www.telegraphherald.com Open in urlscan Pro
192.104.183.109 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Submission: On September 15 via manual (September 15th 2023, 4:48:55 pm UTC) from US — Scanned from DE

Summary HTTP 375 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 87 IPs in 8 countries across 58 domains to perform 375 HTTP transactions. The main IP is 192.104.183.109, located in United States and belongs to LEE-ASN, US. The main domain is www.telegraphherald.com. The Cisco Umbrella rank of the primary domain is 866413.
TLS certificate: Issued by GTS CA 1P5 on August 3rd 2023. Valid for: 3 months.

This is the only time www.telegraphherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	192.104.183.109 192.104.183.109	10668 (LEE-ASN) (LEE-ASN)
11	104.18.131.236 104.18.131.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
54	104.16.133.24 104.16.133.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	108.156.2.3 108.156.2.3	16509 (AMAZON-02) (AMAZON-02)
1 34	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	3.160.212.72 3.160.212.72	16509 (AMAZON-02) (AMAZON-02)
2	184.175.83.79 184.175.83.79	7393 (CYBERCON) (CYBERCON)
2	54.197.229.45 54.197.229.45	14618 (AMAZON-AES) (AMAZON-AES)
1 5	18.172.153.124 18.172.153.124	16509 (AMAZON-02) (AMAZON-02)
1	108.157.177.7 108.157.177.7	16509 (AMAZON-02) (AMAZON-02)
19	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
9	142.250.186.40 142.250.186.40	15169 (GOOGLE) (GOOGLE)
6	18.66.202.223 18.66.202.223	16509 (AMAZON-02) (AMAZON-02)
3	172.67.159.162 172.67.159.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.201.15 157.240.201.15	32934 (FACEBOOK) (FACEBOOK)
2	104.18.32.137 104.18.32.137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.238.243.129 18.238.243.129	16509 (AMAZON-02) (AMAZON-02)
2	104.22.52.86 104.22.52.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.159.40 99.86.159.40	16509 (AMAZON-02) (AMAZON-02)
1	3.65.41.111 3.65.41.111	16509 (AMAZON-02) (AMAZON-02)
7	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
4	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
1	18.66.127.127 18.66.127.127	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.85.242.83 52.85.242.83	16509 (AMAZON-02) (AMAZON-02)
1	104.16.86.20 104.16.86.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
12	116.202.32.62 116.202.32.62	24940 (HETZNER-AS) (HETZNER-AS)
1	104.18.38.76 104.18.38.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.217.18.106 172.217.18.106	15169 (GOOGLE) (GOOGLE)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.58.206.42 216.58.206.42	15169 (GOOGLE) (GOOGLE)
11	18.66.97.25 18.66.97.25	16509 (AMAZON-02) (AMAZON-02)
8	3.215.72.221 3.215.72.221	14618 (AMAZON-AES) (AMAZON-AES)
3	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
4	108.177.15.155 108.177.15.155	15169 (GOOGLE) (GOOGLE)
2	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
2	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
3	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
1	52.209.147.201 52.209.147.201	16509 (AMAZON-02) (AMAZON-02)
1	50.16.31.29 50.16.31.29	14618 (AMAZON-AES) (AMAZON-AES)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
1	108.138.189.25 108.138.189.25	16509 (AMAZON-02) (AMAZON-02)
3	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
1	2.20.217.188 2.20.217.188	16625 (AKAMAI-AS) (AKAMAI-AS)
9	34.241.2.182 34.241.2.182	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	216.58.206.46 216.58.206.46	15169 (GOOGLE) (GOOGLE)
1	34.223.74.168 34.223.74.168	16509 (AMAZON-02) (AMAZON-02)
2	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
1	108.138.199.63 108.138.199.63	16509 (AMAZON-02) (AMAZON-02)
1	18.195.246.49 18.195.246.49	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.18.39.155 104.18.39.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.156.28.96 108.156.28.96	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
26	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
5	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
1	142.250.185.129 142.250.185.129	15169 (GOOGLE) (GOOGLE)
2	142.250.185.164 142.250.185.164	15169 (GOOGLE) (GOOGLE)
6	216.239.32.3 216.239.32.3	15169 (GOOGLE) (GOOGLE)
1	172.217.133.167 172.217.133.167	15169 (GOOGLE) (GOOGLE)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
7	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
1	74.125.111.134 74.125.111.134	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3	18.66.218.75 18.66.218.75	16509 (AMAZON-02) (AMAZON-02)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
4 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
3 5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	67.220.228.201 67.220.228.201	16509 (AMAZON-02) (AMAZON-02)
2 4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	54.76.57.143 54.76.57.143	16509 (AMAZON-02) (AMAZON-02)
375	87

14 192.104.183.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

www.telegraphherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.131.236 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.newyork1.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 108.156.2.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-3.mxp63.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 216.58.206.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.212.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-212-72.mxp53.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.175.83.79 (United States)

ASN7393 (CYBERCON, US)
PTR: cf.thmedia.com

www.accessdubuque.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.197.229.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-229-45.compute-1.amazonaws.com

embed.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.172.153.124 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-172-153-124.lhr50.r.cloudfront.net

embed.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.177.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-177-7.mxp53.r.cloudfront.net

embedcdn.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.202.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-202-223.mxp63.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.159.162 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.201.15 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-ams4.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.32.137 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.243.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-129.ams58.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.159.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-159-40.mxp64.r.cloudfront.net

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.41.111 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-41-111.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.127.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-127-127.fra60.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.242.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-242-83.arn1.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 116.202.32.62 (Schoenwalde, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy03.cl03.het.mrf.io

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
compassdata.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f106.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.42 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.66.97.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-25.fra56.r.cloudfront.net

d29xw9s9x32j3w.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.215.72.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-72-221.compute-1.amazonaws.com

s2l.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.147.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-147-201.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.31.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-31-29.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.189.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-189-25.mxp64.r.cloudfront.net

player.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.217.188 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-217-188.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.241.2.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-2-182.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yeet.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f14.1e100.net

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.223.74.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-74-168.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.199.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-199-63.mxp64.r.cloudfront.net

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.246.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-246-49.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.156.28.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-28-96.lhr50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.195 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.239.32.3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.133.167 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s66-in-f7.1e100.net

rr2---sn-4g5edndd.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.78 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.111.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s57-in-f6.1e100.net

r1---sn-4g5edn6k.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.218.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-218-75.mxp63.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.228.201 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.57.143 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-57-143.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	townnews.com bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 17305	398 KB
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 152 ade.googlesyndication.com — Cisco Umbrella Rank: 329	618 KB
35	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 pubads.g.doubleclick.net — Cisco Umbrella Rank: 412 bid.g.doubleclick.net — Cisco Umbrella Rank: 949 googleads.g.doubleclick.net — Cisco Umbrella Rank: 47 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 396 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	266 KB
28	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 8030 trends.revcontent.com — Cisco Umbrella Rank: 2550 yeet.revcontent.com — Cisco Umbrella Rank: 9031 img.revcontent.com — Cisco Umbrella Rank: 13098 cdn.revcontent.com — Cisco Umbrella Rank: 9388 images.revcontent.com — Cisco Umbrella Rank: 9446 media.revcontent.com — Cisco Umbrella Rank: 14688	256 KB
17	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 337 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 675 aax.amazon-adsystem.com — Cisco Umbrella Rank: 418 s.amazon-adsystem.com — Cisco Umbrella Rank: 330 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1065	138 KB
15	sendtonews.com 1 redirects embed.sendtonews.com — Cisco Umbrella Rank: 14127 embedcdn.sendtonews.com — Cisco Umbrella Rank: 15353 s2l.sendtonews.com — Cisco Umbrella Rank: 14150 player.sendtonews.com — Cisco Umbrella Rank: 14961	372 KB
14	telegraphherald.com www.telegraphherald.com — Cisco Umbrella Rank: 866413	198 KB
13	rubiconproject.com 7 redirects prebid-server.rubiconproject.com — Cisco Umbrella Rank: 967 eus.rubiconproject.com — Cisco Umbrella Rank: 669 token.rubiconproject.com — Cisco Umbrella Rank: 657 pixel.rubiconproject.com — Cisco Umbrella Rank: 402	18 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	250 KB
11	cloudfront.net d29xw9s9x32j3w.cloudfront.net	483 KB
11	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 8334	5 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 388	184 KB
10	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2408	295 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	671 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56 imasdk.googleapis.com — Cisco Umbrella Rank: 501	359 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44	42 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2787 ampcid.google.com — Cisco Umbrella Rank: 2819 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	284 KB
4	segment.com cdn.segment.com — Cisco Umbrella Rank: 1907	34 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 887 id5-sync.com — Cisco Umbrella Rank: 427	62 KB
4	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 10520 compassdata.mrf.io — Cisco Umbrella Rank: 60349	49 KB
3	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 177	896 B
3	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 331 gcdn.2mdn.net — Cisco Umbrella Rank: 1293 r1---sn-4g5edn6k.c.2mdn.net — Cisco Umbrella Rank: 430843	17 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5677 ampcid.google.de — Cisco Umbrella Rank: 71967	889 B
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4447 buttons-config.sharethis.com — Cisco Umbrella Rank: 5278 l.sharethis.com — Cisco Umbrella Rank: 4833	47 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 151
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 939	171 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 81	67 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 117	263 B
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 450	7 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 406	660 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 248	25 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 568 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 553	67 KB
2	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1107 lexicon.33across.com Failed	16 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 946 bcp.crwdcntrl.net — Cisco Umbrella Rank: 963	12 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 678	591 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	187 KB
2	secondstreetapp.com embed.secondstreetapp.com — Cisco Umbrella Rank: 55897 api.secondstreetapp.com — Cisco Umbrella Rank: 49622	54 KB
2	accessdubuque.com www.accessdubuque.com	12 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 478	619 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 410	513 B
1	googlevideo.com rr2---sn-4g5edndd.googlevideo.com — Cisco Umbrella Rank: 63656	1 MB
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 389	32 KB
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 550	558 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 268	710 B
1	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 639	549 B
1	undertone.com hb.undertone.com — Cisco Umbrella Rank: 4047	524 B
1	segment.io api.segment.io — Cisco Umbrella Rank: 1265	180 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1246	17 KB
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1143	357 B
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 5704	173 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1086	410 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 749	12 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 364	1 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1583	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1597	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 660	14 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1593	3 KB
375	58

