMzWTdiT1ZmUER3MldsRUFCYjlLUktRZ1VxQVZhWTlIQWdwcXBuUklBTTZybUFuVkhNd1lRS1RCeWlMUXNnMUk3KzZ1Qkd2ZDI5Y3NxOWFjc0taZDJLQmQrZnRROUpNYXZPU09yV3...

441 B
625 B

112ms
36ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=F1pUw3xiT1A5cDl3ZjlnVlgzVHYvZEMzWTdiT1ZmUER3MldsRUFCYjlLUktRZ1VxQVZhWTlIQWdwcXBuUklBTTZybUFuVkhNd1lRS1RCeWlMUXNnMUk3KzZ1Qkd2ZDI5Y3NxOWFjc0taZDJLQmQrZnRROUpNYXZPU09yV3lQN1BaOE5KbkhIbU1aR1FJUGZaOGZuRkVEVnVUYmdpbVd3TTR0S2RXaW8vVHgxdWFYOXlOSlJPUUNrMDBtWk81YVRlMS9aSS8wbGxlK3pQMHNxL3IrcllXaTc1YkVDbklqZm93TUF1d3g3ZnRLY2g4Nm9helh2clAzS2l4V1B6QlM3d1dEY2owZi9CTXNNdWxaSGowOFh4c0pZQVkydz09fA&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

bb9c0f1a1d640d2c7819dd0b1795ee7ef9caf9e592612da180c68d1e02831734

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 11 Aug 2021 04:21:52 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2925
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 11 Aug 2021 04:21:53 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=F1pUw3xiT1A5cDl3ZjlnVlgzVHYvZEMzWTdiT1ZmUER3MldsRUFCYjlLUktRZ1VxQVZhWTlIQWdwcXBuUklBTTZybUFuVkhNd1lRS1RCeWlMUXNnMUk3KzZ1Qkd2ZDI5Y3NxOWFjc0taZDJLQmQrZnRROUpNYXZPU09yV3lQN1BaOE5KbkhIbU1aR1FJUGZaOGZuRkVEVnVUYmdpbVd3TTR0S2RXaW8vVHgxdWFYOXlOSlJPUUNrMDBtWk81YVRlMS9aSS8wbGxlK3pQMHNxL3IrcllXaTc1YkVDbklqZm93TUF1d3g3ZnRLY2g4Nm9helh2clAzS2l4V1B6QlM3d1dEY2owZi9CTXNNdWxaSGowOFh4c0pZQVkydz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1692
content-length: 541
expires: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021080501&jk=704745063681041&bg=!Tk2lTQnNAAbOj6irzo87ACkAdvg8Wghyzb74sMMMDBwYN-yp771_nmJjQW8aWbNu3bY68lEcE3L-ugIAAABEUgAAAAloAQcKAD8bECM87i7Bstbx3iPJ5-BYXpXmKyAXcEr-BFnA-t4UDpNhhEqN10zclAUgggDfCNdAIBOz0LzUrEj0KQWxsuWZAnfceBczaftu1bpKcRAs1tgU5s0imPK8rbwcOZF4zgLGNwBCsOD6luaeZBDpP9KlkDeAgcwb_lw6fTpwsTwX6jvfxV-s40lfnV2TqIGu1aq6ExhAJm8N5izn3mHAVeJaOPJ9HOwiPT1q-UM__DXul4kh_KDJ41KikD7vxISjwvpc4nC8kIRk-rnpNnA65Xr6QjW6rSWgNL0pvSfMf1fACo5KmZRx0pPqRVzTivQQMF1FM-20D03NJ1ZEbC8PxinmuaDyhAaapjqnSqGM_N4hU7CkQIF65oB8V8HMRrxw9TQi3cRvzC3sIvDE3ibEV-CmVDgXo8GzzKLTOXL02ecqF76a6zCG--OP8_3S5hIgkmX3tlsxACyFyBhjY2XFO4j-iAzsrr1H_oY1eLMyjJhEvs6goiAujpLQJmkjnYwxeyHaBd7oLknxKRVH3pojoyFrgOBJaGy6e-R4ZULQ3bLuPowMa6cJ93D6Yf3S2UvXvwgRk2bu8qEKAOIo1OoVUke9tLc6hNktVKQa41R6iL_Ie_x_aZ2YwlMTzRoMkle900MqkHTc9UqJMTzNNY6Olbrv3EB70nX-4cFWrOJA2s1PLUEn6GY9LlQnYqgS50ByTNyeo8j9Tcy73-Nn3M5xQ1TE0oIcRX3DRpnr7s1gj-Js8Qnr8cSOlqCV5LyX6hLd0SS2bLCsIRSE_LDnNJM-C7qokVwUk0dGQMQaGjXBrImUIqCYtWNl-ortoJmGjK-aMfqT66ZgmWoTzoux3dZED0cUSqSAvN7jLyJrRHJHFuNdWWpZKQEb2jr36LR2ujaLDjmkmDUNWp_SRFoyi_MMYHxM2vCzNa9CQa3m

