Submitted URL: http://ypsilanticourier.com/
Effective URL: https://www.thenewsherald.com/
Submission: On December 16 via api from US — Scanned from DE

Summary

This website contacted 32 IPs in 4 countries across 31 domains to perform 116 HTTP transactions. The main IP is 192.0.66.168, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.thenewsherald.com. The Cisco Umbrella rank of the primary domain is 403704.
TLS certificate: Issued by R3 on October 31st 2022. Valid for: 3 months.
This is the only time www.thenewsherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 96.45.82.64 16552 (TIGGEE)
1 25 192.0.66.168 2635 (AUTOMATTIC)
2 18.66.15.43 16509 (AMAZON-02)
3 18.66.108.49 16509 (AMAZON-02)
2 2a04:4e42:200... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.105.49 16509 (AMAZON-02)
2 99.86.240.124 16509 (AMAZON-02)
7 108.138.17.41 16509 (AMAZON-02)
2 2600:9000:223... 16509 (AMAZON-02)
1 20.60.62.4 8075 (MICROSOFT...)
1 13.32.2.61 16509 (AMAZON-02)
1 2.18.234.163 16625 (AKAMAI-AS)
2 192.0.76.3 2635 (AUTOMATTIC)
1 2606:2800:133... 15133 (EDGECAST)
1 2a04:4e42:e00... 54113 (FASTLY)
3 34.209.101.105 16509 (AMAZON-02)
2 3.229.174.180 14618 (AMAZON-AES)
2 52.28.169.33 16509 (AMAZON-02)
1 10 35.239.25.228 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.224.189.41 16509 (AMAZON-02)
1 13.32.121.37 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 99.86.240.84 16509 (AMAZON-02)
15 2606:2800:233... 15133 (EDGECAST)
4 13.85.16.224 8075 (MICROSOFT...)
2 52.217.77.132 16509 (AMAZON-02)
2 13.69.106.208 8075 (MICROSOFT...)
1 104.26.5.15 13335 (CLOUDFLAR...)
116 32
Apex Domain
Subdomains
Transfer
32 thenewsherald.com
www.thenewsherald.com — Cisco Umbrella Rank: 403704
z618.thenewsherald.com — Cisco Umbrella Rank: 807362
543 KB
12 czx5eyk0exbhwp43ya.biz
cdn.czx5eyk0exbhwp43ya.biz — Cisco Umbrella Rank: 31380
210 KB
9 medianewsgroup.com
marketplace.medianewsgroup.com — Cisco Umbrella Rank: 239426
42 KB
4 azurewebsites.net
prod-dfm-proxy-connext.azurewebsites.net — Cisco Umbrella Rank: 59257
89 KB
4 p-n.io
cdn.p-n.io — Cisco Umbrella Rank: 4825
k.p-n.io — Cisco Umbrella Rank: 3041
52 KB
3 azureedge.net
loader-cdn.azureedge.net — Cisco Umbrella Rank: 26446
fp-cdn.azureedge.net — Cisco Umbrella Rank: 42543
g2insights-cdn.azureedge.net — Cisco Umbrella Rank: 41955
238 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
40 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
240 KB
3 denverpost.com
session.denverpost.com — Cisco Umbrella Rank: 201437
769 B
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
92 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 803
408 B
2 amazonaws.com
paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 36728
2 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1383
125 KB
2 blueconic.net
medianewsgroup.blueconic.net — Cisco Umbrella Rank: 82139
2 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2897
pixel.wp.com — Cisco Umbrella Rank: 2717
3 KB
2 osano.com
cmp.osano.com — Cisco Umbrella Rank: 6416
77 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
ajax.googleapis.com — Cisco Umbrella Rank: 304
32 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
98 KB
2 zeustechnology.com
mng-thenewsherald.zeustechnology.com — Cisco Umbrella Rank: 969769
115 KB
1 db-ip.com
api-mg2.db-ip.com — Cisco Umbrella Rank: 24219
814 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1638
605 B
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 154
191 B
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1641
37 KB
1 digitalfirstmedia.com
marketplace.digitalfirstmedia.com — Cisco Umbrella Rank: 322467
129 B
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1392
574 B
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2191
22 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3120
149 KB
1 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2773
21 KB
1 windows.net
prodmg2.blob.core.windows.net — Cisco Umbrella Rank: 55340
144 KB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 8405
38 KB
1 ypsilanticourier.com
ypsilanticourier.com
169 B
116 31
Domain Requested by
25 www.thenewsherald.com 1 redirects www.thenewsherald.com
cmp.osano.com
12 cdn.czx5eyk0exbhwp43ya.biz cmp.osano.com
9 marketplace.medianewsgroup.com www.thenewsherald.com
marketplace.medianewsgroup.com
7 z618.thenewsherald.com www.thenewsherald.com
z618.thenewsherald.com
cmp.osano.com
az416426.vo.msecnd.net
4 prod-dfm-proxy-connext.azurewebsites.net cdn.czx5eyk0exbhwp43ya.biz
3 www.google-analytics.com cmp.osano.com
3 www.googletagmanager.com cmp.osano.com
3 session.denverpost.com www.thenewsherald.com
3 c.amazon-adsystem.com www.thenewsherald.com
c.amazon-adsystem.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 paywall-ad-bucket.s3.amazonaws.com www.thenewsherald.com
cdn.czx5eyk0exbhwp43ya.biz
2 cdn.confiant-integrations.net cmp.osano.com
2 k.p-n.io cdn.p-n.io
2 medianewsgroup.blueconic.net z618.thenewsherald.com
cmp.osano.com
2 cmp.osano.com www.thenewsherald.com
cmp.osano.com
2 cdn.p-n.io www.thenewsherald.com
cmp.osano.com
2 cdn.jsdelivr.net www.thenewsherald.com
cdn.jsdelivr.net
2 mng-thenewsherald.zeustechnology.com www.thenewsherald.com
1 api-mg2.db-ip.com cdn.czx5eyk0exbhwp43ya.biz
1 g2insights-cdn.azureedge.net cmp.osano.com
1 fp-cdn.azureedge.net cmp.osano.com
1 loader-cdn.azureedge.net ajax.googleapis.com
1 geo.privacymanager.io ats.rlcdn.com
1 sb.scorecardresearch.com www.thenewsherald.com
1 ats.rlcdn.com cmp.osano.com
1 pixel.wp.com www.thenewsherald.com
1 marketplace.digitalfirstmedia.com 1 redirects
1 polyfill.io ajax.googleapis.com
1 az416426.vo.msecnd.net www.thenewsherald.com
1 stats.wp.com www.thenewsherald.com
1 s.ntv.io www.thenewsherald.com
1 cdn.parsely.com www.thenewsherald.com
1 prodmg2.blob.core.windows.net www.thenewsherald.com
1 cdn.auth0.com www.thenewsherald.com
1 ajax.googleapis.com www.thenewsherald.com
1 fonts.googleapis.com www.thenewsherald.com
1 ypsilanticourier.com 1 redirects
116 37
Subject Issuer Validity Valid
thenewsherald.com
R3
2022-10-31 -
2023-01-29
3 months crt.sh
*.zeustechnology.com
Amazon
2022-04-15 -
2023-05-14
a year crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-03-21 -
2023-04-22
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.auth0.com
Amazon
2022-03-26 -
2023-04-24
a year crt.sh
pushlycdn.com
Amazon
2022-02-14 -
2023-03-15
a year crt.sh
m349.eptrail.com
Amazon
2022-06-16 -
2023-07-15
a year crt.sh
cmp.osano.com
Amazon
2022-09-02 -
2023-09-30
a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02
2022-09-18 -
2023-09-18
a year crt.sh
*.parsely.com
Amazon
2022-06-05 -
2023-07-04
a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1
2022-10-24 -
2023-10-26
a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-14 -
2023-12-15
a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2022-07-11 -
2023-07-11
a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-10 -
2024-01-11
a year crt.sh
*.denverpost.com
Amazon
2022-04-29 -
2023-05-28
a year crt.sh
*.blueconic.net
Amazon
2022-07-08 -
2023-08-06
a year crt.sh
*.p-n.io
Amazon
2022-01-10 -
2023-02-06
a year crt.sh
*.medianewsgroup.com
Go Daddy Secure Certificate Authority - G2
2021-12-23 -
2023-01-24
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.confiant-integrations.net
E1
2022-11-24 -
2023-02-22
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
*.privacymanager.io
Amazon
2022-08-26 -
2023-09-24
a year crt.sh
snibe7egl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1
2022-01-31 -
2023-03-03
a year crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 01
2022-03-14 -
2023-03-09
a year crt.sh
*.s3.amazonaws.com
Amazon
2022-09-21 -
2023-08-26
a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 01
2022-11-21 -
2023-11-16
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-17 -
2023-05-17
a year crt.sh

This page contains 4 frames:

Primary Page: https://www.thenewsherald.com/
Frame ID: 572C1E59D93672612669D1B1E4839102
Requests: 104 HTTP requests in this frame

Frame: https://marketplace.medianewsgroup.com/promos/wordpress.asp?nid=20
Frame ID: 1450F6A4CC72746CE6277DA33DBF7AF9
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: E2D7B5B39E47803DDA11773379AF2859
Requests: 1 HTTP requests in this frame

Frame: https://marketplace.medianewsgroup.com/promos/daily.asp?nid=20
Frame ID: FD016D7A1335E5605D0B8D19114A20C7
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

The News Herald – Southgate, MI News, Sports, Weather & Things to Do

Page URL History Show full URLs

  1. http://ypsilanticourier.com/ HTTP 302
    http://www.thenewsherald.com/ HTTP 301
    https://www.thenewsherald.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

116
Requests

89 %
HTTPS

31 %
IPv6

31
Domains

37
Subdomains

32
IPs

4
Countries

2425 kB
Transfer

8592 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ypsilanticourier.com/ HTTP 302
    http://www.thenewsherald.com/ HTTP 301
    https://www.thenewsherald.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://marketplace.digitalfirstmedia.com/promos/wordpress.asp?nid=20 HTTP 301
  • https://marketplace.medianewsgroup.com/promos/wordpress.asp?nid=20

116 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.thenewsherald.com/
Redirect Chain
  • http://ypsilanticourier.com/
  • http://www.thenewsherald.com/
  • https://www.thenewsherald.com/
215 KB
43 KB
Document
General
Full URL
https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
9a35a756a21d6678eb904be1c167a88c6bc2b2011a2824c6ed0a89e19ac7a379
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
819
cache-control
max-age=300, must-revalidate
content-encoding
gzip
content-length
43332
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
content-type
text/html; charset=UTF-8
date
Fri, 16 Dec 2022 04:15:35 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.thenewsherald.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/d2U47>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache
hit
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
ams6 0 2 9980