	Domain	Requested by
54	bloximages.newyork1.vip.townnews.com	www.telegraphherald.com
26	tpc.googlesyndication.com	tagan.adlightning.com 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com imasdk.googleapis.com tpc.googlesyndication.com
18	pagead2.googlesyndication.com	imasdk.googleapis.com securepubads.g.doubleclick.net tpc.googlesyndication.com tagan.adlightning.com
16	securepubads.g.doubleclick.net	1 redirects www.telegraphherald.com tagan.adlightning.com securepubads.g.doubleclick.net
14	www.telegraphherald.com	www.telegraphherald.com bloximages.newyork1.vip.townnews.com
12	images.revcontent.com	www.telegraphherald.com
11	d29xw9s9x32j3w.cloudfront.net	www.telegraphherald.com cdnjs.cloudflare.com embed.sendtonews.com
11	events.newsroom.bi	sdk.mrf.io
11	cdn.cookielaw.org	www.telegraphherald.com cdn.cookielaw.org tagan.adlightning.com
10	tagan.adlightning.com	www.telegraphherald.com tagan.adlightning.com 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
9	www.googletagmanager.com	www.telegraphherald.com www.googletagmanager.com www.google-analytics.com
8	s2l.sendtonews.com	embed.sendtonews.com
7	googleads.g.doubleclick.net
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.telegraphherald.com
6	csi.gstatic.com	www.gstatic.com imasdk.googleapis.com
6	yeet.revcontent.com	assets.revcontent.com
6	c.amazon-adsystem.com	www.telegraphherald.com c.amazon-adsystem.com embed.sendtonews.com
5	pixel.rubiconproject.com	3 redirects www.telegraphherald.com
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
5	www.googletagservices.com	tagan.adlightning.com
5	fonts.googleapis.com	embed.sendtonews.com embed.secondstreetapp.com client 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
5	embed.sendtonews.com	1 redirects www.telegraphherald.com embed.sendtonews.com
4	cm.g.doubleclick.net	2 redirects www.telegraphherald.com
4	cdn.segment.com	www.telegraphherald.com cdn.segment.com tagan.adlightning.com
4	assets.revcontent.com	www.telegraphherald.com tagan.adlightning.com
3	aax-eu.amazon-adsystem.com	2 redirects www.telegraphherald.com
3	s.amazon-adsystem.com	2 redirects www.telegraphherald.com
3	sb.scorecardresearch.com	www.telegraphherald.com
3	ade.googlesyndication.com
3	www.gstatic.com	3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
3	aax.amazon-adsystem.com	c.amazon-adsystem.com
3	pubads.g.doubleclick.net	embed.sendtonews.com imasdk.googleapis.com
3	trends.revcontent.com	assets.revcontent.com
3	fonts.gstatic.com	fonts.googleapis.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	region1.analytics.google.com	www.googletagmanager.com
3	sdk.mrf.io	www.telegraphherald.com sdk.mrf.io tagan.adlightning.com
2	eus.rubiconproject.com	embed.sendtonews.com eus.rubiconproject.com
2	www.googleadservices.com	3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
2	www.google.com	tagan.adlightning.com
2	3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net tagan.adlightning.com
2	targeting.unrulymedia.com	embed.sendtonews.com
2	www.youtube.com	tagan.adlightning.com www.youtube.com
2	www.facebook.com	www.telegraphherald.com
2	gum.criteo.com	tagan.adlightning.com gum.criteo.com
2	match.adsrvr.org	js-sec.indexww.com www.telegraphherald.com
2	id5-sync.com	cdn.id5-sync.com
2	www.google.de	www.telegraphherald.com
2	imasdk.googleapis.com	tagan.adlightning.com
2	cdnjs.cloudflare.com	tagan.adlightning.com embed.sendtonews.com
2	cdn-ima.33across.com	tagan.adlightning.com www.telegraphherald.com
2	cdn.id5-sync.com	tagan.adlightning.com
2	config.aps.amazon-adsystem.com	tagan.adlightning.com c.amazon-adsystem.com
2	geolocation.onetrust.com	cdn.cookielaw.org
2	connect.facebook.net	www.telegraphherald.com connect.facebook.net
2	www.accessdubuque.com	www.telegraphherald.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com	www.telegraphherald.com
1	googleads4.g.doubleclick.net
1	r1---sn-4g5edn6k.c.2mdn.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	rr2---sn-4g5edndd.googlevideo.com	3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
1	cdn.ampproject.org	3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
1	media.revcontent.com	www.telegraphherald.com
1	cdn.revcontent.com	www.telegraphherald.com
1	img.revcontent.com	www.telegraphherald.com
1	htlb.casalemedia.com	embed.sendtonews.com
1	ib.adnxs.com	embed.sendtonews.com
1	hbopenbid.pubmatic.com	embed.sendtonews.com
1	prebid-server.rubiconproject.com	embed.sendtonews.com
1	tlx.3lift.com	embed.sendtonews.com
1	hb.undertone.com	embed.sendtonews.com
1	api.segment.io	cdn.segment.com
1	ampcid.google.de	www.google-analytics.com
1	s0.2mdn.net	imasdk.googleapis.com
1	secure.cdn.fastclick.net	www.telegraphherald.com
1	compassdata.mrf.io	sdk.mrf.io
1	player.sendtonews.com	embed.sendtonews.com
1	api.rlcdn.com	js-sec.indexww.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	ampcid.google.com	www.google-analytics.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	js-sec.indexww.com	tagan.adlightning.com
1	ads.pubmatic.com	tagan.adlightning.com
1	cdn.jsdelivr.net	tagan.adlightning.com
1	tags.crwdcntrl.net	tagan.adlightning.com
1	invstatic101.creativecdn.com	tagan.adlightning.com
1	oa.openxcdn.net	tagan.adlightning.com
1	static.criteo.net	tagan.adlightning.com
1	cdn.prod.uidapi.com	tagan.adlightning.com
1	api.secondstreetapp.com	tagan.adlightning.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	embedcdn.sendtonews.com	www.telegraphherald.com
1	embed.secondstreetapp.com	www.telegraphherald.com
1	platform-api.sharethis.com	www.telegraphherald.com
0	lexicon.33across.com Failed	cdn-ima.33across.com
375	99

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.youtube.com
instagram.com
dubuquetelegraphherald-ia.newsmemory.com
dubuque.bigdealsmedia.net
thmedia.newzware.com
www.biztimes.biz
www.firstcitizenaward.com
www.herdbq.com
myvacationland.com
store.telegraphherald.com
dubuquetelegraphherald.ia.newsmemory.com
jobs.accessdubuque.com
www.gofindmyhome.com
www.gofindmycar.com
portal.cityspark.com
telegraph.clickitrewards.com
twitter.com
wa.me
dbqfoundation.org
tinyurl.com
smeagol.revcontent.com
help.revcontent.com
www.revcontent.com
www.microsoft.com
www.google.com
www.mozilla.org
bloxcms.com
bloxdigital.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
telegraphherald.com GTS CA 1P5	`2023-08-03` - `2023-11-01`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-07-08` - `2024-08-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
accessdubuque.com ZeroSSL RSA Domain Secure Site CA	`2023-09-04` - `2023-12-03`	3 months	crt.sh
*.secondstreetapp.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-19` - `2024-07-21`	a year	crt.sh
assets.revcontent.com R3	`2023-09-08` - `2023-12-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-25` - `2023-09-23`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
sendtonews.com Amazon RSA 2048 M02	`2022-11-21` - `2023-12-20`	a year	crt.sh
*.segment.com Amazon RSA 2048 M01	`2023-02-24` - `2024-01-12`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-07-27` - `2023-10-25`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
ssl03.cert.cl03.k8s.mrf.io R3	`2023-08-30` - `2023-11-28`	3 months	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.sendtonews.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-16`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
securedvisit.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
ssl02.cert.cl03.k8s.mrf.io R3	`2023-08-31` - `2023-11-29`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
revcontent.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-16`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M01	`2023-02-10` - `2024-02-10`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
*.undertone.com Amazon RSA 2048 M02	`2023-08-03` - `2024-08-30`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
img.revcontent.com R3	`2023-09-09` - `2023-12-08`	3 months	crt.sh
cdn.revcontent.com R3	`2023-09-05` - `2023-12-04`	3 months	crt.sh
images.revcontent.com R3	`2023-09-02` - `2023-12-01`	3 months	crt.sh
media.revcontent.com R3	`2023-09-08` - `2023-12-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-09-12` - `2023-11-21`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Frame ID: D66CAAB80E21DABC4D2B33475704EDC5
Requests: 238 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: B1D72CD7B3E068D473E9481A12E984E5
Requests: 24 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,700
Frame ID: F66B852AF4E52739920019FE0CC5AC9C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.telegraphherald.com
Frame ID: DF45A89E4AB3719032D8367CC1272A32
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Frame ID: 4D48F7F12C5E4EE7C5296D08769C504F
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D8732447ADDB877761A6BE32BFD9BA24
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BB4E0990EA4077DC70C9C690AF906863
Requests: 1 HTTP requests in this frame

Frame: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D1B45EEB50AAA6160612C53ED3696199
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Frame ID: 5F4D42181FC6B8715A38F3F6EF080CA0
Requests: 9 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Frame ID: 4A967ED39C05DDF52820A5EA5A59F654
Requests: 9 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Frame ID: 199295C13603EB25C5C5CDE45A095D12
Requests: 9 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Frame ID: E14F095DDC47F834AA705C464B403368
Requests: 8 HTTP requests in this frame

Frame: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8B9F852EF74DA0FB217ADBA5F5B1D688
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 350D722A8B0C046578B333B0820BF455
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 01921C34CB0315A3803DD8F94653801F
Requests: 2 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Frame ID: 05105B83BCA8035D895982A8EBF1D647
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 403B7A4D3BCF6DF494534CD1CB863C27
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1YYN
Frame ID: 00DB7C1294F11DACEB7ED9D07417E729
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Public comment sought for draft of environmental assessment of Cardinal-Hickory Creek line | Tri-state News | telegraphherald.comBack ButtonFilter Button

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

375
Requests

95 %
HTTPS

0 %
IPv6

58
Domains

99
Subdomains

87
IPs

8
Countries

6645 kB
Transfer

20234 kB
Size

36
Cookies

53 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/TelegraphHerald/
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.twitter.com/telegraphherald
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/TelegraphHeraldDBQ
Title: YouTube

Search URL Search Domain Scan URL

URL: http://instagram.com/thphotodept/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://dubuquetelegraphherald-ia.newsmemory.com/
Title: Today's eEdition

Search URL Search Domain Scan URL

URL: https://dubuque.bigdealsmedia.net/
Title: Big Deals

Search URL Search Domain Scan URL

URL: https://thmedia.newzware.com/ss70v2/thmedia/common/template.jsp
Title: Subscriber Services

Search URL Search Domain Scan URL

URL: https://www.biztimes.biz/
Title: BizTimes.biz

Search URL Search Domain Scan URL

URL: https://www.firstcitizenaward.com/
Title: First Citizen Award

Search URL Search Domain Scan URL

URL: https://www.herdbq.com/
Title: HER Magazine

Search URL Search Domain Scan URL

URL: http://myvacationland.com/
Title: Vacationland

Search URL Search Domain Scan URL

URL: https://store.telegraphherald.com/product/your-neighbors/
Title: Your Neighbors

Search URL Search Domain Scan URL

URL: http://dubuquetelegraphherald.ia.newsmemory.com/marketplace.php
Title: Today's Print Ads

Search URL Search Domain Scan URL

URL: https://jobs.accessdubuque.com/
Title: AccessDubuqueJobs.com

Search URL Search Domain Scan URL

URL: https://www.gofindmyhome.com/
Title: GoFindMyHome.com

Search URL Search Domain Scan URL

URL: https://www.gofindmycar.com/
Title: GoFindMyCar.com

Search URL Search Domain Scan URL

URL: https://portal.cityspark.com/EventEntry/EventEntry/TelegraphHerald
Title: Submit an Event

Search URL Search Domain Scan URL

URL: https://store.telegraphherald.com/
Title: Store

Search URL Search Domain Scan URL

URL: https://store.telegraphherald.com/2023-telegraph-herald-trips/
Title: Trips

Search URL Search Domain Scan URL

URL: https://telegraph.clickitrewards.com/
Title: TH Perks

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0EFWeoruB88n346EpgFmPg
Title: Video Gallery

Search URL Search Domain Scan URL

URL: https://thmedia.newzware.com/ss70v2/thmedia/dist
Title: Carriers

Search URL Search Domain Scan URL

URL: https://store.telegraphherald.com/telegraph-herald-trips/
Title: Trips

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line&via=TelegraphHerald&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://thmedia.newzware.com/ss70v2/thmedia/nonsubscribers/core/ratelanding.jsp?edition=TH&delMeths=A,C,M,I
Title: SUBSCRIBE TODAY

Search URL Search Domain Scan URL

URL: https://dbqfoundation.org/giving-center/the-local-journalism-support-fund
Title: .st0{fill:#492E77;} Support Local Journalism

Search URL Search Domain Scan URL

URL: https://store.telegraphherald.com/product/th-article-reprint/?article_details=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%20-%20%20https://www.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Title: Purchase Article Reprint

Search URL Search Domain Scan URL

URL: https://tinyurl.com/rdue5tyt
Title: https://tinyurl.com/rdue5tyt

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/g3qt2-TolGvpPOvHHXOe01Wl9lPa3-6ccDoJfiHdLNpWAVndtQTinuyG5aGSG7B0P45QAcJajbYqsL_ttWk2Crx7TtEHGZKLUjSR1t6-lbjZrCdqduIG9mYExBlu9IGa4NeVhdPIzGZbH2kOk5iDq_AIKdq4BR_BsvshK_7S48bq2GWtRb7Ct0N43GmMQenMK_EFdvwhslhrXm7AAnwnsV8objFYRapyD0__p0q9nkf1sj_dR0KjOTS3fd12--rrLXIr647Tq-SF_HBAbTkVtwPXBoqa0h1rEkhPI5ww2B566RUls-kt6bRlmLcHJXkCB2q7WRvpQKFj9fGivpgAkEvgzNonLyzu5D7QW7W_Up9S__7neTyRGtxPaTL6AxifpCYW3xW7s4ti-tlRDr2WKeNEMHi4iKCoQWkQT0XJkEXAba4dSZAxDHL13JdRRrAaItFDQ_fS1SI56cq-SGScFUbiNgUt-is1NVpWx-N4rV1uzact0UoFmxAK4mDchac3o740FPxvf2ubpsO_ubLwV8Amf8FYqzKNBQKB_pS_zLhj1K894LtsqV3B9mNvJOwznWtBxyDhiJSJ5NPKaAV16BGLplg8mzf0dOXogO_gJveKPG8kejuqY8w6POY6vD-wKSGyeiP46lG1jJ3sR-seUlvkmDnD_GRTmKxTNUtt4CODJNinc6c?p=GgFDMNqVkqgGOiRjMGFmMDZkMS1jMDRhLTQ0NTYtYjlmNC0zYTJkZmU4OTZhM2RCJDQzYTE1N2IwLWQxOGUtNDcxNi1iZTNkLTQ2ZmZkZjVkZTJlNkoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABAdgBso7wAZEChetRuB6F6z-qAg4xNzYuMTE1LjIzNy44OeoCEQoIZ3JheV9pbXASBWZhbHNl
Title: Internet Without Landline: Prices in 2023 Might Surprise YouInternet Providers | Search Ad