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewsherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 04:21:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: marketplace.digitalfirstmedia.com
URL: https://marketplace.digitalfirstmedia.com/promos/wordpress.asp?nid=20

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Invalid PixelID: null.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a2journal.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.rlcdn.com
be.durationmedia.net
c.amazon-adsystem.com
cdn.p-n.io
cdn.parsely.com
cmp.osano.com
connect.facebook.net
d8730240078d0337c723f8c64d8f17d9.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
jadserve.postrelease.com
js-sec.indexww.com
marketplace.digitalfirstmedia.com
match.adsrvr.org
mug.criteo.com
ntvcld-a.akamaihd.net
p1.parsely.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.wp.com
prodmg2.blob.core.windows.net
rules.quantcount.com
s-jsonp.moatads.com
s.ntv.io
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
tag.durationmedia.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.thenewsherald.com
z.moatads.com
marketplace.digitalfirstmedia.com
13.224.96.53
13.82.152.48
142.250.186.130
178.250.2.146
18.214.172.53
192.0.66.168
192.0.76.3
2.16.107.122
2.18.234.163
2.18.234.21
2.18.235.40
2600:9000:211e:f400:3:b7e:8940:93a1
2600:9000:2175:8a00:6:44e3:f8c0:93a1
2600:9000:21a1:a600:10:ce97:9fc0:93a1
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c1b::9c
2a02:2638::1c
2a02:2638::3
2a03:2880:f01c:8012:face:b00c:0:3
34.120.133.55
52.84.254.59
52.84.44.170
54.144.144.142
54.209.104.184
76.223.111.131
96.45.83.7
99.86.4.81
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
13a6caa9ee89b65ebef98247e903d299280c1d32eda5785a95d5fae0ff56f91a
182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141
185af343fe43fa051254ebb9a1cccfbeef76d9641fc62da7f047d55a085ecea1
1994c60967493250d994f00dac0d8fa3b6ac442a090bc147691e0ce948f5b26c
1b6a77e9c9a7cc90685d523055d3df7ea756b7e091454c6b6cfd195020f4da78
1b748b68db03e4ea32ffda55c871e9066f416ce13e1841f109171677a996802b
1ea03e7bb14df931f8a649756cffe9465c815aa0efc23acce14b50e21c3d20ad
1f3020cd9a0dd2ebbe9ad9942b59596137baec85e90e56c4fcbc48a69557bff1
2b12dde062253510003fb9fe9f4405bf1983f053bb9c7709a239ceee4c261af6
372930d7d823798ce39df56c2644c2220c97c25413f91570e74ea03b36106617
3aa29d6340c1d354b2594b02413c66ec2775832ca183a3787514b03215069157
3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9
3cc60560fce1a83f47edff6103dcb11c53d6d3cf57a41d11c6d352f88b9f61a2
3f72170a79eab16e31a8e0673ab97dac81aca7a28ebd56fbd5980376893c78e2
40b0af59ac41057ec2c679936cd98a9406baf9481376f275dab23440238ff6dc
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
4362beb9c95b7eea7208a013293a5a210bba089fe41f3b157a81ab94682f618a
47c59be02a06c3dbd2529680af94fede7d4d8fabab4be1a03f734a882ac25c84
486e7061a989cf1c6834390c0fdc9a8d181f9179efe68fe8c35c254ff2d49de6
4d5f2c09a690b52d4d5aacf685ce7e137ef476f335b705223373f6a986bcb287
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5312873f712943dcf82c844d47b19f59fdb2b504dc5a9247b8a474a5a00c1149
558202c76fb39ef9e08d8d0e69a15108c8b3ba6f6d6c8ba13a076cd11c9735f0
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
5dfbbbdb34bba4d26aa6997dca6eb32bb14418f105dd58172df84b3d6580c8f9
7313338c143c8ddd48d725ff90906bcaa655f492f1d60f3418970481c68ff338
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76db8eaafd56a116fa9f722f596da45b0ef936a6975861fe6b481fe3bccd2398