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Fri, 16 Dec 2022 04:15:35 GMT
Location
https://www.thenewsherald.com/
Server
nginx
modernearthy.css
www.thenewsherald.com/wp-content/themes/assets/static/css/
376 KB
58 KB
Stylesheet
General
Full URL
https://www.thenewsherald.com/wp-content/themes/assets/static/css/modernearthy.css?ver=1671133329
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7874dfff4d554bccd31d1ea3b60d323b9f0357da32403a98f10545c23c417e10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:35 GMT
x-rq
ams6 0 2 9980
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 19:42:02 GMT
server
nginx
age
28987
etag
W/"639b788a-5e0f2"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
58733
expires
Sat, 16 Dec 2023 04:15:35 GMT
main.js
mng-thenewsherald.zeustechnology.com/
0
57 KB
Other
General
Full URL
https://mng-thenewsherald.zeustechnology.com/main.js
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-43.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
saEeHLgfWNbarKRJx7LgZG8X3fKTv204
content-encoding
br
via
1.1 745bd6e0dfe1d054bf9397c4a6fbc612.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 04:00:25 GMT
last-modified
Tue, 29 Nov 2022 20:22:56 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
1221
etag
W/"16d4c059544047e0f4389d4ab211bb20"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,s-maxage=3600
x-amz-cf-id
8rHxip7b-vWGUmG868_NNDizYyb1Dgo2vRC6LodpMn62j-R26o52qw==
apstag.js
c.amazon-adsystem.com/aax2/
0
45 KB
Other
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-108-49.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 03:29:35 GMT
content-encoding
gzip
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
last-modified
Thu, 15 Dec 2022 17:02:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P5
age
2761
x-amz-server-side-encryption
AES256
etag
W/"9678e76b6e6295571547f8fe5df68b88"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
cwO3JYtN9b7LpcviHdsiBB6miuRKicFSQqAqRK-U7L5DYWFiujlsmw==
wp-emoji-release.min.js
www.thenewsherald.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://www.thenewsherald.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:35 GMT
x-rq
ams6 0 2 9980
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 19:44:36 GMT
server
nginx
age
2590996
etag
W/"6373ec24-48b9"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5004
expires
Sat, 16 Dec 2023 04:15:35 GMT
style.css
www.thenewsherald.com/wp-content/client-mu-plugins/src/Sitemap/includes/
880 B
404 B
Stylesheet
General
Full URL
https://www.thenewsherald.com/wp-content/client-mu-plugins/src/Sitemap/includes/style.css?m=1670354581g
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c540cdeba4eb897beea1c93c6452269a4de7b86a2e670b5b0ad37f9bbfc78c53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:35 GMT
x-rq
ams6 0 2 9980
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 19:23:01 GMT
server
nginx
age
111814
etag
W/"638f9695-370"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
325
expires
Sat, 16 Dec 2023 04:15:35 GMT
/
www.thenewsherald.com/_static/
11 KB
4 KB
Stylesheet
General
Full URL
https://www.thenewsherald.com/_static/??/wp-content/plugins/mng-digisubs/static/mng-digisubs.styles.css,/wp-content/client-mu-plugins/src/Ads/assets/css/mobile-adhesion-style.css?m=1671133322
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ec238b506e5e6491a0015153e52ed5e71b67d94d5696b1d2c8888e5cb583d6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:35 GMT
x-rq
ams6 0 2 9980
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 19:42:02 GMT
server
nginx
age
28988
vary
Accept-Encoding
x-cache
hit
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3631
bootstrap-icons.min.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/
56 KB
9 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 16 Dec 2022 04:15:35 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
881138
x-jsd-version
1.5.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9099
x-served-by
cache-fra-eddf8230100-FRA, cache-hhn-etou8220060-HHN
x-jsd-version-type
version
etag
W/"e199-MKfLdwDci4zij+cy307LMP/uJk4"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
css
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=6.1.1
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5160a5031b52a3a7bc884baef7e68015f3ed254ab5df11e55278a2ee4ab4ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.thenewsherald.com/
Origin
https://www.thenewsherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 16 Dec 2022 04:15:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 04:15:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Dec 2022 04:15:35 GMT
/
www.thenewsherald.com/_static/
86 KB
17 KB
Stylesheet
General
Full URL
https://www.thenewsherald.com/_static/??-eJyNjEsKgDAMBS9kG4NQcSGeRdogaj+BpBRvry7cu3sMMw8aG1+yUlZI1XCs254FDlJe/WkQrYNUQo0k0PawkQpoYcNFniV6RbJepIMfP4/3gbdZ0oxuxH6YEPEGZpowJQ==
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d8d07e67dafce9ce1ae6cb877286ab88be47bf2385bd91518c0f449093aced9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:35 GMT
x-rq
ams6 0 2 9980
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 17:31:51 GMT
server
nginx
age
7200
vary
Accept-Encoding
x-cache
hit
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16908
apstag.js
c.amazon-adsystem.com/aax2/
178 KB
45 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js?ver=8.1.0
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-108-49.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 03:29:35 GMT
content-encoding
gzip
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
last-modified
Thu, 15 Dec 2022 17:02:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P5
age
2761
x-amz-server-side-encryption
AES256
etag
W/"9678e76b6e6295571547f8fe5df68b88"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
JNAL0IRzMZyx_0fKXtBLpPjR1VKL2-DKiDBkVjzh5Gq4nX_UJMebmg==
zeus-adapter.js
www.thenewsherald.com/wp-content/plugins/dfm_zeus/assets/dist/
19 KB
6 KB
Script
General
Full URL
https://www.thenewsherald.com/wp-content/plugins/dfm_zeus/assets/dist/zeus-adapter.js?m=1670354582g
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ff0b3b0d7adc47e7b9bafbf0dd71f8b0029511df30b9f797b9866a5545db5828

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:35 GMT
x-rq
ams6 0 2 9980
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 19:23:02 GMT
server
nginx
age
111814
etag
W/"638f9696-4b55"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6023
expires
Sat, 16 Dec 2023 04:15:35 GMT
main.js
mng-thenewsherald.zeustechnology.com/
332 KB
58 KB
Script
General
Full URL
https://mng-thenewsherald.zeustechnology.com/main.js?ver=6.1.1
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-43.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ecd220f85bd6f9e412a22cb9a8c315dc1e502de4914571245773def0fad1a2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
saEeHLgfWNbarKRJx7LgZG8X3fKTv204
content-encoding
br
via
1.1 745bd6e0dfe1d054bf9397c4a6fbc612.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 04:00:26 GMT
last-modified
Tue, 29 Nov 2022 20:22:56 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
2990
etag
W/"16d4c059544047e0f4389d4ab211bb20"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,s-maxage=3600
x-amz-cf-id
yZUhBCLf9zeTgRyZqZXquNFi6FOyaugaIzeAB3nXRnck4sp_F2LT_A==
/
www.thenewsherald.com/_static/
7 KB
2 KB
Script
General
Full URL
https://www.thenewsherald.com/_static/??/wp-content/plugins/dfm_zeus/assets/dist/dfm-zeus-bundle.js,/wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1670354582j
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5a36cfb2ac68d3fe9f0c85e63ac833ff97220f3ce561afa3fbcba3e7aac3502c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:35 GMT
x-rq
ams6 0 2 9980
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 19:23:02 GMT
server
nginx
age
28988
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2027
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 16:03:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
303113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:03:42 GMT
loader.min.js
www.thenewsherald.com/wp-content/plugins/loader-wp/static/
16 KB
5 KB
Script
General
Full URL
https://www.thenewsherald.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:35 GMT
x-rq
ams6 0 2 9980
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 22:41:48 GMT
server
nginx
age
2589522
etag
W/"637415ac-3e4a"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5454
expires
Sat, 16 Dec 2023 04:15:35 GMT
auth0-spa-js.production.js
cdn.auth0.com/js/auth0-spa-js/1.13/
105 KB
38 KB
Script
General
Full URL
https://cdn.auth0.com/js/auth0-spa-js/1.13/auth0-spa-js.production.js?ver=6.1.1
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.105.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-105-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
6AzkYKZDwDnSxmQe5SqIWFlWTPBMtbyI
content-encoding
gzip
via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 03:26:09 GMT
last-modified
Thu, 07 Jan 2021 14:32:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
2967
etag
W/"8bea9e0d733d097381a1b5eb8c40983d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=10800,public
x-amz-replication-status
FAILED
x-amz-cf-id
Qj3nvZoyKEKGdCd2DQEZf5iUPOGOCtvUS2LjyfT2OvwFXQyivE6kZA==
/
www.thenewsherald.com/_static/
206 KB
60 KB
Script
General
Full URL
https://www.thenewsherald.com/_static/??-eJylzMEKgCAQBNAfKhcT6hRd+w1LkQ3dol2pz89O0bVOA8PMg2Or55XEk8AWc0BiSBRqhwE5TwwsVnB+dSpZJDVlctGrhSv4YpQD+VP+MmWMEn0qyX+tjKO9gf2BhtTrttPaGNM0ywW/J3EN
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e6656cc2857f2f0040dbab0813520e2df404524aae7aac3bde96941da0af909f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:35 GMT
x-rq
ams6 0 2 9980
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 19:42:02 GMT
server
nginx
age
29077
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
60924
pushly-sdk.min.js
cdn.p-n.io/
220 KB
50 KB
Script
General
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=Mr4wSkZIapeF8TmatKcHWDmGX9a5dwW92QON&ver=6.1.1
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-124.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c1ff552cb56a441d7c77c6a8fe5b5af11e5974d1096dcf597e0668734963818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:35 GMT
content-encoding
gzip
via
1.1 315b8dfb52e5c49bd834510b0301e938.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 04:15:22 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
age
101
etag
W/"0a9c4111e101ed73ed2680b36a9e7e10"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
x-amz-cf-id
i9zby_IsbvqfGwMw5fXb3UrJcEGkD6mF-Jt58PnHfG1bOJzuZ4TYSA==
dfm-pushly.min.js
www.thenewsherald.com/wp-content/plugins/dfm-pushly/static/js/
160 B
206 B
Script
General
Full URL
https://www.thenewsherald.com/wp-content/plugins/dfm-pushly/static/js/dfm-pushly.min.js?m=1670354582g
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:35 GMT
x-rq
ams6 0 2 9980
last-modified
Tue, 06 Dec 2022 19:23:02 GMT
server
nginx
age
111814
etag
"638f9696-a0"
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
160
expires
Sat, 16 Dec 2023 04:15:35 GMT
script.js
z618.thenewsherald.com/
154 KB
45 KB
Script
General
Full URL
https://z618.thenewsherald.com/script.js
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-41.fra56.r.cloudfront.net
Software
- /
Resource Hash
4255e4ace6e08b544432f062fee688b53ab38b9f13a3808acafbf78076c68895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P7
age
443
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
45917
x-xss-protection
1; mode=block
last-modified
Fri, 16 Dec 2022 04:03:10 GMT
server
-
etag
bb4a8bc47e995d4713e04867e58e29f0
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
VauxdgppduHF7CNp1d6gIpu8z9YKPVFRAUK6NfJ-NH_a83GKfTj2vg==
expires
Fri, 16 Dec 2022 04:18:12 GMT
osano.js
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/
342 KB
76 KB
Script
General
Full URL
https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
bb268e75d6e38043ca66b3a88032b14b793529b473a4cf66934e4f63c049f673
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-encoding
br
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 12:09:50 GMT
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
57945
x-cache
Hit from cloudfront
content-length
77242
x-xss-protection
mode=block
last-modified
Wed, 23 Nov 2022 18:12:17 GMT
server
CloudFront
etag
"91b7b05b8dc01b347da928325cfea9f0"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id
YJRtZXt7lZU0jYBy0LZk-Wz5H2aJ5V50tz4bBNWZSUaiPH5K3DN9Zg==
mg2nw.min.js
prodmg2.blob.core.windows.net/newsletterwidget/mngcep/
143 KB
144 KB
Script
General
Full URL
https://prodmg2.blob.core.windows.net/newsletterwidget/mngcep/mg2nw.min.js
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.62.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
eabc0f4a5b76ceb76d11713e56e77dc230f3672c9df4c43a79089fa69b056033