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/uZmjyMx-X5x9jAdoKQJrTLcZKB2eBr1ht0EV_7VcUO9Sd-2EZnGUAuNZPRhP1Xcxt7bZZBh-SfQcNctoOQeLez6_pvarUbhoys86gmYRjX_p1HwLDdNVKW62oM9myh8bB92sw5R202CKsyL13VsdpJqxyIrj0jB4UVJXfQkKEtwszCVqU21UeshUbSjJBMnHUmYmVuCgQJORPWEGfaJlPux4Zj-UYn4t2yQfkz-tu31FDkDIDdtTRIP6VZxovZLq9jJ_G-vwjTSJZNek5X5CC6iB1WBRgcWzloukC-yrk2tdmFSN17SV_6Uuu5d4j2S2tYn5iycUXwl3lBMv-98_QbGy2luSgMDgoP9XQ_8BVCQFehD89Smuc636NA_Rw2x5Pm7Lo-o2SJz4vAI9fwIbBvFnK55vbG9601kKXNYvOq90GlRjJDvcIdJr9FotJgfxsE-fBwmIXmtVXH8hp1qb9kH1X63pKbfvMSgXgs5V_greWijj5hSCbiubK-bXRzg_a2fWD9YJeGsEAnCszIGz_wJiARbjyJiWDvLp-6C6nGpFu1y_ybGHqZVC10fr4N11AWuyWEmVpyKgnrf4rHwt9xoeQhggzI0NNygOcco0JLlXjdci3tlUeAWF?p=GgFDMNqVkqgGOiRjMGFmMDZkMS1jMDRhLTQ0NTYtYjlmNC0zYTJkZmU4OTZhM2RCJDQzYTE1N2IwLWQxOGUtNDcxNi1iZTNkLTQ2ZmZkZjVkZTJlNkoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABAtgBso7wAZEChetRuB6F6z-qAg4xNzYuMTE1LjIzNy44OeoCEQoIZ3JheV9pbXASBWZhbHNl
Title: Abendessen: 10 Lebensmittel, Die Sie Niemals Abends Essen SolltenHealth Natural

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/Q1k6KQ9GsrT0lxmKWn04r8tzm-6tGQAWhDNHk-bkjaHLthf8i9ws87BhcNBVIGzlE7C6ADrnMHy1kfiydrvJY59eClslPsalopg6FbdPZhwWp07DmYGgvr1OE9dqJl1bDCWHaJg_IbHSDtuXaDxveoF6_-QFwhLppm02t1zMjGLWTbtZjg1iduzBQ8iSSwpNSL2rNN8F9xaZsb_6-zwDDSD4-mBHRp8gKRPKaAXxQ3sU-yCk78KmEr5b1OC4e7ShWtUrtP5PrL4gpifH89q6RtYCrODSRIxMZ0-ppH-RO_5IuS9gqQoCRW4CBTE62cAAdyNV6HUuKpB-pFzPgpF-jeMuot_5OybPqlmQMv1x5IUqyznt4pGIhN6OdUtZ8A5swSAkslP_unZBwbTnqnbRqgGvuec0s-ue9SZXfAzoVbUT47RXUM2oFQ2A3mV9imFvLRNWI88ROcK_L96YaCYzecGZcUjhsGoscXWiES5kx_sBsezKDCj_rq8Is9OahwXrhSWkSuAbG5Cip-i0-P--5WD_GnXI8ORiC2iyRSZKWFkTf3QM9A7f3pqbogVdgIKYl0VJl5qitTTmJBPvlEXQ33ou6S0rfqLKyBKHFkF9intErrcYhET1u0QdaoULRd6OZenSzYLqLvu91PzKvzrPRc8hl8Zrct2dmikmx4JwOOP8?p=GgFDMNqVkqgGOiRjMGFmMDZkMS1jMDRhLTQ0NTYtYjlmNC0zYTJkZmU4OTZhM2RCJDQzYTE1N2IwLWQxOGUtNDcxNi1iZTNkLTQ2ZmZkZjVkZTJlNkoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABA9gBso7wAZEChetRuB6F6z-qAg4xNzYuMTE1LjIzNy44OeoCEQoIZ3JheV9pbXASBWZhbHNl
Title: Local Area: Unsold Prefabricated Homes Are Almost Given AwayHomes | Search Ads

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/vZaiJl14hAETysAxapB0fGoK2D9BoPKZcDfPd4s1KZeWCXE8vSarIvblOokpmknFHAZXF5x4XdfsTZ-zi8fbhCw7zOYcbNNN3jEEQrcvsCa5-Fnfo5FmYt0fuTbupAea9H1KOQGS5voeCorVQKHpdylv9mfVchm6UNaNtR-uKJU7HpraKR1xHb4r6KUoBnY5ldJzzWikkGIVeduIVwurN2Bh4C6UM7ILcG85yFTdEuy9ThKe0QlPVrfuaPMjP-PjH1PnwDo6V5OebMgxPhE45OYZrmgUP9ag4Jk51Lt4lV4Vyt7hqAAfek7L5zOaG9I_dX2ggPFKSBy7h0veJPRJrfSN-pmQVjop42fVAe8l0EWXxn1JTG4Yk87uqsaFjq5wEUbQMPB_kK9kUxavpS4Mh1MjZn-5uEoR1CPEgsYP3TiXXysnKbsp1ZKpJSgLuLpztk0mdJ0gE1stn6LN3244TJ0ETGsfLenrFDuszWz_zBkdlViROt1GVP88miSLiG4SmARn9FgcC5bC26pjDM152ugeZl2J9PAAP4aVc9e433Judeil05bEuKhki8AdJdKe8V4JS3j6-FykcV3AIhlGrz2bpvY0bgpMoo1J6VO2RZ7VysuMJUsdWok4gs5lIJSxbaWBZ0eZFzoTcyicq_0q6mWZlu6fR61UooMuck2jZadSc_6Fj960TQivIg?p=GgFDMNqVkqgGOiRjMGFmMDZkMS1jMDRhLTQ0NTYtYjlmNC0zYTJkZmU4OTZhM2RCJDQzYTE1N2IwLWQxOGUtNDcxNi1iZTNkLTQ2ZmZkZjVkZTJlNkoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABBNgBso7wAZEChetRuB6F6z-qAg4xNzYuMTE1LjIzNy44OeoCEQoIZ3JheV9pbXASBWZhbHNl
Title: Dental Implant Local Area Cost Might Be More Affordable Than Ever!Dental Impants | Search Ads

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/LoV9jZPu_1QZZnnTjCEIJyrCCBV_4hOUsAUzAVk4eIhSnwwFOdLBrF4sYZN6F48g9H8NOB8_MHDq0bXI_k5PzOdV1Zxnk0hjiPR736YdihZASbnPA-T-VzWtYXcJpLspIlG0jPaO2fi3KpK-p7WWUFCBNAQUuW3YmjxUiNErispcm8FasLekPNdpDwlgzB4Z5it-Gtl-77vSpnF2-uJhjFLEcDhWO7PknuGJgaquM64Ad2-_vOqV0Bfl1P74cIVOzx1qYywXt5bHYkFBOVWOs2FqEsynmroBslWA1KqWcecugND0BZ8LqxraK8vtdcVArRFCpisXr9dnh1VpIQuZV_5zrfwsy3cxBZ-vpDUbS_YtNxjibDL_MnuI0PN7CkQpS0FE_XtKP8cym1yJ_RJpwUt6U6PvuHdfGBbhQQtFpFH0f1Mgo78rx4s1m4f7f7m4sOo8541U4VsKlU6pv1uBsGisNUADO-xNUXcTn9f121DkvvvFTJLLKf0F6HWxkM1OkLCa0KyVD7_cwm6vepzi9rKcBgs8Ii91y-dnV0_fxPIeMxLhstJuRr9467MUMiVLOOqGE86Ic5SzOmHdiBwUGdiEwrSfdsV2-kOo-rFmxzolQ7ptKp2MwROG0om2Md-DRLehhG1UzXRIs5avJCN95Q?p=GgFDMNqVkqgGOiRjMGFmMDZkMS1jMDRhLTQ0NTYtYjlmNC0zYTJkZmU4OTZhM2RCJDQzYTE1N2IwLWQxOGUtNDcxNi1iZTNkLTQ2ZmZkZjVkZTJlNkoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABBdgBso7wAZEChetRuB6F6z-qAg4xNzYuMTE1LjIzNy44OeoCEQoIZ3JheV9pbXASBWZhbHNl
Title: Cost of Hair Transplant in the Us May Surprise YouHair Transplant | Search Ads

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/MyWnnT4oEwyXR8o_jia7DXIOKSg20TBgQToWBlViEKgsa9KyjweETuqU8Ynf_Yx4GQxTM-FrIewA4JHpYxFKybN2ALEEZ0k1t9YjTSGbVBugTKRnZc_nX9FqbrErkSxizoJf9_4u-Koj7C0OlkCo4weJFsE1RoN_AUPxTd4lMR0mt67ySHqu_15zrHzeJcXV7uBzYIWaKSmRrrzbXOGuB5uYHW10s0HAYwZG3UqFMlb7n-awbMFTFGw8tLWvCpeocYdNrBvWgLNzTfpzJstbBO7HeU3XNGBmoD7YScCowUZPoxG9W1apKmVCnxiF_XW7zboOTO8sOeYJfBl355Lx82INFhWCR71CKWcwAnCJ2qx5Jn0h0g5OG5BYu37nxhzJvaqBBM9aKhhNFbvrepoBD-7CbRzfmCFDJey-8jgEZ0PRqZWrzr4bJdSPtIcg5H0Q_K81ZtZm3TlaHCYPb65MSOBe7YAtJuYnaf9uib9zQRcxsnPFxCpumhNHUpGzzjm651xkk2uihbbx3yz7Z6ycehyUme0KNFf0FC18kcUlwtpIBrSxZbOpzABLzYgjtJwftZ9_3-JsBJLiYaIdHkPccL4nEPUc57q3Nq89JwkEb0AIXtGR5gplOvTzK_beHHx4zVL9bC4frQ9ytp3pYutjFFtOdN9PNC6C6peWLAPhe31--ehQwxD2Rv4MmDvh89FAT9iBcWsmVQBSU8k?p=GgFDMNqVkqgGOiRjMGFmMDZkMS1jMDRhLTQ0NTYtYjlmNC0zYTJkZmU4OTZhM2RCJDQzYTE1N2IwLWQxOGUtNDcxNi1iZTNkLTQ2ZmZkZjVkZTJlNkoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABBtgBso7wAZEChetRuB6F6z-qAg4xNzYuMTE1LjIzNy44OeoCEQoIZ3JheV9pbXASBWZhbHNl
Title: Local Area Mattress Stores Could Offer Surprising Discounts (Take Note)Mattress Deals | Search Ads