77eed0056cd7e2c43bfc9c23198628c4a0a396807feb3e97e6b8958d4e25aec1
808f1e99d72536527e3026b9389c2373d5d99be820e0894eae69b8cade086519
814aeb7e502572c5bd7a51b23b2e6a71c86cffb040621c4fa7dfe11f4a9d4499
825fc3f452eb981db8536fd1d68e1fc83a362462f09b248666f4a4ea69972bb3
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad
8e41a8e6b02e146fe25fa71262a12a24c80ee7e0debfcae0757a4fe6c67de5a9
8e58de0f702f009e49520a5b938fd5d2c80d7c607a1639e1eb40b637f717d9f2
8eabf05770287f769527d8c263e665f52e6705be1b0fc850ec139cec883b8145
924f3221554318faf7221fbc332dc6ba0e2812e37e75873a55f492a50f6cb07c
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9903035e5b61b366e5709819a66349add4a4d132af460c00dc37babc30774ebb
999dd215435801026f51fb5847df0b1127bd49541ef7d9aeb8b799a9669d8c56
99ff0f06144001dc0b81b59a9c58560585a9567ebde6e9f465fab855929263e3
9c32bd7b5f038fed72808e226c5900753132d469884c0533817e9c48328c8ef9
9dd097769c6b71f1957d8d36b5a19c52e12f23fab71c5f7dda3551bfd1a32014
9e859918f11d65e8878b930ef13c150ef714a433861784dffe31057fb866fc5a
9f5b7a9076a919ad9128bf694e00592271c49929ca0e60434eb7f66c64a8c539
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab3e8e0a96f1443da691215a577c803ff484fae50d0ffdb07934fb9a1d0f0a08
ad15918ec10a62580864ae3198a9d9545f260fe70e6cb9aa65901a5b02584fec
ad39c6a1b09e253bd1b3a9e89ec01e9e5016648d3b47a7f5f0b93ae52e69d811
af67e6d6566ed18d58231218b42e4c563d550f4cba2fdcb8351e221d020057af
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bb9c0f1a1d640d2c7819dd0b1795ee7ef9caf9e592612da180c68d1e02831734
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bd71c54932f19cc3526e3fcd4a206829198029baa00638aa0629522a6661c4a5
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d291e19bc493b58f49dd2322bd5e7b4a381ddb12db0400b1090db28b1a58681d
d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da78d141b0313472cd2fc65694ca14e6848c2999b681885f29de5a6b801942c6
dbae94cba2ba3d07d6ae6e79a7c60c4efc36deb442e193ab18e0fd0cd4d97eef
dc10a1d5400b43cc621aa1974366897dc89b74bf2b0b7be10c4d1767115f90b4
dd8500332bf3704965f6a75ebaf2a3c401d9e9b87c3c18c5c50615884d194c36
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e2c695c464e7b164a6e4a7d0fb695b615d947828135114fe1d1ef8acd82d3ee1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e495b3895c84a5a975d1dd28e402554288ba25172ac0bf57aa577eac8b3cf79d
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e7792b8590d9e36bf7fcab8b4fafe6e08e7ed3d7e0761607af149f2ecdd49e9a
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
ee2214a948aa510978878e09453b21c85f1bcfe78a7c55412268ad85a5fb147d
ee833de2d9680f7291a7d3d4e55ed18492d09bb3123b2e427676578d13aefb65
eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc7ff7b3f77149dbf868ef6d63e91255c52334f3a7bc431478024fa6e2e271ab
fdf2977c4059ef04b96a95516683080b5638115ff47f5c850babff2c3d8719ee

www.thenewsherald.com Open in urlscan Pro 192.0.66.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

119 Requests

99 %HTTPS

50 %IPv6

32 Domains

44 Subdomains

38 IPs

4 Countries

2335 kBTransfer

5878 kBSize

0 Cookies

22 Outgoing links

Page URL History

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.thenewsherald.com Open in urlscan Pro
192.0.66.168 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

99 %
HTTPS

50 %
IPv6

32
Domains

44
Subdomains

38
IPs

4
Countries

2335 kB
Transfer

5878 kB
Size

0
Cookies

119 HTTP transactions
5 data transactions