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 16 Dec 2022 04:15:34 GMT
Last-Modified
Tue, 30 Aug 2022 11:57:42 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
qpxGb9QXImzRxhdRLqrrAA==
ETag
0x8DA8A7ED8105951
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
3676196b-c01e-002e-3e05-11a5a9000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
146402
News-HeraldMI-logo.png
www.thenewsherald.com/wp-content/uploads/2021/06/
3 KB
3 KB
Image
General
Full URL
https://www.thenewsherald.com/wp-content/uploads/2021/06/News-HeraldMI-logo.png
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6eadcc67d37b2ff780352cc10e7a9626fb5c8525bdccbb89474d30a8b7f9714b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:35 GMT
x-rq
ams6 109 86 443
last-modified
Sun, 18 Sep 2022 06:16:25 GMT
server
nginx
etag
"7c18fdf944e2c18e"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3172
expires
Mon, 18 Sep 2023 06:16:25 GMT
/
www.thenewsherald.com/_static/
49 KB
18 KB
Script
General
Full URL
https://www.thenewsherald.com/_static/??-eJyVj81ywjAMhF+ojqAQyoXpo3RMLEBBljyWXSZ5epIZOPBzaI9a7SftwiW5TqWgFEhcjyQG4RB/RqwG3gzLNJOVWXSz6KIGayJJ09sHvKHTSYvKgZjhFyVohkRdqRln6X8g+3EwGvHhH0nHNaBBf0t2M2c8omD2RbPLVQpF/As2rZLy8BzuxX5SPb/tHau7N5hv+WzIg1s1LewrcQBWHzBP1HfcLTdfi1W7bref/RVSzozY
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c3d38da8d4ed9f190fd614659d3286311908402049ac179d00f39985023c3fec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:35 GMT
x-rq
ams6 0 2 9980
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 19:23:02 GMT
server
nginx
age
28988
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
18720
p.js
cdn.parsely.com/keys/thenewsherald.com/
56 KB
21 KB
Script
General
Full URL
https://cdn.parsely.com/keys/thenewsherald.com/p.js?ver=3.5.2
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.2.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-2-61.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
ecadb8880761df101d0b5f5d780e2bd78ec55c175b264d20ada6b1e4f8c892b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Thu, 15 Dec 2022 08:56:29 GMT
content-encoding
gzip
via
1.1 4e3b2e1fa2acb7612ea516b89c06af70.cloudfront.net (CloudFront)
last-modified
Thu, 09 Dec 2021 15:22:33 GMT
server
nginx
x-amz-cf-pop
VIE50-C2
age
69546
etag
W/"61b21f39-df46"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
RwBHD5DGJ2PsM8PUW9v4cGLpaX1iGrxKKcYTcOrEv0h_mVd3hpi27w==
expires
Fri, 16 Dec 2022 08:56:29 GMT
ads.js
www.thenewsherald.com/wp-content/themes/wp-mason/static/js/
87 B
139 B
Script
General
Full URL
https://www.thenewsherald.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:35 GMT
x-rq
ams6 0 2 9980
last-modified
Tue, 15 Nov 2022 22:41:48 GMT
server
nginx
age
2590994
etag
"637415ac-57"
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
87
expires
Sat, 16 Dec 2023 04:15:35 GMT
/
www.thenewsherald.com/_static/
107 KB
28 KB
Script
General
Full URL
https://www.thenewsherald.com/_static/??-eJyVy0EKhDAMAMAPaUNFLB7Et5QaaWuTiMki/n4v+4B17gP32SdhQzawjIQKURVNQS1aSVAVkhAJu5Q/fDgq7Kp28Mc7pT17aU3fJJINL8Z4WX5+b6XFT8H7YZrHUL+YhkHk
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1a530a45de7cff1208cd59b6074773035f9ebfec4e03e7501f12dcf0b7357af9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:35 GMT
x-rq
ams6 0 2 9980
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 17:55:47 GMT
server
nginx
age
29074
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
29079
load.js
s.ntv.io/serve/
537 KB
149 KB
Script
General
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9314bdf069833133cb5e8b7b704636871b73ce0b6a81173b01d48b65c83135f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 04:15:35 GMT
Content-Encoding
gzip
x-amz-request-id
XT5NYVSVAW9SHAQR
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
95LzWpg0llS+0ODRbjxnZ0QbUptYAGc9ZiIsKF2lQkIlUXY7hwC5rDl4sJH+voxVbspQjCVwvaM=
Last-Modified
Thu, 15 Dec 2022 22:31:07 GMT
Server
AmazonS3
ETag
"31ed3cede974dadaf29e30cd61560c94"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
www.thenewsherald.com/_static/
3 KB
857 B
Script
General
Full URL
https://www.thenewsherald.com/_static/??-eJyNy0EOgkAMBdALWYrCqBvjWUYyGTuhLaHfeH1YcAC2L3n8X2hyQzEwvkVL8C6aw40DGTJxC569khh9foBbp2JdiwufrU6ilTKwHvWtr+v90Q9pTM9b2wCZxy8h
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
488781e479ac0f453f3393ab549befd06f15055fe25b91488e2cc7444ab82884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:35 GMT
x-rq
ams6 0 2 9980
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 19:23:02 GMT
server
nginx
age
25593
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
817
e-202250.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202250.js
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT ams
date
Fri, 16 Dec 2022 04:15:35 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 03 Dec 2023 23:03:02 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js?ver=8.1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-108-49.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 08:56:30 GMT
x-amz-cf-pop
FRA56-P5
age
69546
x-cache
Hit from cloudfront
last-modified
Wed, 07 Dec 2022 02:43:04 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
7aeX2XwVJ8H0JspVd0QFy3QoI31t9VphHY9s5KxueZjePzy9Xu0kEA==
ai.0.js
az416426.vo.msecnd.net/scripts/a/
94 KB
22 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/488D) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Dec 2022 04:15:35 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1492
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (ama/488D)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e3e1df84-901e-000f-0e01-111194000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Fri, 16 Dec 2022 04:45:35 GMT
polyfill.min.js
polyfill.io/v3/
101 B
574 B
Script
General
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:e00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 16 Dec 2022 04:15:36 GMT
age
3878117
detected-user-agent
Chrome/108.0.5351
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
94
referrer-policy
origin-when-cross-origin
last-modified
Mon, 31 Oct 2022 10:42:14 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
normalized-user-agent
chrome/108.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
session
session.denverpost.com/api/
93 B
257 B
XHR
General
Full URL
https://session.denverpost.com/api/session
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/_static/??-eJylzMEKgCAQBNAfKhcT6hRd+w1LkQ3dol2pz89O0bVOA8PMg2Or55XEk8AWc0BiSBRqhwE5TwwsVnB+dSpZJDVlctGrhSv4YpQD+VP+MmWMEn0qyX+tjKO9gf2BhtTrttPaGNM0ywW/J3EN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.101.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-101-105.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thenewsherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://www.thenewsherald.com
date
Fri, 16 Dec 2022 04:15:35 GMT
access-control-allow-credentials
true
content-length
93
vary
Origin
content-type
application/json; charset=utf-8
cs
medianewsgroup.blueconic.net/DG/DEFAULT/
16 B
699 B
Script
General
Full URL
https://medianewsgroup.blueconic.net/DG/DEFAULT/cs?&callback=bc_json572
Requested by
Host: z618.thenewsherald.com
URL: https://z618.thenewsherald.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.174.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-174-180.compute-1.amazonaws.com
Software
- /
Resource Hash
5c3e70806ebe1b75d28f62caa8fbd4ee93141ac9447780965ec8487ce2c11c6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
98c63151-0d4c-49bf-bb7a-6bd69f10c72e
https://www.thenewsherald.com/
390 B
0
Other
General
Full URL
blob:https://www.thenewsherald.com/98c63151-0d4c-49bf-bb7a-6bd69f10c72e
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
pushly-sdk.min.css
cdn.p-n.io/
27 KB
2 KB
Stylesheet
General
Full URL
https://cdn.p-n.io/pushly-sdk.min.css?domain_key=Mr4wSkZIapeF8TmatKcHWDmGX9a5dwW92QON
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-124.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5df2498d566a9c0c42fef5906f0818a35cfc4ce1cac95e1e0eed4265c838eb10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:56:32 GMT
content-encoding
gzip
via
1.1 315b8dfb52e5c49bd834510b0301e938.cloudfront.net (CloudFront)
last-modified
Wed, 05 Oct 2022 20:36:44 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
age
69544
etag
W/"5324d6c6926b312f68532f29a3bb2aec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
vCQvqIBaT9uMSYm7-NhyzlpjH1uCZXGIQr2MdN4jbfjtbK64dV6ZpQ==
event-stream
k.p-n.io/
0
126 B
Fetch
General
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=Mr4wSkZIapeF8TmatKcHWDmGX9a5dwW92QON&ver=6.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.169.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-169-33.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thenewsherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 16 Dec 2022 04:15:35 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
event-stream
k.p-n.io/
0
125 B
Fetch
General
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=Mr4wSkZIapeF8TmatKcHWDmGX9a5dwW92QON&ver=6.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.169.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-169-33.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thenewsherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 16 Dec 2022 04:15:35 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
session
session.denverpost.com/api/
93 B
256 B
XHR
General
Full URL
https://session.denverpost.com/api/session
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/_static/??-eJylzMEKgCAQBNAfKhcT6hRd+w1LkQ3dol2pz89O0bVOA8PMg2Or55XEk8AWc0BiSBRqhwE5TwwsVnB+dSpZJDVlctGrhSv4YpQD+VP+MmWMEn0qyX+tjKO9gf2BhtTrttPaGNM0ywW/J3EN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.101.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-101-105.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thenewsherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://www.thenewsherald.com
date
Fri, 16 Dec 2022 04:15:35 GMT
access-control-allow-credentials
true
content-length
93
vary
Origin
content-type
application/json; charset=utf-8
truncated
/
9 KB
9 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141