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/9RzpeTvazHqXMXem6IyH0rvTWnlzXHPv-fc3YrUoGR2koB6h5uZJtaW9cU58_3w7cHrjW7u6H1g_oYwMyuQp_D898qk9__2VjX3I9EBdIsb6uoxl1Bzrpor4BbY0foY4hD1YrDcdHn2nLDVZsNoeyIvuGKe6Ha-xuCWdbTBm_iX0Aoe_8RGe2TWvf2MoTm-4Mw6xqNUEZ2eA0o-p9fjw4k7addYRtwizsTYFPr2Ys3MnJTT1ruuD_BC0x0tiwQJehCn5LPyawa72vdXmzRMMU22ip3b7hYpW4IlMosXDEvBl0YVxGYFTnI3l37mwks1Sjen-6TKe-k6f1uoQhQYoA_aTmlj3u_G99mM0D3K9hmrKYC2pauEOkmox-lnNepAxmK02ZhBqYOI8isRcxNWYeYiUulrtuIu8DNS3bwMLz_yF1ohUbuDRT451lR4TrWcSjtcmA7DH_Yf5_fs_T-GX9yFf_geK79IFrDX4t2DIxyGNjQ_UZ2BFEKd4smhBgomUDDWemZsbSIPWffSmvojcWtvNep7jS293tvFKih3ff1Ubd8nFitXIRtU7yoPWk0BlEQpLyShdssKDEyVJb3_AVvIofNSGV7lnqJZMVcEgg8WfieyDE06Ax-0Yw2y96VnrtxjoKBnEtihWaa1MdK-4uB4q1rUdKzmnsL9pawYQryRZPcWP1HSxLcbkE-U-nvtXt1EVrkMqdddZ58HaW37XauaYBCccyWEKkLV_9uYAFoEQVACrpF9H--W8Y-yIMKk3coG69WRg484r3PCaACHY2Oe7yeuls_vTxRMqzwCZLARqwSn0KEcvyU22u7kOhGTXjbx2YTZ4kZ-NkBaqHoX8EJphwpFBY-eP1ACcd2BJYBka?p=GgFDMNqVkqgGOiRjMGFmMDZkMS1jMDRhLTQ0NTYtYjlmNC0zYTJkZmU4OTZhM2RCJDQzYTE1N2IwLWQxOGUtNDcxNi1iZTNkLTQ2ZmZkZjVkZTJlNkoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABB9gBso7wAZEChetRuB6F6z-qAg4xNzYuMTE1LjIzNy44OeoCEQoIZ3JheV9pbXASBWZhbHNl
Title: Eine Einfache Methode Zur Kniearthrose – Probieren Sie Es AusKnee Osteoarthritis Treatment

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/nR4BKeMiTUJ7mOkIklhvoZGXeJU7_U07iyk7-nNPCXZvlC25N1U8FikJqZNs4DBhoku37_IwkgDm6gXBQZg_OoY6rq2wEHA5AHH6uDRKDfruBQOf11DJl0KmGqQ_uu07ckZeQVv3I2lFEjU959h7PZqpxRas64fMxL_qq0sm74cpVqiKljIdjvGtC6OiWc-Y4jemFyo3An7WwxnHFzaUqTcJkJD8CM83J8S3YyUUlL_gKYYYyIt1z3Rh13VntfdPYwqmI_CzoVQUehtzIbZX7OMfwD_9VN8rc5ekUxtb62rnlNogYasXQnDpc2Zfez5bU72PB61esCfQ21wZq3MJ0S6_Y8yWfpy2wxzFyCZk0R4xvWkk8XZeZmWNsNgpUS2U10fGA87KqV2rYiaUFcI2e-lbEwsl8BIRmqO9DjayRBxTRd4lRQ0vrzo8KVR6qEUGKDD0aCyRF56FiFTsCKMOv0-R75s7ovQLlMdKZNgxKn5G3XU9mcKWCQgHTGanYSgvAAlYwLJb5XUEafP2szRU9G8ZpLHxaZ_VpvGoxKn-1wxc4sbJ3gAnfD7-yc7UVceuPBHBn84t2gt_uzqAwoBTDDDUS1OUUVAMvm80kpXWcngxA60zq2CXTRGqqsvaQKycnv2-xl70sk1-37ZHw_MYGItzsfYOZB3VhGBJLxHLjmcANpMQ4fo?p=GgFDMNqVkqgGOiRjMGFmMDZkMS1jMDRhLTQ0NTYtYjlmNC0zYTJkZmU4OTZhM2RCJDQzYTE1N2IwLWQxOGUtNDcxNi1iZTNkLTQ2ZmZkZjVkZTJlNkoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABCNgBso7wAZEChetRuB6F6z-qAg4xNzYuMTE1LjIzNy44OeoCEQoIZ3JheV9pbXASBWZhbHNl
Title: How Much Do Electricians in the US Make in 2022? (See Salaries)Electrician's Job | Search Ads

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/R9F1u6X6ZO9MEm8hR4CHCZ9duU1zIzBYzoOYEi4W5KlZR9wYYQcICoE3erwG-S_XaJ8e1vh1l_DUsX9uCoNX4KNQuDWwy7QmVlL1qbeFX5P8nXNI4M70KE1ZttMesz7esivGcfE_XqIeqyh1c6InDU2VKWMXMgkP_Do-fbi5RSHTThBK7xl8S0HcjawdpScRR7HY89Ebatoy4FOd_EzUIGZkNaop1uL152l8LtZl1F7qoPe0xgpxIvBS6MY8AsV7biNqajaTLWzfd7YLlKvsdw74GTddRZFXyuEUQjZU_vzpiMpr8liX4buf2ptvIucSAikC_wH2o871tsEmxBcBZdlov5UduMZvZ_7rM2GGpSKZuXbFQyR7oskOUL_YgNZL4-uJJXTnXcA7M-RwffSuB5mUxzM143dQRqsNazuTpROG9vEY0ZDm1rBnvQk4YiawveRKX3tnDp5At3okfTEkfmzTDj9pAgXxMA?p=GgFDMNqVkqgGOiRjMGFmMDZkMS1jMDRhLTQ0NTYtYjlmNC0zYTJkZmU4OTZhM2RCJDQzYTE1N2IwLWQxOGUtNDcxNi1iZTNkLTQ2ZmZkZjVkZTJlNkoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABCdgBso7wAZEChetRuB6F6z-qAg4xNzYuMTE1LjIzNy44OeoCEQoIZ3JheV9pbXASBWZhbHNl
Title: The 50 Most Romantic Hotels in the World for 2023Best Hotel

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/x6Hir5RV7Zzx_Ve5DYTkFdV-2vjlUoWLUd2-uAvA8rvyn4WWndk7PQU77-erFtCxh1YFR4Mn6bCSF3iy10sY2iUy0fXEmOhJNWH2fIh0tHLx_pQO3gXMMqcODxacQWMiIYJDnIFL4ozyCsiJ4Irfe3oAqL5zJkMcFF-60IoYPDvPHqTlR8D1oWHg7STagRYyBuh5i7mDMEzI-juU-2TWcu_0GA9_OWwTglWuRyoy_1egKSAG3dGFVN88EegFySB3_DLufaG08ln5icB0R9F_5qiXMMAnQlKWnaPZvigNBBRW7xnpX_JGqvZIu0q8D1H4mtJpY_TepLOTD7-3w6484mppz5aOowsvcGg7BVyyNXXSSCT6RbMarlPn1oLgg2bNz0ysW4yZ3hPBE8ajEYgzsq6zZfPeyWl-192o5VMSGeTxvKFOOSV8LnQRrBaz9H3qNFyTeaWSr5K22eFLIcZmtAdVYh6KsF8HOm_FTrwwAP8Qe9qHUeTObWEe2vRZ0Gv_xoALzOalhTRtCCHLTGBVGfqbNdua7gZF_458QQPT2VrYc58Fxc078xjKo71gKrkTuGo7pb45Xj48JHNhoZXmMik?p=GgFDMNqVkqgGOiRjMGFmMDZkMS1jMDRhLTQ0NTYtYjlmNC0zYTJkZmU4OTZhM2RCJDQzYTE1N2IwLWQxOGUtNDcxNi1iZTNkLTQ2ZmZkZjVkZTJlNkoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABCtgBso7wAZEChetRuB6F6z-qAg4xNzYuMTE1LjIzNy44OeoCEQoIZ3JheV9pbXASBWZhbHNl
Title: Local Area: Unverkaufte 2022-suvs Fast Umsonst: Siehe Preise!SUV Deals

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/SGKfpHGJxdclJ7R51Jb0c1ldE1Jo7GZqhM_6S3yVLPNpvYiD5sqPQ2yBJEfm7y5bP6OViFlsgkAJQb3mITG66YufbqnuUaRPK8K1EZZv_Z5JQ3pFQUrug7QzTsTvozqqH32mIb1AMhcuJqbrTa_lWE5b01D-9vnRj4nAti97q3BjdTQp6BOTv0E1fWfCjwLvlbqnSJVaqW02gPhGiOuOFycxBUNJTfpTMCJWCHxPyYiMF1Gijpn8LVP2pmhvbA1zNPaqQnJB33UIX7qoL0AaIx780DDQgTssSm0Nrev9-iphMaS1ZWsv4Z3aUN1WK59QyIK4gi9gtCQlEOGd4E_cZyxMnKt_DAoI0Wk2tD6QiNRndOmEPBKyqx6TXWG9i0nNEzyCEcD2r2hESh_slZCYsQ1Be36Ip2VfrGhy-0quyWiKYheOQ5Kfarxf-dt-qrhlvJG5k4IEaSOQbaGPz2EYM9TK4jVxKOvq8qN63tZTa-TtkccmVwJI4Od7dRjR_RwtOCEqeEd3Y6bvJWkXQM1rATumO2y6L8ppJpaGy68cgd01GUEzU0972VKlyCgFI3mhc6wCP0wg-AZe0dq9UdmuhQk0poT1PT4bAdCztTDiS5YGaNJW6tDFtKClOUt51tfoUiYoIA?p=GgFDMNqVkqgGOiRjMGFmMDZkMS1jMDRhLTQ0NTYtYjlmNC0zYTJkZmU4OTZhM2RCJDQzYTE1N2IwLWQxOGUtNDcxNi1iZTNkLTQ2ZmZkZjVkZTJlNkoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABC9gBso7wAZEChetRuB6F6z-qAg4xNzYuMTE1LjIzNy44OeoCEQoIZ3JheV9pbXASBWZhbHNl
Title: Wie Eine Feuerbestattung Funktioniert, Sehen Sie Sich Das an (hier Klicken)Cremation Services

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/DH-TVWHp_wnRXhOX-jeDHgnoZ3RjSaVekMcyVC2H5ylfOacpnlOqKdbRrD5pRPla8L4vaZErXf231SxEN0UAUbyQJvmXb5uEgLAPg7FfiN8TWP_55GQkvLOdSIvtZzlDONByHufaJAlxtk9NMDTOAnDjMbs5XF-d_kpTMnPFY3xECEwMy45PBjYqFJR7UEA04rJfZsfnzdGkahKHCYwUznogeO6CrzWSaNDuef2OpDAbaBV8N1APh1GPs6udm-ffr1KNdbCqocXm5OZRVVYq6oDcvxMOK-yXGnn5gVjh2ctkYeWbvadiKGUocY9aZ0CtpHt8kGVb3Klw9hxvRX5T0B_4v1zH3sS5pGOqUfwEi3oO3tSxS6kTZTOgHuiR66IpjUj7s5C8JMjh7HQokOeyScWtsH6DosQzOrfIfqcZ0yDLDmcQ9TEzgjN0Qb_-x5r3oy5s5WkXk9NLzOapBSEAT5Ph3Y-PQA5nuJ_R8mI0BBxuHPg4m4rPb24oeoazsLgPe3-tdnbTOFX4JdFDYOl0HcMc_bo6EuKW-1TEHwlsYe0ZrLmYyCcSdCQ9hrBaJf4F1FuvZdWuW-vdQDBppaEf2reLuEDYr-TodZb7j5ZVQq0VcO6WxJIu42FW9jX2I_KAeTSShkg?p=GgFDMNqVkqgGOiRjMGFmMDZkMS1jMDRhLTQ0NTYtYjlmNC0zYTJkZmU4OTZhM2RCJDQzYTE1N2IwLWQxOGUtNDcxNi1iZTNkLTQ2ZmZkZjVkZTJlNkoLd2hpZS13YWxrZXJQ5pwJWO7ZEGITdGVsZWdyYXBoaGVyYWxkLmNvbWoHZGVza3RvcJABDNgBso7wAZEChetRuB6F6z-qAg4xNzYuMTE1LjIzNy44OeoCEQoIZ3JheV9pbXASBWZhbHNl
Title: Zahnimplantate in {Stadt} Kann Billiger Sein, Als Sie Denken! (Siehe Preise)Dental Implants

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/revcontent-privacy-policy
Title: Revcontent's Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/popup?utm_source=ads&utm_medium=organic&utm_term=signup
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TelegraphHeraldDBQ
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/edge
Title: Microsoft Edge

Search URL Search Domain Scan URL

URL: https://www.google.com/chrome/
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/
Title: Firefox

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://bloxdigital.com/
Title: BLOX Digital

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://embed.sendtonews.com/player2/embedcode.php?fk=dtKKcuXb&cid=13403 HTTP 302
https://embedcdn.sendtonews.com/easy-stn-player/7.23.0-A/embed.js

Request Chain 319

https://securepubads.g.doubleclick.net/pagead/adview?ai=CQyvp2ooEZbqMIOas9u8P3LS06AXyyt3Ib4G7zJuRCmQQASDViZMWYJUCoAHuzPb3A8gBCakCUuqVUizgsT7gAgCoAwHIAwqqBIkDT9AsPwVO5npiJpKzFzIGI2nBTPEmKs6iI5NDVPb0CRuGSqoG4ckNIS8FSWseoM3bME5r-LDS7ed-AZbr4RCILUb2L5_3CFAT24ETmF7VrWThAFw6cdT_DBGd6MzZxWE_QFf3ahNOe0uujTRBcZxQRbL3h2rG5AedPZgv0lU2m3SJeFq-q29sD7EscQlS1cT6sQ2wmaKksNbooaTVlKhEiKmvh3oP42eaR_XdRiZswx69VzZotAD1UuqkNms9YQ9Lb31OQ0XPySeZfckGfe0wCLc25FS4d89SdR5p1tEkyHRhU7BKpzULMXti4Xce_8ofvFiyWKJ6McWslILnKcUV6LQDEMIeaKoYqVqbPejm2lw2DdUXnFDcz34y413mc-O4wEOmiu1OC0uTVihRQlkVy2No48p7vZtPQCmqUY1mInRyeMbzTfnMfYNe8w6k7xaucoTBmw9M7l1J9q6wfaRMIqEwaeTakuuUt0AEHed6XmIdjFlvmGNjNk_O02pdbx1A3kgFux_lyiEMwATdqa68oALgBAGIBZLOnJAYkgUECAQYAZIFBAgFGASgBi6AB_qyiQioB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCoogzSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi05NzUxODk0NjQwMjY2MTA2mgkwaHR0cHM6Ly93d3cubGFwc3RvcmUuZGUvP3RhZz1kaXNwbGF5JnRhZz1ncmV0YXJngAoDyAsBuBOcG9gTDYgUCtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zMjQ3OTE5NDA4MTMyMzIyGLzOGQ&sigh=r6mUnlHpQj4&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWXBMMgqBXuklXwoN9hMpW-qtnXcJi9JyPAhv3zM7Vm2cdNPy-lx6dtqrKvzVeTnvPitOoSFW2hR5_K-ylm7AhKU-Cxp2nyBgB&template_id=3484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210172506089370299557%22,%22debug_reporting%22:true,%22destination%22:%22https://lapstore.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%221056810606%22],%224%22:[%2209-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226773068196818508193%22}&andc=true

Request Chain 335

https://gcdn.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726332509/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/612D6C16D7B8C377E9833E3C69CF1D7D463E2D63.2B7FCCEF25EA66394D579AF9B691C5CF8E166C21/key/ck2/file/file.mp4?cpn=QcR5e1b1ISCNewo0 HTTP 302
https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726332509/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/06DC008C35DF6DB5531BD427D3C7C67BB1359DC6.7F3648664042DFA269D17A81FD0304D7F6F12BFF/key/cms1/cms_redirect/yes/mh/qX/mip/176.115.237.89/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1694795852/mv/u/mvi/1/pl/22?cpn=QcR5e1b1ISCNewo0&file=file.mp4

Request Chain 364

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1YYN HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1YYN&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3QUB3xD0Qz6jpThKTEDNqA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3QUB3xD0Qz6jpThKTEDNqA

Request Chain 365

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1YYN HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1YYN&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VuvK8I07QdOlK4l4pS4G8Q&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=VuvK8I07QdOlK4l4pS4G8Q

Request Chain 367

https://token.rubiconproject.com/token?pid=25470&us_privacy=1YYN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1LVTMxOFktUS00NlBZ&us_privacy=1YYN HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENOzmvlhAsSwK3xEHJolIFo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1LVTMxOFktUS00NlBZ&google_push=

Request Chain 368

https://token.rubiconproject.com/token?pid=36584&us_privacy=1YYN HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMKU318Y-Q-46PY&us_privacy=1YYN

Request Chain 369

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YYN HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDTwo485-GVmHT7TTjt2dBA&google_cver=1

Request Chain 370

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YYN HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/ZJywN5CEefbhMqOuzEEOTg?csrc=&us_privacy=1YYN HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-l6PeBKdE2oLsZE8Jf3IgQGsAhgk6jS7oKTsF1A--~A

Request Chain 371

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YYN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDVlZDE2YmEwMWY2YWIzODE1Yzc0NjUxN2I3NDkwYjgwOGE0MjA3Nw&us_privacy=1YYN

375 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html Show response
www.telegraphherald.com/news/tri-state/ 583 KB
141 KB 383ms
166ms Document
text/html 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

50fbe9616388df1e7a91f703afacdbffeab1ff64df2838ac53527dbf265889a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3054
cache-control: public, max-age=10
content-encoding: gzip
content-length: 142444
content-type: text/html; charset=UTF-8
date: Fri, 15 Sep 2023 15:57:29 GMT
etag: W/a0ed64bf25ae8f65a9e6600752db57a1
last-modified: Wed, 13 Sep 2023 06:00:00 GMT
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://cdn.cookielaw.org/scripttemplates/otSDKStub.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
vary: X-IPCountry, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.71.0; app1; 0.41s; 6.7M
x-ua-compatible: IE=edge
x-vcache: HIT
x-xss-protection: 1; mode=block

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 356ms
21ms Script
application/javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7EncTFplbWDUpOxlbB9/Qg==
age: 70888
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6836
x-ms-lease-status: unlocked
last-modified: Thu, 14 Sep 2023 03:20:28 GMT
server: cloudflare
etag: 0x8DBB4D18B5A7722
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 78ead4e6-f01e-0059-3544-e7be00000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80725b675eb6380f-FRA

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
34 KB 175ms
61ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 10882575
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e609f2-1882c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fe2791fb-FRA
expires: Wed, 26 Jul 2023 07:32:56 GMT

GET
H2 200 user.js Show response
www.telegraphherald.com/shared-content/art/tncms/user/ 3 KB
2 KB 176ms
174ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telegraphherald.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:44:19 GMT
content-encoding: gzip
last-modified: Thu, 07 Sep 2023 15:06:26 GMT
x-vcache: HIT
age: 243
etag: W/"64f9e6f2-c46"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1437
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 173ms
60ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 646114
cross-origin-resource-policy: cross-origin
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fe2691fb-FRA
expires: Wed, 27 Mar 2024 10:56:11 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 32 KB
12 KB 167ms
54ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 14716866
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:17 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137065-8154"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fe1d91fb-FRA
expires: Thu, 21 Mar 2024 07:31:20 GMT

GET
H2 200 tnt.ee95c0b6f1daceb31bf5ef84353968c6.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 11 KB
4 KB 139ms
27ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2631839
cross-origin-resource-policy: cross-origin
last-modified: Thu, 10 Aug 2023 18:23:36 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64d52b28-2d77"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fe1a91fb-FRA
expires: Wed, 14 Aug 2024 19:01:20 GMT

GET
H2 200 application.3c64d611e594b45dd35b935162e79d85.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 177ms
65ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

076f281a9257ad662f34badb12393195fdca0dc2fde9acd1f1628b9674a96aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 7214317
cross-origin-resource-policy: cross-origin
last-modified: Fri, 23 Jun 2023 18:40:28 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6495e71c-10fa"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fe1691fb-FRA
expires: Sat, 22 Jun 2024 19:01:48 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
984 B 169ms
57ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 3172617
cross-origin-resource-policy: cross-origin
last-modified: Mon, 17 Jul 2023 20:19:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64b5a23c-9b8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fe1391fb-FRA
expires: Thu, 25 Jul 2024 10:14:23 GMT

GET
H2 200 bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 155ms
45ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1446692
cross-origin-resource-policy: cross-origin
last-modified: Thu, 11 May 2023 20:00:28 GMT
x-vcache: MISS
server: cloudflare
etag: W/"645d495c-1ac2e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fdff91fb-FRA
expires: Wed, 15 May 2024 15:01:11 GMT

GET
H2 200 layout.c16df073a4f45c16eb2b8a91ceb7b785.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 154 KB
28 KB 140ms
29ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.c16df073a4f45c16eb2b8a91ceb7b785.css

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38a8c69764cb608dd9ab1a715c2bcc582d8ffdf33ea486a8926234bf68d5733c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 3162159
cross-origin-resource-policy: cross-origin
last-modified: Wed, 26 Jul 2023 20:07:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64c17cf0-26681"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fe0791fb-FRA
expires: Wed, 31 Jul 2024 19:01:29 GMT

GET
H2 200 theme-basic.a7351649a9c39f0af7c6d288a87ef140.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 41 KB
8 KB 151ms
42ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.a7351649a9c39f0af7c6d288a87ef140.css

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5069584ce49d3443299d9a275b0924a94f054ec25dabfcbc2118d2425dda672

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 7502736
cross-origin-resource-policy: cross-origin
last-modified: Thu, 15 Jun 2023 22:05:00 GMT
x-vcache: MISS
server: cloudflare
etag: W/"648b8b0c-a506"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fe0a91fb-FRA
expires: Wed, 19 Jun 2024 19:01:35 GMT

GET
H2 200 tnt.access.offers.e83899ab184df30a9837c1688f1e5fa1.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/styles/ 21 KB
4 KB 163ms
53ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/styles/tnt.access.offers.e83899ab184df30a9837c1688f1e5fa1.css

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e87afb07bae07c473cd2c18190936b19be8925b8f47e94ff7cb8f477c3c9ffbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 596748
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:16:02 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa12-5327"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fe0e91fb-FRA
expires: Wed, 07 Aug 2024 19:01:29 GMT

GET
H2 200 datepicker3.9f2593097fc3849b80bb9d187a12b345.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 31 KB
3 KB 134ms
24ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/datepicker3.9f2593097fc3849b80bb9d187a12b345.css

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62864dfc09682e01eedffa6de15991cab27064828cb39a1831059ab9a7bb735b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 9430970
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:40:15 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6413709f-7b02"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fe0c91fb-FRA
expires: Thu, 21 Mar 2024 07:34:33 GMT

GET
H2 200 flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 960 B
521 B 166ms
56ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33d27a2237dd1e05c016cffdd6e7f19af210d5ab0f278a1090d0c342ee151a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 646114
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:40:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137098-3c0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fe1091fb-FRA
expires: Thu, 21 Mar 2024 06:59:11 GMT

GET
H2 200 flex-card-promo-boxes.ed1a8e3c93ef8d80d23b903d016790fa.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 1 KB
609 B 158ms
49ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-card-promo-boxes.ed1a8e3c93ef8d80d23b903d016790fa.css

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0bb12bc1cb0dd34d2c3db06e0e376e55d14453983513e9670973e39ea2b7f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 18395914
last-modified: Tue, 10 May 2022 15:15:26 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a818e-4a6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fe0f91fb-FRA
expires: Thu, 25 May 2023 06:19:10 GMT

GET
H2 200 access.js Show response
www.telegraphherald.com/shared-content/art/tncms/api/ 87 KB
35 KB 172ms
170ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telegraphherald.com/shared-content/art/tncms/api/access.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 955becd6590ca9099279669e95771cf8d4d519ff8643dc8c398b6daaba6061a8

Request headers

Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:44:12 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 14:49:50 GMT
x-vcache: HIT
age: 251
etag: W/"64f8918e-15cd7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 35387
service-worker-allowed: /

GET
H2 200 bootstrap-datepicker.2b28bee684315ebcadec4a6b63cc146d.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 26 KB
8 KB 167ms
58ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/bootstrap-datepicker.2b28bee684315ebcadec4a6b63cc146d.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

883aa8eae3e60fb3293982ea005b7d0825faf153e68b7495fc6fe5893c38cb8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 12136705
cross-origin-resource-policy: cross-origin
last-modified: Thu, 23 Feb 2023 14:47:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63f77c7a-6931"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fe2191fb-FRA
expires: Mon, 26 Feb 2024 07:53:36 GMT