Request headers

Referer
Origin
https://www.thenewsherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
font/truetype
9fee0c16-28e7-40d4-aac2-ce7544034cbb
https://www.thenewsherald.com/
390 B
0
Other
General
Full URL
blob:https://www.thenewsherald.com/9fee0c16-28e7-40d4-aac2-ce7544034cbb
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/
88 KB
89 KB
Font
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0
Origin
https://www.thenewsherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 16 Dec 2022 04:15:35 GMT
x-content-type-options
nosniff
age
3894464
x-jsd-version
1.5.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
90528
x-served-by
cache-fra-eddf8230052-FRA, cache-hhn-etou8220037-HHN
x-jsd-version-type
version
etag
W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
wordpress.asp
marketplace.medianewsgroup.com/promos/ Frame 1450
Redirect Chain
  • https://marketplace.digitalfirstmedia.com/promos/wordpress.asp?nid=20
  • https://marketplace.medianewsgroup.com/promos/wordpress.asp?nid=20
2 KB
2 KB
Document
General
Full URL
https://marketplace.medianewsgroup.com/promos/wordpress.asp?nid=20
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.239.25.228 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.25.239.35.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 /
Resource Hash
128041511b92b8a734cab92b44b41d32c293e29111b65d4a3885951f062bdae4

Request headers

Referer
https://www.thenewsherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-length
1723
content-type
text/html
date
Fri, 16 Dec 2022 04:15:36 GMT
server
Microsoft-IIS/10.0

Redirect headers

content-length
189
content-type
text/html; charset=UTF-8
date
Fri, 16 Dec 2022 04:15:35 GMT
location
https://marketplace.medianewsgroup.com/promos/wordpress.asp?nid=20
server
Microsoft-IIS/10.0
common.chunk.min.js
www.thenewsherald.com/wp-content/themes/assets/static/js/
42 KB
10 KB
Script
General
Full URL
https://www.thenewsherald.com/wp-content/themes/assets/static/js/common.chunk.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cbccc935557398179deeef044a5ab2353e97ca4961f313793c8ba03964c43e93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
x-rq
ams6 0 2 9980
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 19:19:01 GMT
server
nginx
age
2533963
etag
W/"637537a5-a619"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
10458
expires
Sat, 16 Dec 2023 04:15:36 GMT
common-async.chunk.min.js
www.thenewsherald.com/wp-content/themes/assets/static/js/
64 KB
9 KB
Script
General
Full URL
https://www.thenewsherald.com/wp-content/themes/assets/static/js/common-async.chunk.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a832c721859e66024092445300431d52b19ce96eb53588ad13954e78be2a8580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
x-rq
ams6 0 2 9980
content-encoding
gzip
last-modified
Tue, 22 Nov 2022 15:53:26 GMT
server
nginx
age
2029651
etag
W/"637cf076-10029"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9089
expires
Sat, 16 Dec 2023 04:15:36 GMT
modernearthy-async.chunk.min.js
www.thenewsherald.com/wp-content/themes/assets/static/js/
5 KB
2 KB
Script
General
Full URL
https://www.thenewsherald.com/wp-content/themes/assets/static/js/modernearthy-async.chunk.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
65e8f8eda5862aa99f8118206aaec31225558fbfbfe0f0f817d3b71335c25095

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
x-rq
ams6 0 2 9980
content-encoding
gzip
last-modified
Mon, 14 Nov 2022 22:04:56 GMT
server
nginx
age
2526049
etag
W/"6372bb88-15e9"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1604
expires
Sat, 16 Dec 2023 04:15:36 GMT
session
session.denverpost.com/api/
93 B
256 B
XHR
General
Full URL
https://session.denverpost.com/api/session
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/_static/??-eJylzMEKgCAQBNAfKhcT6hRd+w1LkQ3dol2pz89O0bVOA8PMg2Or55XEk8AWc0BiSBRqhwE5TwwsVnB+dSpZJDVlctGrhSv4YpQD+VP+MmWMEn0qyX+tjKO9gf2BhtTrttPaGNM0ywW/J3EN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.101.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-101-105.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thenewsherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://www.thenewsherald.com
date
Fri, 16 Dec 2022 04:15:36 GMT
access-control-allow-credentials
true
content-length
93
vary
Origin
content-type
application/json; charset=utf-8
/
cmp.osano.com/ Frame E2D7
4 KB
1 KB
Document
General
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thenewsherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
55306
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 12:53:51 GMT
etag
W/"287b497c992487af362d33204f87d28f"
last-modified
Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy
same-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-id
WpxFBZCwXXtSb7Ul0Du0LXJzvSDe36scpLPxmYUZfJ4I1_Y_70xbbg==
x-amz-cf-pop
FRA56-P2
x-amz-version-id
xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
g.gif
pixel.wp.com/
50 B
116 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=192784543&post=0&tz=-5&srv=www.thenewsherald.com&hp=vip&j=1%3A11.6&host=www.thenewsherald.com&ref=&fcp=1149&rand=0.5221522132941516
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Dec 2022 04:15:36 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
gtm.js
www.googletagmanager.com/
405 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b1c3e96a2c3257b9a6926221b2104bbb40393742c76ab7704201a035933d4fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100222
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Dec 2022 04:15:36 GMT
548feb93-746c-4fbd-b2b5-bd9e1a0f3a58
https://www.thenewsherald.com/
390 B
0
Other
General
Full URL
blob:https://www.thenewsherald.com/548feb93-746c-4fbd-b2b5-bd9e1a0f3a58
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
3e8c2039-0b68-4b17-bb47-dd26f907b750
https://www.thenewsherald.com/
390 B
0
Other
General
Full URL
blob:https://www.thenewsherald.com/3e8c2039-0b68-4b17-bb47-dd26f907b750
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
0fcf5bca-5088-424b-ac85-c7e7c983e5f6
https://www.thenewsherald.com/
390 B
0
Other
General
Full URL
blob:https://www.thenewsherald.com/0fcf5bca-5088-424b-ac85-c7e7c983e5f6
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
ec4fe4412f3aa3ad89a3158b76e20de5.jpg
www.thenewsherald.com/wp-content/uploads/2017/01/
14 KB
15 KB
Image
General
Full URL
https://www.thenewsherald.com/wp-content/uploads/2017/01/ec4fe4412f3aa3ad89a3158b76e20de5.jpg?w=535
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5b9465be2c23d220675688b5221020b76bd90832a90b2b52e102538bd319c84d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
x-rq
ams6 109 195 443
last-modified
Fri, 16 Dec 2022 02:15:36 GMT
server
nginx
etag
"28d66fbf41af2ed2"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14846
expires
Sat, 16 Dec 2023 02:15:36 GMT
Marijuana-rolling-joint.jpg
www.thenewsherald.com/wp-content/uploads/2022/12/
9 KB
9 KB
Image
General
Full URL
https://www.thenewsherald.com/wp-content/uploads/2022/12/Marijuana-rolling-joint.jpg?w=346
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c10e758f98444663560db89f53cd5d43478341c276c5c04d553557c71554ae3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
x-rq
ams6 109 140 443
last-modified
Fri, 16 Dec 2022 04:01:24 GMT
server
nginx
etag
"a953121a72f74513"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9418
expires
Sat, 16 Dec 2023 04:01:24 GMT
Michel-Steven-Johnston.jpg
www.thenewsherald.com/wp-content/uploads/2022/12/
3 KB
3 KB
Image
General
Full URL
https://www.thenewsherald.com/wp-content/uploads/2022/12/Michel-Steven-Johnston.jpg?w=172
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b7b9f316cf3335e3266a5524dbbae7b02a5eb93763f3a05b48745e585db830

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
x-rq
ams6 109 28 443
last-modified
Fri, 16 Dec 2022 04:01:24 GMT
server
nginx
etag
"9821e0367198d61c"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3006
expires
Sat, 16 Dec 2023 04:01:24 GMT
Southgate-police-patch.jpg
www.thenewsherald.com/wp-content/uploads/2022/02/
16 KB
17 KB
Image
General
Full URL
https://www.thenewsherald.com/wp-content/uploads/2022/02/Southgate-police-patch.jpg?w=183
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
34945e9fe22c02e9b1ba570f2d0bfd0ae2bbaf2a3bedb7a1bfbc2e4574ba7636

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
x-rq
ams6 109 195 443
last-modified
Fri, 16 Dec 2022 04:01:24 GMT
server
nginx
etag
"be2e853add0fc851"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16842
expires
Sat, 16 Dec 2023 04:01:24 GMT
Southgate-PD-badge.jpg
www.thenewsherald.com/wp-content/uploads/2021/12/
12 KB
12 KB
Image
General
Full URL
https://www.thenewsherald.com/wp-content/uploads/2021/12/Southgate-PD-badge.jpg?w=172
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.168 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
08dd3641390cdd9ca6d312a534a6eea7011134516cb58741c08d4e10abee2eeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
x-rq
ams6 109 84 443
last-modified
Fri, 16 Dec 2022 04:01:24 GMT
server
nginx
etag
"0a691797c243fbc6"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12588
expires
Sat, 16 Dec 2023 04:01:24 GMT
config.js
cdn.confiant-integrations.net/3IyQ81Wnn-d6bieQLuWeDuN4PWM/gpt_and_prebid/
288 KB
59 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/3IyQ81Wnn-d6bieQLuWeDuN4PWM/gpt_and_prebid/config.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9a4fd6af3eba732125dddff863c391ef066074b4f9f567dfd42368eafc14991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 03:08:27 GMT
server
cloudflare
x-amz-request-id
Z8ZQ99P6YZZN7C5R
age
506
etag
W/"bd3a448229622a922aaad29aefe1215c"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
77a4994b8d595c5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
oBD+w1qI//d7Ort3U7JcvJFwoy+ipJ74IDNFVY/3Zhpe/qZS2yZWBn5j/kTbY/Uf5qFlDprN2x0=
ats.js
ats.rlcdn.com/
109 KB
37 KB
Script
General
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-41.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
gzip
via
1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 10:04:28 GMT
x-amz-cf-pop
FRA2-C1
age
65469
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
W3IyemnVHT6j3T_RbTQPyerXHlald7SgVogC_t4iZLxgzcig2ZFe9A==
b
sb.scorecardresearch.com/
0
191 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1671164136197&ns_c=UTF-8&c8=The%20News%20Herald%20%E2%80%93%20Southgate%2C%20MI%20News%2C%20Sports%2C%20Weather%20%26%20Things%20to%20Do&c7=https%3A%2F%2Fwww.thenewsherald.com%2F&c9=
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
cOuNAKupr-VgrZLeMPXwLpHs7ZMwpgf4MdibLAgPhV9Hs5beExtxJQ==
x-cache
Miss from cloudfront
056a4909-d5b0-4d10-94c6-8b8433ebc0d5
https://www.thenewsherald.com/
390 B
0
Other
General
Full URL
blob:https://www.thenewsherald.com/056a4909-d5b0-4d10-94c6-8b8433ebc0d5
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
f98e4358-6aa7-451d-a428-9bf7ac4dfb56
https://www.thenewsherald.com/
390 B
0
Other
General
Full URL
blob:https://www.thenewsherald.com/f98e4358-6aa7-451d-a428-9bf7ac4dfb56
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
7cd32b6a-81c4-4368-8493-6b30fe99dd28
https://www.thenewsherald.com/
390 B
0
Other
General
Full URL
blob:https://www.thenewsherald.com/7cd32b6a-81c4-4368-8493-6b30fe99dd28
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
571
z618.thenewsherald.com/DG/DEFAULT/rest/rpc/
81 KB
13 KB
XHR
General
Full URL
https://z618.thenewsherald.com/DG/DEFAULT/rest/rpc/571?referer=https%3A%2F%2Fwww.thenewsherald.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-12-16T04%3A15%3A36%2B00%3A00&ts=1671164136237
Requested by
Host: z618.thenewsherald.com
URL: https://z618.thenewsherald.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-41.fra56.r.cloudfront.net
Software
- /
Resource Hash
23bc05e5003e6a633d4d79ed20821daaae6c06ceabd6ec63c44235a1a258dc15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thenewsherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
12124
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thenewsherald.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
INRYz5jaP3aBvIv3Zx0fMVAHCetb8g_oXxOtYzlWvngplzc54jTT7Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 16 Dec 2022 03:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3059
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 16 Dec 2022 05:24:37 GMT
js
www.googletagmanager.com/gtag/
216 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JNP6TRHKRV&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5e157ad4cf5fee02152660a367a5fdfcbcee5162c75d9493f9f1958d3489dea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76889
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 16 Dec 2022 04:15:36 GMT
/
geo.privacymanager.io/
30 B
605 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-84.vie50.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 00:53:04 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront), 1.1 315b8dfb52e5c49bd834510b0301e938.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1, VIE50-C1
age
12152
x-amzn-requestid
05c36cc0-0054-4300-86e3-9646a4d522a1
x-amzn-trace-id
Root=1-639bc170-21e87bdd0ebfe0c902b4b6c8;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
dNspiGsSDoEFmPQ=
content-length
30
x-amz-cf-id
bHVVbZ-4obDWWIpWpD6IhwXN9wQH4MOffcLUR6NFwm7gNryQOEZ1Vw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
ec41ae94-2125-419d-9e21-c5e77c0b22ed
https://www.thenewsherald.com/
390 B
0
Other
General
Full URL
blob:https://www.thenewsherald.com/ec41ae94-2125-419d-9e21-c5e77c0b22ed
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
884 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:03:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
726
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 16 Dec 2022 05:03:30 GMT
9b82f438-b16c-4ad5-b84f-d5c4dbb3a6f0
https://www.thenewsherald.com/
390 B
0
Other
General
Full URL
blob:https://www.thenewsherald.com/9b82f438-b16c-4ad5-b84f-d5c4dbb3a6f0
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202212121148/
210 KB
66 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202212121148/wrap.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 16:50:50 GMT
server
cloudflare
x-amz-request-id
D6D5311DEGG6PTDQ
age
292950
etag
W/"a295e934190c6de7fe47fed7fbac382f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
77a4994c4da790e6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
MqLOKodOSCpSGljthfaryKKA0qVPHqUC4o2wBfY1yB+zzCW5TlXYo2dA3uyh5yoz+DfUPuUMDi0=
loader-config.json
loader-cdn.azureedge.net/prod/dfm/
974 B
824 B
XHR
General
Full URL
https://loader-cdn.azureedge.net/prod/dfm/loader-config.json?_=1671164135268
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/488A) /
Resource Hash
94635ae394fd2490d60bac4c00393de203fa5786155e0b055ec26db8e8b89a23

Request headers

Accept
*/*
Referer
https://www.thenewsherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Dec 2022 04:15:36 GMT
content-encoding
gzip
content-md5
6SckRSyS5jju5Q3JMkb+xg==
age
9111
x-cache
HIT
content-length
457
x-ms-lease-status
unlocked
last-modified
Thu, 06 Oct 2022 14:31:34 GMT
server
ECAcc (ama/488A)
etag
0x8DAA7A77829F56B
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
e55c817c-f01e-0068-7bef-10912e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
fp.min.js
fp-cdn.azureedge.net/prod/dfm/
59 KB
20 KB
Script
General
Full URL
https://fp-cdn.azureedge.net/prod/dfm/fp.min.js?
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48DC) /
Resource Hash
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Dec 2022 04:15:36 GMT
content-encoding
gzip
content-md5
I+TRQO5bVyRNfhz04pv14Q==
age
7121
x-cache
HIT
content-length
19745
x-ms-lease-status
unlocked
last-modified
Thu, 24 Dec 2020 08:54:59 GMT
server
ECAcc (ama/48DC)
etag
0x8D8A7E997F32F60
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
37896d91-801e-0096-59f4-10fe6f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
g2i.min.js
g2insights-cdn.azureedge.net/prod/dfm/
1 MB
217 KB
Script
General
Full URL
https://g2insights-cdn.azureedge.net/prod/dfm/g2i.min.js?
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AF) /
Resource Hash
a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Dec 2022 04:15:36 GMT
content-encoding
gzip
content-md5
MEV0XK+iSrlNTVyliS0EpQ==
age
7129
x-cache
HIT
content-length
221901
x-ms-lease-status
unlocked
last-modified
Tue, 29 Dec 2020 13:55:30 GMT
server
ECAcc (ama/48AF)
etag
0x8D8AC0167971F78
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8fbe392e-401e-00a6-4af4-1040a0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/
559 KB
118 KB
Script
General
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.js?
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CD) /
Resource Hash
2495332eea9cbc5525f49204dcdc08c8e089169908861cd0edef778e6c822022

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Dec 2022 04:15:36 GMT
content-encoding
gzip
content-md5
X5ool3fb3fn9i5liRXvPMA==
age
47549
x-cache
HIT
content-length
119970
x-ms-lease-status
unlocked
last-modified
Mon, 20 Jun 2022 07:05:06 GMT
server
ECAcc (ama/48CD)
etag
0x8DA528B3481B2A4
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
55348906-f01e-0078-6996-105446000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
t8y9347t.min.css
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/
295 KB
28 KB
Stylesheet
General
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.css?
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F6) /
Resource Hash
70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Dec 2022 04:15:36 GMT
content-encoding
gzip
content-md5
qePO0yKWifmYWvQdlK/DtQ==
age
4340
x-cache
HIT
content-length
28321
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:48 GMT
server
ECAcc (ama/48F6)
etag
0x8D9056E3D33EB71
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
0ac191bc-901e-006e-04fa-10a291000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
775c740f5d4e1b0cb33889dfcd568bc2
z618.thenewsherald.com/plugin/plugin/
219 KB
53 KB
Script
General
Full URL
https://z618.thenewsherald.com/plugin/plugin/775c740f5d4e1b0cb33889dfcd568bc2
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-41.fra56.r.cloudfront.net
Software
- /
Resource Hash
8c6068881ef4ac0f7c15faea225d3c16ff1d1deca7419ec248f6d572be95b070
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 09:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P7
age
241307
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
54167
x-xss-protection
1; mode=block
last-modified
Mon, 12 Dec 2022 09:13:49 GMT
server
-
etag
775c740f5d4e1b0cb33889dfcd568bc2
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
6y5MF9bkFJ51iai6DbiJyyc7580aARoJCV9F6Ew9I_MhWZyLPBVJIg==
expires
Wed, 13 Dec 2023 09:13:49 GMT
PMPMIWEEKLIES
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ Frame
0
0
Preflight
General
Full URL
https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/PMPMIWEEKLIES
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method
GET
Origin
https://www.thenewsherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin
*
Content-Length
0
Date
Fri, 16 Dec 2022 04:15:36 GMT
X-Powered-By
ASP.NET
index.js
cdn.czx5eyk0exbhwp43ya.biz/
7 KB
2 KB
Script
General
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/index.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489D) /
Resource Hash
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Dec 2022 04:15:36 GMT
content-encoding
gzip
content-md5
nynBpfvYghYqzIzsvfssRw==
age
9700
x-cache
HIT
content-length
2382
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jun 2022 17:08:13 GMT
server
ECAcc (ama/489D)
etag
0x8DA5083F65AD9E0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
737c93cc-901e-0041-31ee-10af5a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
PMPMIWEEKLIES
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/
329 KB
88 KB
Fetch
General
Full URL
https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/PMPMIWEEKLIES
Requested by
Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
37e442de5e0689eb9c27a65a12c3a79295852f8dd9896aabca8f8f6c0708dd39

Request headers

source-system
Plugin
site-code
DFM
autoqa
false
accept-language
de-DE,de;q=0.9
settingskey
NORCAL,TNH
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2NzExNzg1Mzd9.UnCKEsTejZSmnPsXKtJG-ckyttLsMfb8W-xY87tfZ4k
ssid
1630c5c5731a8da946521f6813dfcb1a
environment
prod
config-code
PMPMIWEEKLIES
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json
access-control-allow-origin
*
accept
application/json
attr
TNH
location
undefined
Referer
https://www.thenewsherald.com/
version
Version: 2.5.4.3_swg