GET
H2 200 jquery.mask.84bef41f682a27dac3fd6e812c06365d.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 3 KB
1 KB 168ms
59ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.mask.84bef41f682a27dac3fd6e812c06365d.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5bf9da61f9d4956b20577fe79038e5bd6dd8db076059155b18d8f4f2f8d6b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 624056
cross-origin-resource-policy: cross-origin
last-modified: Wed, 24 May 2023 17:14:47 GMT
x-vcache: MISS
server: cloudflare
etag: W/"646e4607-c0b"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fe1e91fb-FRA
expires: Sat, 25 May 2024 08:06:02 GMT

GET
H2 200 tnt.access.log.3a08a9e5cc9ffa7f4c54ed2c8a09a1a2.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 10 KB
2 KB 160ms
52ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.3a08a9e5cc9ffa7f4c54ed2c8a09a1a2.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4502a3093838e13382b726c462761c6f8d75ace126ecccebc1f051f0beb3a11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 596748
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:15:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa0e-2638"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fe1f91fb-FRA
expires: Wed, 07 Aug 2024 19:01:29 GMT

GET
H2 200 tnt.access.status.828de94349981272665c0fb0107f3e49.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 925 B
420 B 156ms
48ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.status.828de94349981272665c0fb0107f3e49.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4530108a7846e31d33b46c776fcd52a54aa52c879577dee1cd75dbae68dc0585

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 596748
cross-origin-resource-policy: cross-origin
last-modified: Fri, 19 May 2023 18:36:42 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6467c1ba-39d"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fe2291fb-FRA
expires: Thu, 23 May 2024 11:08:54 GMT

GET
H2 200 user-controls.578df3df79d812af55ab13bae47f9857.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 533 B
447 B 41ms
35ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

448e1a4179ffa476609ed1e8909867082486239c06fb2e277f7843e3269d427b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 646114
cross-origin-resource-policy: cross-origin
last-modified: Mon, 17 Jul 2023 20:19:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64b5a23c-215"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b68590b91fb-FRA
expires: Thu, 25 Jul 2024 10:08:09 GMT

GET
H2 200 sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 1 KB
867 B 39ms
33ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 48530
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Feb 2023 20:57:54 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63ee98d2-5bb"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b68590d91fb-FRA
expires: Thu, 22 Feb 2024 12:05:29 GMT

GET
H2 200 tnt.dynamic.navigation.2c31f97f685c80e6b8dde49bcd628fd6.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
843 B 36ms
30ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f1cfc02cb95103ce088d49e98ba6dfa4eaadb10fe50939f8b0cbca742a0802f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 646113
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:33:53 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64246871-6d3"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b68590e91fb-FRA
expires: Tue, 02 Apr 2024 18:17:29 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/townnews/ 48 KB
19 KB 139ms
57ms Script
application/javascript 108.156.2.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/op.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-3.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2d5da788f85f6c7606a2ce6b73ffdc5bbae4f1c94718b3682e614317a97ed0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: XA6dViIncsajw.9xT0BwO90kJFc7NvVx
content-encoding: gzip
via: 1.1 595b5bc75f9607fd025370f043f817c2.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 16:07:02 GMT
x-amz-cf-pop: MXP63-P4
age: 2489
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19170
x-amz-meta-git_commit: e09f10f
last-modified: Wed, 13 Sep 2023 15:33:43 GMT
server: AmazonS3
etag: "f6b54ac76ca5c2f94afd76e0d00f9e5e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: VVSFjgBVUM2lSmG1Op0MSjfKIyoEpTCiTlxoZnfxgBq7D4FRR0mPzw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 410ms
77ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

5a8637ad045df67e5f877ca96c133ef97633ddd5eb99f22f27de7f11ec8853d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29356
x-xss-protection: 0
server: cafe
etag: 749 / 19615 / m202309120101 / config-hash: 4208450176701668025
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:48:24 GMT

GET
H2 200 tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/ 4 KB
2 KB 39ms
34ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1f33558d1045531b408a422d50e71ad01b0b33984d74d6a3a06d97e4cfd3d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 12136705
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Apr 2023 14:41:39 GMT
x-vcache: MISS
server: cloudflare
etag: W/"643814a3-1151"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b68591191fb-FRA
expires: Wed, 17 Apr 2024 20:53:25 GMT

GET
H2 200 tnt.followed.notifications.5c3f8754f8cc2a7e270984c98de1d1c9.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/search/resources/scripts/ 3 KB
1 KB 41ms
36ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/search/resources/scripts/tnt.followed.notifications.5c3f8754f8cc2a7e270984c98de1d1c9.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a59df0e9bd45c2897db8be1409882ef4ebb7508ed14cd742c75160e5256f845e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 7501021
cross-origin-resource-policy: cross-origin
last-modified: Thu, 15 Jun 2023 22:04:06 GMT
x-vcache: MISS
server: cloudflare
etag: W/"648b8ad6-d35"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b68591491fb-FRA
expires: Wed, 19 Jun 2024 19:01:35 GMT

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 200 B
277 B 159ms
51ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 10867160
cross-origin-resource-policy: cross-origin
last-modified: Fri, 21 Apr 2023 12:44:18 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64428522-c8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b65fe2491fb-FRA
expires: Fri, 26 Apr 2024 16:49:52 GMT

GET
H2 200 tracking.js Show response
www.telegraphherald.com/shared-content/art/tncms/ 3 KB
1 KB 175ms
174ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telegraphherald.com/shared-content/art/tncms/tracking.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:47:09 GMT
content-encoding: gzip
last-modified: Thu, 07 Sep 2023 15:06:26 GMT
x-vcache: HIT
age: 74
etag: W/"64f9e6f2-a3a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1157
service-worker-allowed: /

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 36ms
31ms Script
application/javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 39114
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80725b684fe8380f-FRA

GET
H2 200 fontawesome.b2419fcc3201a1f4e3293248c643da08.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 268 KB
97 KB 44ms
39ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.b2419fcc3201a1f4e3293248c643da08.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

389f438844f7135c2be70a4a9f6654443a8c76482f1f0fbbea73b903c0d5cfad

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 7502735
cross-origin-resource-policy: cross-origin
last-modified: Thu, 15 Jun 2023 22:03:56 GMT
x-vcache: MISS
server: cloudflare
etag: W/"648b8acc-430b9"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b68591591fb-FRA
expires: Wed, 19 Jun 2024 19:01:35 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 203 KB
46 KB 205ms
64ms Script
text/javascript 3.160.212.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-212-72.mxp53.r.cloudfront.net

Software

Resource Hash

cb9c4209cb9614d749efa807c0f454fc51136f7d5914ca629945cadad984edf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:39:07 GMT
content-encoding: gzip
via: 1.1 469dc5bcdade6fbc3eb82a70fb41aeea.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP53-P3
age: 557
etag: W/"32bd5-ML7JuoX3RQAdwjY+/7SzPPb0+Vo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: ckD6B60cmcmLAlaVDCNf7DbwsZS15drdfZuRf5uFC1sAs1eHSXCLKQ==

GET
H2 200 tracker.js Show response
www.telegraphherald.com/shared-content/art/stats/common/ 9 KB
3 KB 174ms
173ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telegraphherald.com/shared-content/art/stats/common/tracker.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:44:12 GMT
content-encoding: gzip
last-modified: Wed, 22 Mar 2023 14:02:33 GMT
x-vcache: HIT
age: 251
etag: W/"641b0a79-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 f4444c72-43dc-11eb-b69b-e72b84364643.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/ 17 KB
18 KB 38ms
33ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/f4444c72-43dc-11eb-b69b-e72b84364643.jpg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

870028f088733265a28509511a09579ac83710b15ab1141ac8a58fe625cb2eb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 400516
cf-polished: qual=85, origFmt=jpeg, origSize=37309
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="f4444c72-43dc-11eb-b69b-e72b84364643.webp"
content-length: 17692
cf-bgj: imgq:85,h2pri
last-modified: Mon, 21 Dec 2020 22:36:23 GMT
server: cloudflare
x-vcache: MISS
etag: "5fe12367-91bd"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 80725b68591691fb-FRA
expires: Thu, 05 Sep 2024 19:25:38 GMT

GET
H2 200 9139213c-5b44-11eb-9746-8b8866e9f2ff.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/ 4 KB
4 KB 36ms
32ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/9139213c-5b44-11eb-9746-8b8866e9f2ff.jpg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b69de612111c26b096a1f30502688185e5bd0fcb1681c9fd7a9a1b89fa9d82e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 622662
cf-polished: qual=85, origFmt=jpeg, origSize=4605
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="9139213c-5b44-11eb-9746-8b8866e9f2ff.webp"
content-length: 3756
cf-bgj: imgq:85,h2pri
last-modified: Wed, 20 Jan 2021 17:26:01 GMT
server: cloudflare
x-vcache: MISS
etag: "600867a9-11fd"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 80725b68591891fb-FRA
expires: Thu, 15 Aug 2024 17:59:21 GMT

GET
H2 200 84062fc8-a3fe-11ed-9545-938ccd782e2c.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/ 8 KB
9 KB 37ms
33ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/84062fc8-a3fe-11ed-9545-938ccd782e2c.jpg?resize=750%2C63

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

098febc0d0ea7ff5edd7991f8ea8db5997c8f2ca32bbeb0ab2da5b28f0c96c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 183630
cf-polished: qual=85, origFmt=jpeg, origSize=10687
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="84062fc8-a3fe-11ed-9545-938ccd782e2c.webp"
content-length: 8512
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Feb 2023 20:08:25 GMT
server: cloudflare
x-vcache: MISS
etag: "a076aaa44296e3449d9be9ce9c5169e2"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 80725b68591991fb-FRA
expires: Fri, 26 Jul 2024 06:26:15 GMT

GET
H/1.1 200
OK cancellations-js-data.cfm Show response
www.accessdubuque.com/TownNews/data/ 136 B
393 B 739ms
120ms Script
text/html 184.175.83.79
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.accessdubuque.com/TownNews/data/cancellations-js-data.cfm
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.175.83.79 , United States, ASN7393 (CYBERCON, US),
Reverse DNS: cf.thmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e6f9679b4a3f1b11233b36ccc9728ee7db25cffd51542ce046c82f1f368a6740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:48:24 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Length: 179
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK turpin-logo-clean-200x51.png
www.accessdubuque.com/ 11 KB
11 KB 583ms
150ms Image
image/png 184.175.83.79
CYBERCON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.accessdubuque.com/turpin-logo-clean-200x51.png
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.175.83.79 , United States, ASN7393 (CYBERCON, US),
Reverse DNS: cf.thmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b33206bcdd3dc06f5d13265b61a6afc0b61a09b366c9f7b84b7a869274dd2654

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:48:24 GMT
Last-Modified: Fri, 21 Jan 2022 21:47:32 GMT
Server: Microsoft-IIS/10.0
ETag: "4d5aaf7e10fd81:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11462

GET
H2 200 60f1e118a9d82.image.png
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/media/e/cf/ecfff66c-e66d-11eb-95f9-4b43aeaae19e/ 7 KB
7 KB 42ms
38ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/media/e/cf/ecfff66c-e66d-11eb-95f9-4b43aeaae19e/60f1e118a9d82.image.png

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d950bcf10ea02125f7e203a9d96b3589a74558d66b33171845e4fa3d0a18d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 1130552
cf-polished: origFmt=png, origSize=12536
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="60f1e118a9d82.webp"
content-length: 6884
cf-bgj: imgq:85,h2pri
last-modified: Fri, 16 Jul 2021 19:42:16 GMT
server: cloudflare
x-vcache: MISS
etag: "60f1e118-30f8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 80725b68591a91fb-FRA
expires: Wed, 07 Aug 2024 20:11:21 GMT

GET
H/1.1 200
OK optin.js Show response
embed.secondstreetapp.com/Scripts/dist/ 177 KB
52 KB 445ms
107ms Script
application/javascript 54.197.229.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.secondstreetapp.com/Scripts/dist/optin.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-197-229-45.compute-1.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d6f235c0ae26135f22383f4adf497677205319471b09ee53ab9d8b2b4a364fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:48:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Sep 2023 15:34:46 GMT
Server: Microsoft-IIS/10.0
ETag: "02f227ec5e4d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 104
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 52552