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 16 Dec 2022 04:15:36 GMT
Content-Encoding
gzip
X-Server-Time
12/16/2022 4:15:37 AM
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Content-Length
89154
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/
631 B
1 KB
Image
General
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.77.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 04:15:37 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
AF3VWWC1EF5T4FQX
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
gSqnkq39ETPILxnwjyOpvK46xUmt+ALXfMatXjw/Tj/x00U/1cTFOUPLPR46wW20XWdbQnXBvbE=
x-amz-meta-s3b-last-modified
20191015T134358Z
daily.asp
marketplace.medianewsgroup.com/promos/ Frame FD01
3 KB
3 KB
Document
General
Full URL
https://marketplace.medianewsgroup.com/promos/daily.asp?nid=20
Requested by
Host: marketplace.medianewsgroup.com
URL: https://marketplace.medianewsgroup.com/promos/wordpress.asp?nid=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.239.25.228 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.25.239.35.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 /
Resource Hash
b52844983950dd1d1e44dedf001371ebb7c9eaf597fc78f97f5d5130d0f32a37

Request headers

Referer
https://marketplace.medianewsgroup.com/promos/wordpress.asp?nid=20
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-length
2744
content-type
text/html
date
Fri, 16 Dec 2022 04:15:36 GMT
server
Microsoft-IIS/10.0
36881e04-1419-4258-be5c-b5bfadec6b27
https://www.thenewsherald.com/
390 B
0
Other
General
Full URL
blob:https://www.thenewsherald.com/36881e04-1419-4258-be5c-b5bfadec6b27
Requested by
Host: www.thenewsherald.com
URL: https://www.thenewsherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
3481c93c3e240ef26896065569dec34a
z618.thenewsherald.com/plugin/library/
321 KB
99 KB
Script
General
Full URL
https://z618.thenewsherald.com/plugin/library/3481c93c3e240ef26896065569dec34a
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-41.fra56.r.cloudfront.net
Software
- /
Resource Hash
0609d127885700576d3e495193f8be3c7ec31a98fa1bc5d6f65a2134e5ea4313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:10:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P7
age
2379880
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
101209
x-xss-protection
1; mode=block
last-modified
Thu, 17 Nov 2022 15:10:55 GMT
server
-
etag
3481c93c3e240ef26896065569dec34a
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
FT94gxFgCDYD6ENoEzDlRO3lHrAhfvOzFDF0HVGcu2KcA7K0yPdxoQ==
expires
Sat, 18 Nov 2023 15:10:55 GMT
LB-Zone-1
z618.thenewsherald.com/DG/DEFAULT/rest/rpc/571/
3 KB
2 KB
XHR
General
Full URL
https://z618.thenewsherald.com/DG/DEFAULT/rest/rpc/571/LB-Zone-1?referer=https%3A%2F%2Fwww.thenewsherald.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-12-16T04%3A15%3A36%2B00%3A00&ts=1671164136806
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-41.fra56.r.cloudfront.net
Software
- /
Resource Hash
5fa290ebcf3d666df28a8703d3c7a32edd36cc9fd333f243992a70e78f41abb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thenewsherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Dec 2022 04:15:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1025
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thenewsherald.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
vXkhwgyGDcbtCpHUBXbSEGaPAZt8W6FLw_XWfBnvb6L5_yeKUUwkWQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
gtm.js
www.googletagmanager.com/
211 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
08760798aa15696fc2fc24e3854e8e274b1eaf1f8a694f3b96b6cbc870eba065
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68068
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Dec 2022 04:15:36 GMT
BlackFriday120x90.jpg
marketplace.medianewsgroup.com/promos/library/ Frame FD01
5 KB
5 KB
Image
General
Full URL
https://marketplace.medianewsgroup.com/promos/library/BlackFriday120x90.jpg
Requested by
Host: marketplace.medianewsgroup.com
URL: https://marketplace.medianewsgroup.com/promos/daily.asp?nid=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.239.25.228 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.25.239.35.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 /
Resource Hash
34144fd1687c7cdce3d24386d5a71d93a0fd036f65264729cb36135613190162

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketplace.medianewsgroup.com/promos/daily.asp?nid=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
last-modified
Wed, 23 Nov 2022 16:30:15 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"bbf3f0dd58ffd81:0"
content-length
4650
content-type
image/jpeg
Goodfellows120x90-22-LP.jpg
marketplace.medianewsgroup.com/promos/library/ Frame FD01
6 KB
6 KB
Image
General
Full URL
https://marketplace.medianewsgroup.com/promos/library/Goodfellows120x90-22-LP.jpg
Requested by
Host: marketplace.medianewsgroup.com
URL: https://marketplace.medianewsgroup.com/promos/daily.asp?nid=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.239.25.228 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.25.239.35.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 /
Resource Hash
3d3cc925c3849b437f0e6f56de2828827793f511b73f71df8acba11e13b7292d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketplace.medianewsgroup.com/promos/daily.asp?nid=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
last-modified
Wed, 23 Nov 2022 16:19:57 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"2118a26d57ffd81:0"
content-length
5863
content-type
image/jpeg
Subscription120x90.jpg
marketplace.medianewsgroup.com/promos/library/ Frame FD01
7 KB
7 KB
Image
General
Full URL
https://marketplace.medianewsgroup.com/promos/library/Subscription120x90.jpg
Requested by
Host: marketplace.medianewsgroup.com
URL: https://marketplace.medianewsgroup.com/promos/daily.asp?nid=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.239.25.228 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.25.239.35.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 /
Resource Hash
36210e1eb11abe17ed5860e914bf799ba0a1b5817695168e426aaa34a2ba089c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketplace.medianewsgroup.com/promos/daily.asp?nid=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
last-modified
Thu, 16 Jun 2022 19:33:46 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"ff5b42ffb781d81:0"
content-length
7080
content-type
image/jpeg
ShoppingGuide120x90.jpg
marketplace.medianewsgroup.com/promos/library/ Frame FD01
4 KB
5 KB
Image
General
Full URL
https://marketplace.medianewsgroup.com/promos/library/ShoppingGuide120x90.jpg
Requested by
Host: marketplace.medianewsgroup.com
URL: https://marketplace.medianewsgroup.com/promos/daily.asp?nid=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.239.25.228 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.25.239.35.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 /
Resource Hash
ae7d9a08088bc8432ed583f61cfcb44fffb79f1d0264d6b2301f1aa1d674fb10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketplace.medianewsgroup.com/promos/daily.asp?nid=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
last-modified
Thu, 20 Jan 2022 14:19:29 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"3b548ebc8ed81:0"
content-length
4583
content-type
image/jpeg
Goodfellows120x90-22-Taylor.jpg
marketplace.medianewsgroup.com/promos/library/ Frame FD01
5 KB
5 KB
Image
General
Full URL
https://marketplace.medianewsgroup.com/promos/library/Goodfellows120x90-22-Taylor.jpg
Requested by
Host: marketplace.medianewsgroup.com
URL: https://marketplace.medianewsgroup.com/promos/daily.asp?nid=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.239.25.228 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.25.239.35.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 /
Resource Hash
670ec56bdc4422a5d5af9bffc71aa280bc914fad787abba3f30f2e193ca230ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketplace.medianewsgroup.com/promos/daily.asp?nid=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
last-modified
Wed, 23 Nov 2022 16:18:35 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"77d5e93c57ffd81:0"
content-length
5414
content-type
image/jpeg
Goodfellows120x90-22.jpg
marketplace.medianewsgroup.com/promos/library/ Frame FD01
6 KB
6 KB
Image
General
Full URL
https://marketplace.medianewsgroup.com/promos/library/Goodfellows120x90-22.jpg
Requested by
Host: marketplace.medianewsgroup.com
URL: https://marketplace.medianewsgroup.com/promos/daily.asp?nid=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.239.25.228 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.25.239.35.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 /
Resource Hash
bb50e8ce8a0d31568a455ef2e6bebbaeca592773f7b09f77db54a677c36d903e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketplace.medianewsgroup.com/promos/daily.asp?nid=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
last-modified
Wed, 23 Nov 2022 16:15:29 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"d9f9e4cd56ffd81:0"
content-length
5760
content-type
image/jpeg
prepzone_nh290x40.jpg
marketplace.medianewsgroup.com/promos/library/ Frame FD01
5 KB
5 KB
Image
General
Full URL
https://marketplace.medianewsgroup.com/promos/library/prepzone_nh290x40.jpg
Requested by
Host: marketplace.medianewsgroup.com
URL: https://marketplace.medianewsgroup.com/promos/daily.asp?nid=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.239.25.228 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.25.239.35.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 /
Resource Hash
4b268b65809532b090676106ebea9089bbdf3d7395f952cdd53b98505f34baac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketplace.medianewsgroup.com/promos/daily.asp?nid=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:36 GMT
last-modified
Tue, 08 Feb 2022 17:17:33 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"5c88dfc2f1dd81:0"
content-length
4897
content-type
image/jpeg
5a7318c0-d147-4a10-ae3b-b3621c61f595
https://www.thenewsherald.com/
390 B
0
Other
General
Full URL
blob:https://www.thenewsherald.com/5a7318c0-d147-4a10-ae3b-b3621c61f595
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
571
z618.thenewsherald.com/DG/DEFAULT/rest/rpc/
571 B
1 KB
XHR
General
Full URL
https://z618.thenewsherald.com/DG/DEFAULT/rest/rpc/571?referer=https%3A%2F%2Fwww.thenewsherald.com%2F&bcsessionid=d5c13101-d90f-4d6c-a16d-9906abb1d29d&bctempid=&overruleReferrer=&time=2022-12-16T04%3A15%3A37%2B00%3A00&ts=1671164137251
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-41.fra56.r.cloudfront.net
Software
- /
Resource Hash
6d87bc76e474049a82395b73cd40d3eac8d3ebc79ce757c2691756b249d77de3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thenewsherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Dec 2022 04:15:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
182
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thenewsherald.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
19CaK6KCu0tMPSwKj6OiooLi6ULwr-til50GImqW_plTq--X6yx4pg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
571
z618.thenewsherald.com/DG/DEFAULT/rest/rpc/
191 B
1 KB
XHR
General
Full URL
https://z618.thenewsherald.com/DG/DEFAULT/rest/rpc/571?referer=https%3A%2F%2Fwww.thenewsherald.com%2F&bcsessionid=d5c13101-d90f-4d6c-a16d-9906abb1d29d&bctempid=&overruleReferrer=&time=2022-12-16T04%3A15%3A37%2B00%3A00&ts=1671164137252
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-41.fra56.r.cloudfront.net
Software
- /
Resource Hash
e41cf7b86544c2d38c9d36b699a7daabc04f35f161ab81b7164c421855aa5510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thenewsherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Dec 2022 04:15:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
169
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thenewsherald.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
C3GVucH-yPLDoU6M_6ODjG51ETdYk1tEm21EQKEityuaSAus8aYYPw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
medianewsgroup.blueconic.net/DG/DEFAULT/
66 B
855 B
Script
General
Full URL
https://medianewsgroup.blueconic.net/DG/DEFAULT/cs?bcsessionid=d5c13101-d90f-4d6c-a16d-9906abb1d29d&&callback=bc_json573
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.174.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-174-180.compute-1.amazonaws.com
Software
- /
Resource Hash
75e81442032a73e79568a557c0e4a538d383c31e0b9623ab6cfc3fc681759487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:15:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
track
dc.services.visualstudio.com/v2/
223 B
408 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.208 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
099dab513d8ed4fe5dd80830bd52cbbc4c66a14eb7c96c620f0f64a6ba771f62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thenewsherald.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
E4FB28AC-47A2-411D-8B7D-574CC9B1995B
strict-transport-security
max-age=31536000
date
Fri, 16 Dec 2022 04:15:36 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
223
track
dc.services.visualstudio.com/v2/ Frame
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.208 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://www.thenewsherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Fri, 16 Dec 2022 04:15:36 GMT
x-content-type-options
nosniff
self
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/
583 B
814 B
Fetch
General
Full URL
https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1671164137678
Requested by
Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdacbc505cd02e06417333b1b17615745e69af6656c65ddd91b105a1b38641f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:15:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 16 Dec 2022 04:15:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FRdNqQ%2BShX%2Fcc7x0NabIi%2BSl9VK%2Fl%2BQN4UCWyR08gwD6kOb8UktVi%2FG0BcHAfNLuNOGF2OQx6w3x1j7jkP%2BiYKJIBacqMoOTC3Be27%2FYTbI6Jy9j%2BLAos1F4j8JJ1ZWd8r5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
77a49954aca39b7d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vendors~Auth0UniversalLoginAuthSystem.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/
143 KB
42 KB
Script
General
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/vendors~Auth0UniversalLoginAuthSystem.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489F) /
Resource Hash
6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Dec 2022 04:15:37 GMT
content-encoding
gzip
content-md5
o/3Cfwyx2Hdo/xXi+KtqIw==
age
4364
x-cache
HIT
content-length
43195
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:48 GMT
server
ECAcc (ama/489F)
etag
0x8D9056E3D50F079
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5828b63e-801e-0010-43fa-1032d6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
Auth0UniversalLoginAuthSystem.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/
11 KB
3 KB
Script
General
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/Auth0UniversalLoginAuthSystem.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48DA) /
Resource Hash
dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Dec 2022 04:15:37 GMT
content-encoding
gzip
content-md5
E5fyjsIr92YKgvTS5SE4ZA==
age
4364
x-cache
HIT
content-length
3400
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:32 GMT
server
ECAcc (ama/48DA)
etag
0x8D9056E339D05A5
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f47af37e-001e-0088-2afa-1012b7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
Auth0AuthSystem.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/
7 KB
2 KB
Script
General
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/Auth0AuthSystem.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48EB) /
Resource Hash
99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Dec 2022 04:15:37 GMT
content-encoding
gzip
content-md5
jBig/iW/Mpw+sfYWVt9mLw==
age
4364
x-cache
HIT
content-length
2320
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:31 GMT
server
ECAcc (ama/48EB)
etag
0x8D9056E3391B836
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
26b3452e-701e-0049-0cfa-10b555000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
CustomAuthSystem.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/
6 KB
2 KB
Script
General
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/CustomAuthSystem.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AF) /
Resource Hash
80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Dec 2022 04:15:37 GMT
content-encoding
gzip
content-md5
WtHQ46VooZh5jhibUEIm/g==
age
4364
x-cache
HIT
content-length
2146
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:32 GMT
server
ECAcc (ama/48AF)
etag
0x8D9056E33BE9F96
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d68d1a30-001e-0053-66fa-10d48a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
JanrainAuthSystem.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/
9 KB
3 KB
Script
General
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/JanrainAuthSystem.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48A9) /
Resource Hash
1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Dec 2022 04:15:37 GMT
content-encoding
gzip
content-md5
3loC7XOiphfHLLmAxSEZ5g==
age
4364
x-cache
HIT
content-length
2639
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:32 GMT
server
ECAcc (ama/48A9)
etag
0x8D9056E33C99EC8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e707eba4-b01e-009d-47fa-100504000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
MG2AuthSystem.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/
9 KB
3 KB
Script
General
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/MG2AuthSystem.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AC) /
Resource Hash
8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Dec 2022 04:15:37 GMT
content-encoding
gzip
content-md5
53DSePPJylXjWw4MlYhYcA==
age
4364
x-cache
HIT
content-length
2456
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:32 GMT
server
ECAcc (ama/48AC)
etag
0x8D9056E33DFC44A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7e93e5bb-d01e-007f-33fa-103825000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
NewzwareAuthSystem.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/
13 KB
4 KB
Script
General
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/NewzwareAuthSystem.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F1) /
Resource Hash
2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Dec 2022 04:15:37 GMT
content-encoding
gzip
content-md5
XXTxgTgPuF9lg38Cul1d8Q==
age
4364
x-cache
HIT
content-length
4009
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:32 GMT
server
ECAcc (ama/48F1)
etag
0x8D9056E33EAC378
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fc67418f-501e-0085-59fa-10da63000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
LikeButtons4.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/
114 B
241 B
Script
General
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/LikeButtons4.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CA) /
Resource Hash
64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Dec 2022 04:15:37 GMT
content-md5
0is0k5hNwCAMRJ10IGm41w==
age
4364
x-cache
HIT
content-length
114
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:32 GMT
server
ECAcc (ama/48CA)
etag
0x8D9056E33D49E04
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9c63e8b8-d01e-000d-33fa-103f6a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
accept-ranges
bytes
views
prod-dfm-proxy-connext.azurewebsites.net/api/
65 B
1 KB
Fetch
General
Full URL
https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=d14aec5525cc27964fc482462f0a9b14&ConfigCode=PMPMIWEEKLIES&SiteCode=DFM&SettingsKey=NORCAL%2CTNH
Requested by
Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec

Request headers

source-system
Plugin
site-code
DFM
autoqa
false
accept-language
de-DE,de;q=0.9
settingskey
NORCAL,TNH
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2NzExNzg1Mzd9.UnCKEsTejZSmnPsXKtJG-ckyttLsMfb8W-xY87tfZ4k
ssid
1630c5c5731a8da946521f6813dfcb1a
environment
prod
config-code
PMPMIWEEKLIES
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json
access-control-allow-origin
*
accept
application/json
attr
TNH
location
System
Referer
https://www.thenewsherald.com/
version
Version: 2.5.4.3_swg

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 16 Dec 2022 04:15:37 GMT
Content-Encoding
gzip
X-Server-Time
12/16/2022 4:15:38 AM
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Content-Length
177
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
views
prod-dfm-proxy-connext.azurewebsites.net/api/ Frame
0
0
Preflight
General
Full URL
https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=d14aec5525cc27964fc482462f0a9b14&ConfigCode=PMPMIWEEKLIES&SiteCode=DFM&SettingsKey=NORCAL%2CTNH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method
GET
Origin
https://www.thenewsherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin
*
Content-Length
0
Date
Fri, 16 Dec 2022 04:15:37 GMT
X-Powered-By
ASP.NET
bee96e65-591f-4ec1-aa4c-edb3a088e873
https://www.thenewsherald.com/
390 B
0
Other
General
Full URL
blob:https://www.thenewsherald.com/bee96e65-591f-4ec1-aa4c-edb3a088e873
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 16 Dec 2022 03:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3061
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 16 Dec 2022 05:24:37 GMT
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/
631 B
1 KB
Image
General
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.77.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 04:15:41 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
THC58HTQM3KJ8R00
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
JMVcrFnaD0ivAIjOUUHE/lUlKnjQhYyYPrgr5IlhXSpB3Vzwac4dYzYKbVj2py9HKvOJkfjYm4M=
x-amz-meta-s3b-last-modified
20191015T134358Z
index.js
cdn.czx5eyk0exbhwp43ya.biz/
7 KB
2 KB
Script
General
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/index.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489D) /
Resource Hash
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewsherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Dec 2022 04:15:40 GMT
content-encoding
gzip
content-md5
nynBpfvYghYqzIzsvfssRw==
age
9704
x-cache
HIT
content-length
2382
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jun 2022 17:08:13 GMT
server
ECAcc (ama/489D)
etag
0x8DA5083F65AD9E0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
737c93cc-901e-0041-31ee-10af5a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontentvisibilityautostatechange object| scriptHelpers function| loadCSS object| _wpemojiSettings boolean| apstagLOADED object| apstag object| regeneratorRuntime object| ZeusAdapter string| zeusAdUnitPath object| zeusKeyvalues number| MNG_SSO_TOOLS_GLOBAL_START_TIME function| $ function| jQuery object| MG2 function| PluginInitOverride object| MG2Loader string| loaderVersion string| loaderBuild object| appInsights object| deferredResources function| createAuth0Client function| Auth0Client object| authentication_config object| entitlements_config object| MNGAuthentication boolean| disableAuth0AuthFlow object| PushlySDK object| dfm_pushly_options object| blueConicPreListeners function| BCClass object| blueConicClient function| Osano function| __uspapi function| __tcfapi object| twemoji object| wp function| mg2WidgetAPI function| analyticsEvent function| analyticsSocial function| analyticsVPV function| analyticsClearVPV function| analyticsForm object| dataLayer function| closeMobileAdhesionAd function| keyboardHandler object| runtime object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| setImmediate function| clearImmediate object| wpParselyHooks object| PARSELY boolean| dfmCanRunAds object| webpackChunkknowlton function| Headroom function| Hammer object| siteName object| _stq object| litHtmlVersions function| st_go function| linktracker_init object| wpcom object| AI object| Microsoft function| __extends function| _endsWith object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| comscoreID object| _qevents function| fbq function| _fbq object| atsScript object| bc_json572 object| ats object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| confiant object| googletag object| pbjs object| LoaderConfig string| fpVersion string| fpBuild object| DeviceDetector object| Fingerprint object| nxtBundle object| webpackJsonpnxtBundle object| NxtInner object| Connext object| CnnXt object| g2ExtendInits object| G2Analytics object| G2Insights object| MG2Insights object| MG2DL function| InteractionTypeImpl function| _____WB$wombat$assign$function_____ function| __WB_pmw object| gPartners object| _bcp object| Mustache function| BlueConicMetaDataService function| RuleService object| justDetectAdblock function| jwt_decode function| BlueConicEngagement object| bc object| bcConnectionUtil function| BlueConicDataLayerUtil object| JSONPath function| md5 object| bc_json573