GET
H2

200

embed.js Show response
embedcdn.sendtonews.com/easy-stn-player/7.23.0-A/
Redirect Chain

https://embed.sendtonews.com/player2/embedcode.php?fk=dtKKcuXb&cid=13403
https://embedcdn.sendtonews.com/easy-stn-player/7.23.0-A/embed.js

7 KB
3 KB

112ms
25ms

Script
application/javascript

108.157.177.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embedcdn.sendtonews.com/easy-stn-player/7.23.0-A/embed.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Server: 108.157.177.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-177-7.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3328bd9037407076ea9796475ce6b141b3123ebaaedbc56efdc43ee07cd43dc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:47:46 GMT
x-amz-version-id: R.2AvLLqDMEiBlSkHE87hNbIdl1IN7Po
content-encoding: br
last-modified: Tue, 12 Sep 2023 00:30:31 GMT
server: AmazonS3
via: 1.1 8658ad5cea5eec111b2c1a690caa2eda.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P1
etag: W/"5cc2c452879a57020145e8cdc91535cf"
age: 39
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: YISsV7J_kEIRy_JgmhjndNO7aEx1KINTw93m4ceMXvHVPwdiYcJW7w==

Redirect headers

date: Fri, 15 Sep 2023 16:48:24 GMT
via: 1.1 1ebee81f497eb06c92039c3b1faacc38.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LHR50-P5
x-cache: FunctionGeneratedResponse from cloudfront
location: https://embedcdn.sendtonews.com/easy-stn-player/7.23.0-A/embed.js
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: lNezIvJtNCgTTqPmuzlRh1jaFOEhEd8nJ8_o03UAnrRcE0VUD14L2w==

GET
H2 200 64528a8d95831.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/media/d/e0/de0a808a-e9ce-11ed-8900-4be12711b57b/ 17 KB
18 KB 40ms
36ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/media/d/e0/de0a808a-e9ce-11ed-8900-4be12711b57b/64528a8d95831.image.jpg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa05997ea2c6a549852ad57323ba29ddf9cc361a636871be8fe52617d1b2cd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 1316555
cf-polished: qual=85, origFmt=jpeg, origSize=29480
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="64528a8d95831.webp"
content-length: 17840
cf-bgj: imgq:85,h2pri
last-modified: Wed, 03 May 2023 16:23:41 GMT
server: cloudflare
x-vcache: MISS
etag: "64528a8d-7328"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 80725b68591b91fb-FRA
expires: Sat, 08 Jun 2024 17:41:20 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 163 KB
52 KB 111ms
26ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 7f84a292e0721d3de1fed900349151e455ca5a03561747a4d58088693729efa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 18:58:37 GMT
server: AmazonS3
x-amz-request-id: 976X3SNCC5YKP1HY
etag: "a9aebf0b520fad8d9f454f7e1ed59efd"
x-amz-server-side-encryption: AES256
x-hw: 1694796504.cds109.lo4.hn,1694796504.cds072.lo4.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 52533
x-amz-id-2: F2sgeuH1R++C7v7XnNjOffNMoNdg59dw8gDaEuxvVSfVTnZx3b/l9V+ihE9G1B3nAQqnSoThlBMsIQuK54PQ/w==

GET
H2 200 2765012a-43ae-11eb-b69b-9b615e72b007.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/ 10 KB
10 KB 35ms
31ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/2765012a-43ae-11eb-b69b-9b615e72b007.jpg?resize=540%2C187

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fb252a7b0f03225554f0781925db4039148977f4731567d3d161a7b2f8bac64

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 396722
cf-polished: qual=85, origFmt=jpeg, origSize=14995
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="2765012a-43ae-11eb-b69b-9b615e72b007.webp"
content-length: 10340
cf-bgj: imgq:85,h2pri
last-modified: Mon, 21 Dec 2020 17:01:22 GMT
server: cloudflare
x-vcache: MISS
etag: "5ba692d20d23ce7a861173f51ffd3891"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 80725b68591c91fb-FRA
expires: Fri, 06 Sep 2024 10:52:44 GMT

GET
H2 200 tnt.access.3.1.a6e0068e9b5fdd5e841934cf8157498c.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 8 KB
2 KB 32ms
25ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.3.1.a6e0068e9b5fdd5e841934cf8157498c.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e29e7a53319f0f692a359d1dd23f412bebb653718dd3a9435ff2d12081b8cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 3257378
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:15:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa0e-1e2a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b6848e591fb-FRA
expires: Wed, 07 Aug 2024 19:01:29 GMT

GET
H2 200 tnt.access.granted.3.1.fc65cad9e66250cf8998ec9ff3cfa9eb.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
880 B 32ms
24ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.granted.3.1.fc65cad9e66250cf8998ec9ff3cfa9eb.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6519b2e757cd863fa5d0fd7476b99cd8983f6b34cda36b65b0ef6791b9bd60c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 9375922
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:04 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137058-832"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b6848e791fb-FRA
expires: Wed, 27 Mar 2024 12:51:14 GMT

GET
H2 200 tnt.access.user.modal.b3515e2efc7544f596cd77d421e1655f.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 3 KB
999 B 33ms
25ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.user.modal.b3515e2efc7544f596cd77d421e1655f.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b398ca5776a86c9873f15b54b0e4f51a30b844915c2286630072d2410f4ced00

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 589439
cross-origin-resource-policy: cross-origin
last-modified: Thu, 10 Aug 2023 18:23:36 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64d52b28-a12"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b6848e991fb-FRA
expires: Wed, 14 Aug 2024 19:01:34 GMT

GET
H2 200 tnt.access.user.modal.wall.21ec4dc0d216de4acb895df85cf39bf1.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 27 KB
7 KB 33ms
25ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.user.modal.wall.21ec4dc0d216de4acb895df85cf39bf1.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62fa775e491874d7e0eb6dc4293d4920d156c6d04eb9d2cbc62519115822ae44

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2631838
cross-origin-resource-policy: cross-origin
last-modified: Thu, 10 Aug 2023 18:23:36 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64d52b28-6c5a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b6848ea91fb-FRA
expires: Wed, 14 Aug 2024 19:01:34 GMT

GET
H2 200 tnt.access.denied.4.0.offers.3838af3fd4bd9949036725cb7bad51e6.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 12 KB
4 KB 33ms
26ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.denied.4.0.offers.3838af3fd4bd9949036725cb7bad51e6.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5829a4bb2db7aa971395872851eae5fb07ce0196772c09fa9fd1576f5852b0df

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 3257378
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:15:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa0e-2e05"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b6848f091fb-FRA
expires: Wed, 07 Aug 2024 19:01:42 GMT

GET
H2 200 jquery.validate.f4d73313b7ce7a32500a94c38e2d2ca2.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 20 KB
7 KB 34ms
26ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.validate.f4d73313b7ce7a32500a94c38e2d2ca2.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f180d76be4fe3072f5c29b64ac56aa850f4ee0bfc2fcfe33541f918cd2801ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 9375922
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:34:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64246880-512b"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b6848f391fb-FRA
expires: Wed, 03 Apr 2024 07:50:54 GMT

GET
H2 200 additional-methods.54cac72c4ecc4fe6191818374fa8d218.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 15 KB
4 KB 42ms
34ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/additional-methods.54cac72c4ecc4fe6191818374fa8d218.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ada9d82a1291abeb8fe95fb82359767ce8d18b87553c624d3049368e93d28c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 10882575
last-modified: Thu, 21 Jul 2022 21:06:59 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62d9bff3-3a2f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b6848f591fb-FRA
expires: Wed, 26 Jul 2023 09:23:05 GMT

GET
H2 200 jquery.validate.custom-methods.77562065896d6b48f0405363b8758736.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 7 KB
2 KB 35ms
27ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.validate.custom-methods.77562065896d6b48f0405363b8758736.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e601d8d6f7a7e9ea77b0779587ac065677343a89df058a6638129e9b0f1ebdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 602049
cross-origin-resource-policy: cross-origin
last-modified: Thu, 11 May 2023 04:31:44 GMT
x-vcache: MISS
server: cloudflare
etag: W/"645c6fb0-1ce5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b6848f691fb-FRA
expires: Wed, 19 Jun 2024 19:01:35 GMT

GET
H2 200 tnt.access.log.gtm.22dbd70d9641f10d0559ebd1a1327e07.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 3 KB
767 B 37ms
29ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.gtm.22dbd70d9641f10d0559ebd1a1327e07.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5040a141549518c773b0d75420b0d4d316b26c029e4c94946d60d5d3afac7cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 3257378
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:15:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa0e-ce5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b6848f891fb-FRA
expires: Wed, 07 Aug 2024 19:01:29 GMT

GET
H2 200 tnt.access.log.legacy.8de26295ce9ca025da0008f10ecacd2d.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 4 KB
934 B 35ms
28ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.legacy.8de26295ce9ca025da0008f10ecacd2d.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bfb4a2c4f974120f57a48cc57f7937f8045abe2bfb1f78b6683dab126091464

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 591596
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:15:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa0e-f6a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b6848fb91fb-FRA
expires: Wed, 07 Aug 2024 19:01:29 GMT

GET
H2 200 tnt.access.output.subscription.245e49413d8c36773b4034b7970cc61e.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
1 KB 34ms
27ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.output.subscription.245e49413d8c36773b4034b7970cc61e.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef545107e05d08ac455ec0a3b36290ef3d3a5e7b49d2ed8f5f1499398b58fc43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 9833202
cross-origin-resource-policy: cross-origin
last-modified: Wed, 24 May 2023 17:14:29 GMT
x-vcache: MISS
server: cloudflare
etag: W/"646e45f5-9bc"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b6858fd91fb-FRA
expires: Thu, 23 May 2024 18:01:33 GMT

GET
H2 200 tnt.access.output.laterpay.7a6e72d83c11470ac72ce2b2f5d9fdbd.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
1 KB 35ms
28ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.output.laterpay.7a6e72d83c11470ac72ce2b2f5d9fdbd.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af6bea70dc94c86467e3682e344566a3f7097d677b5329fe22fd41abb9a443bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 18479923
last-modified: Thu, 23 Jun 2022 13:40:15 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62b46d3f-9cd"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b68590091fb-FRA
expires: Thu, 06 Jul 2023 19:03:13 GMT

GET
H2 200 tnt.access.output.customjs.1480f2a51e2939dd767e130e3406e489.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
715 B 42ms
36ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.output.customjs.1480f2a51e2939dd767e130e3406e489.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc1009104ffcf20bdd8170964316315eb915d2d565aebc9d8f21b8b8f8e94150

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 602049
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:34:01 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64246879-638"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b68590191fb-FRA
expires: Tue, 02 Apr 2024 19:18:33 GMT

GET
H2 200 asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 941 B
488 B 36ms
29ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 9375922
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:38:56 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137050-3ad"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b68590391fb-FRA
expires: Thu, 21 Mar 2024 07:18:52 GMT

GET
H2 200 tnt.ads.core.ff45cdf30b55b3c7217142a30df13f3d.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 13 KB
5 KB 35ms
28ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.ff45cdf30b55b3c7217142a30df13f3d.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46a96fa4f8b7be243cc0f92c4f877dfc84490eac8cba15ef27bbd4a1ae79c221

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1454627
cross-origin-resource-policy: cross-origin
last-modified: Tue, 22 Aug 2023 13:23:07 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64e4b6bb-34c5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b68590491fb-FRA
expires: Wed, 28 Aug 2024 19:01:27 GMT

GET
H2 200 withinviewport.1f94ee79a22e6ee8e9c0bb61dec9999b.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 2 KB
1 KB 36ms
30ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34fc4e7529fac73aeaa0c93e5d6c40dcf6dc896aa0df459fac69542fb8a2a547

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 596746
cross-origin-resource-policy: cross-origin
last-modified: Fri, 23 Jun 2023 13:09:39 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64959993-9c5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b68590591fb-FRA
expires: Sat, 22 Jun 2024 15:29:47 GMT

GET
H2 200 jquery.withinviewport.6ef0fee1774e9b313c264a5736522e35.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 1 KB
490 B 38ms
32ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.withinviewport.6ef0fee1774e9b313c264a5736522e35.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef363fc8d14e4cdfc401792ea044108d84aa709594566611808f8e5aa0779c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2786979
cross-origin-resource-policy: cross-origin
last-modified: Wed, 21 Jun 2023 20:55:53 GMT
x-vcache: MISS
server: cloudflare
etag: W/"649363d9-591"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b68590791fb-FRA
expires: Sat, 22 Jun 2024 09:17:07 GMT