19 Cookies

Domain/Path Name / Value
z618.thenewsherald.com/DG/DEFAULT Name: BCSessionID
Value: d5c13101-d90f-4d6c-a16d-9906abb1d29d
medianewsgroup.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: d5c13101-d90f-4d6c-a16d-9906abb1d29d
.thenewsherald.com/ Name: bc_tstgrp
Value: 1
.thenewsherald.com/ Name: _pnvl
Value: false
.thenewsherald.com/ Name: pushly.user_puuid
Value: FxskkRiuL4H7BxCj3UFJV9QVUKi7qoiE
.thenewsherald.com/ Name: _pndnt
Value:
.thenewsherald.com/ Name: _dor
Value: www.thenewsherald.com
.thenewsherald.com/ Name: _pnlspid
Value: 13343
.thenewsherald.com/ Name: _pnss
Value: dismissed
.thenewsherald.com/ Name: _pnpdm
Value: true
.thenewsherald.com/ Name: _ga_JNP6TRHKRV
Value: GS1.1.1671164136.1.0.1671164136.0.0.0
www.thenewsherald.com/ Name: _lr_geo_location
Value: DE
.thenewsherald.com/ Name: anonDeviceId
Value: d14aec5525cc27964fc482462f0a9b14
medianewsgroup.blueconic.net/ Name: AWSALBCORS
Value: WY9jblc4btwQ6cGta9wnnVaMTWEAmIbpoFTFxvrcXGpt05HNJX6u6nfuHjC820ebBfMrDpD6afRpuJdlnljYrtpdRMEfX72diasjd9YgR7pGUTwO9HkSQHny2xu+
z618.thenewsherald.com/ Name: AWSALB
Value: M4wNyWtyhGQS0yBvKrE2UeYwG1VQ7lLVrCzcuXzAuiRIuguj+idmxg53ySF4k7AXeNpQcMcdKOhHj0KhN2qEw50BfklMJqBa05sIuQvTOZiK5LebXKygnENKy7R7
z618.thenewsherald.com/ Name: AWSALBCORS
Value: M4wNyWtyhGQS0yBvKrE2UeYwG1VQ7lLVrCzcuXzAuiRIuguj+idmxg53ySF4k7AXeNpQcMcdKOhHj0KhN2qEw50BfklMJqBa05sIuQvTOZiK5LebXKygnENKy7R7
www.thenewsherald.com/ Name: ABTestCookie
Value: B
.www.thenewsherald.com/ Name: sub_nxt_upd_ac_DFM_PMPMIWEEKLIES_PROD
Value: 1
.www.thenewsherald.com/ Name: sub_nxt_DFM_PMPMIWEEKLIES_PROD
Value: {%221%22:{%22104081%22:{%22ac%22:1%2C%22ac_d%22:1%2C%22s%22:%222022-12-16T04:15:38.340Z%22}%2C%22_ac_d%22:1%2C%22_ac%22:1%2C%22_acnv%22:104081}}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api-mg2.db-ip.com
ats.rlcdn.com
az416426.vo.msecnd.net
c.amazon-adsystem.com
cdn.auth0.com
cdn.confiant-integrations.net
cdn.czx5eyk0exbhwp43ya.biz
cdn.jsdelivr.net
cdn.p-n.io
cdn.parsely.com
cmp.osano.com
dc.services.visualstudio.com
fonts.googleapis.com
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
geo.privacymanager.io
k.p-n.io
loader-cdn.azureedge.net
marketplace.digitalfirstmedia.com
marketplace.medianewsgroup.com
medianewsgroup.blueconic.net
mng-thenewsherald.zeustechnology.com
paywall-ad-bucket.s3.amazonaws.com
pixel.wp.com
polyfill.io
prod-dfm-proxy-connext.azurewebsites.net
prodmg2.blob.core.windows.net
s.ntv.io
sb.scorecardresearch.com
session.denverpost.com
stats.wp.com
www.google-analytics.com
www.googletagmanager.com
www.thenewsherald.com
ypsilanticourier.com
z618.thenewsherald.com
104.26.5.15
108.138.17.41
13.224.189.41
13.32.105.49
13.32.121.37
13.32.2.61
13.69.106.208
13.85.16.224
18.66.108.49
18.66.15.43
192.0.66.168
192.0.76.3
2.18.234.163
20.60.62.4
2600:9000:223c:a800:3:b7e:8940:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6812:106b
2a00:1450:4001:801::200e
2a00:1450:4001:830::2008
2a00:1450:400d:807::200a
2a00:1450:400d:80e::200a
2a04:4e42:200::485
2a04:4e42:e00::282
3.229.174.180
34.209.101.105
35.239.25.228
52.217.77.132
52.28.169.33
96.45.82.64
99.86.240.124
99.86.240.84
01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392
04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1
0609d127885700576d3e495193f8be3c7ec31a98fa1bc5d6f65a2134e5ea4313
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
08760798aa15696fc2fc24e3854e8e274b1eaf1f8a694f3b96b6cbc870eba065
08dd3641390cdd9ca6d312a534a6eea7011134516cb58741c08d4e10abee2eeb
099dab513d8ed4fe5dd80830bd52cbbc4c66a14eb7c96c620f0f64a6ba771f62
0b1c3e96a2c3257b9a6926221b2104bbb40393742c76ab7704201a035933d4fa
123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23
128041511b92b8a734cab92b44b41d32c293e29111b65d4a3885951f062bdae4
182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141
1a530a45de7cff1208cd59b6074773035f9ebfec4e03e7501f12dcf0b7357af9
1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61
23bc05e5003e6a633d4d79ed20821daaae6c06ceabd6ec63c44235a1a258dc15
2495332eea9cbc5525f49204dcdc08c8e089169908861cd0edef778e6c822022
2ecd220f85bd6f9e412a22cb9a8c315dc1e502de4914571245773def0fad1a2f
2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2
34144fd1687c7cdce3d24386d5a71d93a0fd036f65264729cb36135613190162
34945e9fe22c02e9b1ba570f2d0bfd0ae2bbaf2a3bedb7a1bfbc2e4574ba7636
36210e1eb11abe17ed5860e914bf799ba0a1b5817695168e426aaa34a2ba089c
37e442de5e0689eb9c27a65a12c3a79295852f8dd9896aabca8f8f6c0708dd39
3d3cc925c3849b437f0e6f56de2828827793f511b73f71df8acba11e13b7292d
4255e4ace6e08b544432f062fee688b53ab38b9f13a3808acafbf78076c68895
4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf
488781e479ac0f453f3393ab549befd06f15055fe25b91488e2cc7444ab82884
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b268b65809532b090676106ebea9089bbdf3d7395f952cdd53b98505f34baac
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5a36cfb2ac68d3fe9f0c85e63ac833ff97220f3ce561afa3fbcba3e7aac3502c
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b9465be2c23d220675688b5221020b76bd90832a90b2b52e102538bd319c84d
5c3e70806ebe1b75d28f62caa8fbd4ee93141ac9447780965ec8487ce2c11c6a
5df2498d566a9c0c42fef5906f0818a35cfc4ce1cac95e1e0eed4265c838eb10
5fa290ebcf3d666df28a8703d3c7a32edd36cc9fd333f243992a70e78f41abb8
64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11
65e8f8eda5862aa99f8118206aaec31225558fbfbfe0f0f817d3b71335c25095
670ec56bdc4422a5d5af9bffc71aa280bc914fad787abba3f30f2e193ca230ed
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407
6c1ff552cb56a441d7c77c6a8fe5b5af11e5974d1096dcf597e0668734963818
6d87bc76e474049a82395b73cd40d3eac8d3ebc79ce757c2691756b249d77de3
6eadcc67d37b2ff780352cc10e7a9626fb5c8525bdccbb89474d30a8b7f9714b
6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad
70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914
75e81442032a73e79568a557c0e4a538d383c31e0b9623ab6cfc3fc681759487
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
7874dfff4d554bccd31d1ea3b60d323b9f0357da32403a98f10545c23c417e10
80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b
80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8c6068881ef4ac0f7c15faea225d3c16ff1d1deca7419ec248f6d572be95b070
8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9314bdf069833133cb5e8b7b704636871b73ce0b6a81173b01d48b65c83135f1
94635ae394fd2490d60bac4c00393de203fa5786155e0b055ec26db8e8b89a23
99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96
9a35a756a21d6678eb904be1c167a88c6bc2b2011a2824c6ed0a89e19ac7a379
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a5e157ad4cf5fee02152660a367a5fdfcbcee5162c75d9493f9f1958d3489dea
a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d
a832c721859e66024092445300431d52b19ce96eb53588ad13954e78be2a8580
ae7d9a08088bc8432ed583f61cfcb44fffb79f1d0264d6b2301f1aa1d674fb10
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b52844983950dd1d1e44dedf001371ebb7c9eaf597fc78f97f5d5130d0f32a37
b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec
bb268e75d6e38043ca66b3a88032b14b793529b473a4cf66934e4f63c049f673
bb50e8ce8a0d31568a455ef2e6bebbaeca592773f7b09f77db54a677c36d903e
bdacbc505cd02e06417333b1b17615745e69af6656c65ddd91b105a1b38641f3
c10e758f98444663560db89f53cd5d43478341c276c5c04d553557c71554ae3e
c3d38da8d4ed9f190fd614659d3286311908402049ac179d00f39985023c3fec
c540cdeba4eb897beea1c93c6452269a4de7b86a2e670b5b0ad37f9bbfc78c53
cbccc935557398179deeef044a5ab2353e97ca4961f313793c8ba03964c43e93
d5160a5031b52a3a7bc884baef7e68015f3ed254ab5df11e55278a2ee4ab4ce0
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d8d07e67dafce9ce1ae6cb877286ab88be47bf2385bd91518c0f449093aced9e
d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0
dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b7b9f316cf3335e3266a5524dbbae7b02a5eb93763f3a05b48745e585db830
e41cf7b86544c2d38c9d36b699a7daabc04f35f161ab81b7164c421855aa5510
e6656cc2857f2f0040dbab0813520e2df404524aae7aac3bde96941da0af909f
eabc0f4a5b76ceb76d11713e56e77dc230f3672c9df4c43a79089fa69b056033
ec238b506e5e6491a0015153e52ed5e71b67d94d5696b1d2c8888e5cb583d6a6
ecadb8880761df101d0b5f5d780e2bd78ec55c175b264d20ada6b1e4f8c892b4
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9a4fd6af3eba732125dddff863c391ef066074b4f9f567dfd42368eafc14991
ff0b3b0d7adc47e7b9bafbf0dd71f8b0029511df30b9f797b9866a5545db5828