GET
H2 200 jquery.scrollstop.934c2bd4d6bebe0494bcb9dd4b1b6ca1.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 976 B
547 B 41ms
35ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.scrollstop.934c2bd4d6bebe0494bcb9dd4b1b6ca1.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d06b0e662cfd11cf87c4c75d9a1c22bb7f710d0d1b9c6d5dfc099e52672a4246

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 7234720
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137064-3d0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b68590891fb-FRA
expires: Thu, 21 Mar 2024 07:18:52 GMT

GET
H2 200 sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 4 KB
2 KB 40ms
34ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c66013cda2311853afac3fb10ca1e7bec5f583d26cfd6eaf8a2a87a610072d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 12136705
cross-origin-resource-policy: cross-origin
last-modified: Fri, 21 Apr 2023 12:43:35 GMT
x-vcache: MISS
server: cloudflare
etag: W/"644284f7-1008"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b68590991fb-FRA
expires: Fri, 26 Apr 2024 18:36:21 GMT

GET
H2 200 tnt.regions.b44801b45845a81b995eeaad12f4f276.js Show response
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 36ms
30ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39d6835ee4b7c5b33295b8e6ca78c56ce6fbcf44d80e79d218d528a2453fb185

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 15628009
last-modified: Thu, 21 Jul 2022 21:06:45 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62d9bfe5-1015"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b68590a91fb-FRA
expires: Thu, 27 Jul 2023 03:32:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 229 KB
77 KB 359ms
27ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

71f8a4b9e9bcfa836f956ca781c230632f86510b33ae8887042db3ee349c9dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78931
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Sep 2023 16:48:24 GMT

GET
H2 200 62f59fd0-d7e3-438f-9ad5-b01d90539a49.json Show response
cdn.cookielaw.org/consent/62f59fd0-d7e3-438f-9ad5-b01d90539a49/ 5 KB
2 KB 524ms
95ms XHR
application/x-javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/62f59fd0-d7e3-438f-9ad5-b01d90539a49/62f59fd0-d7e3-438f-9ad5-b01d90539a49.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c01b4ea39d41a159cae309e742b5cd4dcbfb24d99456a6ab3822f426120f765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: rOfib6L6hvufFQlsTgH36Q==
content-length: 1707
x-ms-lease-status: unlocked
last-modified: Mon, 26 Sep 2022 04:01:06 GMT
server: cloudflare
etag: 0x8DA9F73BCE27AFD
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0eb5f026-e01e-0171-61e1-5aec8a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80725b6a3d769b5e-FRA
expires: Sat, 16 Sep 2023 16:48:24 GMT

GET
H2 200 b-e09f10f-34756dc3.js Show response
tagan.adlightning.com/townnews/ 81 KB
31 KB 103ms
99ms Script
application/javascript 108.156.2.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-3.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 07:16:44 GMT
content-encoding: gzip
via: 1.1 595b5bc75f9607fd025370f043f817c2.cloudfront.net (CloudFront)
x-amz-version-id: vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop: MXP63-P4
age: 3835901
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30930
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:34 GMT
server: AmazonS3
etag: "bd7974ac83b1adc649e5e24a01f74b12"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0haWUkrccMKLytfsbE00hx6RCaFZ9mAhbbUPuW_bWxOmOvVrN83vyQ==

GET
H2 200 bl-ef0aa10-eb644f7f.js Show response
tagan.adlightning.com/townnews/ 73 KB
30 KB 139ms
135ms Script
application/javascript 108.156.2.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/bl-ef0aa10-eb644f7f.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-3.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 197d57973f476d5a90adbeb556aa75d0dd3b0de064773b87e9ac4315858a03a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 15:37:40 GMT
content-encoding: gzip
via: 1.1 595b5bc75f9607fd025370f043f817c2.cloudfront.net (CloudFront)
x-amz-version-id: URKQx7fx6_jf5ilRKQVENDhziRpFv7ub
x-amz-cf-pop: MXP63-P4
age: 177045
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30654
x-amz-meta-git_commit: ef0aa10
last-modified: Wed, 13 Sep 2023 15:33:03 GMT
server: AmazonS3
etag: "cf5585934ccd581e98fb184e006c7b11"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: mo7oLiYXTWK--yFluOIUq7ysGCc7weu_Bv2QIa4sm0MtwDrFgqsyxA==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 249 KB
61 KB 90ms
27ms Script
application/javascript 18.66.202.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.202.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-202-223.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:59:34 GMT
content-encoding: gzip
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 240ebea27618238384903016b8e84168.cloudfront.net (CloudFront)
last-modified: Thu, 14 Sep 2023 19:03:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MXP63-P1
age: 2931
x-amz-server-side-encryption: AES256
etag: W/"c48a6ec54d501e77b70ec98cc7bfa1a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: WYRDrU1rjIEXoZqbASotaQSzSuXjb-xidox7vkTIpkJR_2mDOTujkg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 121 KB
47 KB 365ms
33ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NN54BPG

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1cc0575bd745d49db9c22623993c7f06871ee1c0448209faf503609602f4b193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48066
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Sep 2023 16:48:24 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 218 KB
77 KB 349ms
46ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KJWBF3J

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

88d4f98d1321828d2c59ac968166e5a356ba6e08ded73cad6b38fe5e2bd25260

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78974
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Sep 2023 16:48:24 GMT

GET
H2 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 125 KB
35 KB 567ms
103ms Script
application/javascript 172.67.159.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03aa80580b402aebc5e486b943a2da82ee76790993dfffc4f4a421592e2d6f57

Request headers

Referer: https://www.telegraphherald.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-response-time: 2ms
date: Fri, 15 Sep 2023 16:48:24 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 15 Sep 2023 16:36:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
x-envoy-upstream-service-time: 6
accept-ranges: bytes
cf-ray: 80725b6b1a42366f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 35338

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 513ms
54ms Script
application/x-javascript 157.240.201.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-ams4.fbcdn.net

Software

Resource Hash

66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 15 Sep 2023 16:48:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53155
x-xss-protection: 0
pragma: public
x-fb-debug: 3D1Nd1rYj9JwbWFsr0XDe5RZQg+OckXS/nPpzHJaQrEq1dqPpESyvt524tbcc00jZwMlZII6GDT4YYpVdI9mtw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tracker.gif
www.telegraphherald.com/shared-content/art/stats/common/ 0
145 B 89ms
87ms Image
image/gif 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegraphherald.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=169479650435616001200528678603069&tnms_dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&tnms_upage=1&tnms_do=www.telegraphherald.com&tnms_uri=/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&tnms_ref=&rt=1694796504359
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
x-vcache: MISS
age: 0
etag: "48f79fed-0"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 92 B
261 B 355ms
31ms Script
text/javascript 104.18.32.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.32.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce4b865cf3629aa782468de4e0c9aa7dbd539d654d90c4779613f11d55a13d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 80725b6b1a559b51-FRA
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 e42ec5cd-11f7-4d8a-a91c-74054da9c4cb Show response
config.aps.amazon-adsystem.com/configs/ 537 B
812 B 68ms
15ms Script
application/javascript 18.238.243.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/e42ec5cd-11f7-4d8a-a91c-74054da9c4cb
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-129.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: c4f4a1449fff0e667a601b7c2a9a4e3dbe306903c3047b9d21b2f6a7b05ca2e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:12:31 GMT
via: 1.1 6592b72953c66e8c26c29c332cf2edf0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P1
age: 2153
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: iSRdYoUhznbNf1gznAr_9eCYIOs34He7aAQIEwBvJvCutCAb_VW2xA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 598 B
959 B 34ms
33ms XHR
application/json 18.66.202.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.telegraphherald.com&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.202.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-202-223.mxp63.r.cloudfront.net
Software: Server /
Resource Hash: 30e4d1e0f46d3af24c1b100040fa413fd22cc1e0260bbc63017f6fbd69fa7eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 14:12:10 GMT
via: 1.1 240ebea27618238384903016b8e84168.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP63-P1
age: 9373
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 598
x-amz-cf-id: rRio8lxac7L-cc89b0ILs6dhrdNeT63d1gxrlDdVD2y4wly7pXC3mQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 212ms
65ms XHR
application/javascript 18.66.202.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.202.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-202-223.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 4f2ea10fb219db4bf9fbf41e299c3cbe.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 16:14:57 GMT
x-amz-cf-pop: MXP63-P1
age: 40483
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: KKDslOrqvKqO572C3wK4kIE0PXvJZIVuf2uC-GEenOfPe3B55BSfVA==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 138 KB
30 KB 490ms
48ms Script
text/javascript 104.22.52.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07a170a7411835031a08ba9a8499c88b73eb0e9ca71729ad3bdcfce3c4332242

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 09:30:49 GMT
server: cloudflare
x-amz-request-id: XMGCEV55DCNN0JQK
age: 1923
etag: W/"6f2e4365e45d56ebb0820172e6b3d823"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 80725b6c8cb33614-FRA
x-amz-id-2: oNQKL0R5lo+KLSo5W3+bmxpkZmLzQlm3B9Wm3uUuQK18VYTh6VAuLfWghoNc51qeh005v4aCr58=

GET
H2 200 5cd2f43a3f59c700126bad43.js Show response
buttons-config.sharethis.com/js/ 461 B
904 B 948ms
452ms Script
text/javascript 99.86.159.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5cd2f43a3f59c700126bad43.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.159.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-159-40.mxp64.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5c4a23a217e269ad2451e4668ad319a23ad3c70ec0d3d84a43d3a2564f0d3287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
via: 1.1 8b8626ca944cc316c9f369d8a33098d6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 08 May 2019 19:40:11 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C2
x-amz-server-side-encryption: AES256
etag: "4d059be5eef50cc04a77381344839252"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 461
x-amz-cf-id: o8EMPN5oOcCz-QpZKpV_9serWS3NBudT8xLJQk2uTeh97NEib03wRQ==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
410 B 215ms
73ms XHR
text/plain 3.65.41.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=www.telegraphherald.com&location=%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&product=inline-share-buttons&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&cms=unknown&publisher=5cd2f43a3f59c700126bad43&sop=true&version=st_sop.js&lang=en&description=Federal%20officials%20seek%20public%20comment%20on%20a%20draft%20of%20an%20environmental%20assessment%20for%20a%20controversial%20power%20transmission%20line%20that%20will%20span%20from%20Dubuque%20County%20to%20Dane%20County%2C%20Wis.&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.65.41.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-65-41-111.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:48:24 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://www.telegraphherald.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 83 B
330 B 611ms
100ms XHR
application/json 104.18.32.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.32.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029b26f8121f14889b98ac012ec687039b9c5f3091e8245490eb8732f805e3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 80725b6e5c7b906c-FRA
access-control-allow-headers: Content-Type

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 337ms
8ms Script
text/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 15 Sep 2023 15:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3844
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 15 Sep 2023 17:44:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 178 KB
63 KB 19ms
18ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6f3218520fb3b459db9dc11e59edcf65c53625e8df7e82a095d32f06fa83522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64790
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Sep 2023 16:48:24 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 215 KB
69 KB 19ms
19ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

30a97e877e58e281f6311f0e2d8d503ad4d4aa36ec36b08776fa9dfc7a45b668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70284
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Sep 2023 16:48:24 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/ 408 KB
129 KB 10ms
9ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

37b564138a8c782c7ef7f804054712a1bb75a63677dca0e6e186b82102aebb93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 09:37:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25876
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131633
x-xss-protection: 0
server: cafe
etag: 12671944107613252425
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 14 Sep 2024 09:37:08 GMT

GET
H/1.1 200
OK 2466856 Show response
api.secondstreetapp.com/audience_signup_widgets/ 3 KB
2 KB 465ms
110ms Script
text/javascript 54.197.229.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.secondstreetapp.com/audience_signup_widgets/2466856?callback=secondStreetOptinWidget_2466856

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-197-229-45.compute-1.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e06c1b5835373a277ddc9b512293612f0cd5cb5cd876ee5fa3ef7833c91f6864

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:48:27 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
Age: 13
X-Powered-By: ASP.NET
X-SS: 107
Connection: Keep-Alive
Content-Length: 1379
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
X-StackifyID: V2|d1365cec-3782-466e-b803-b1b36e610d1c|C69601|CD66
Cache-Control: public, max-age=600
Accept-Ranges: bytes
Expires: Fri, 15 Sep 2023 16:58:13 GMT

GET
H2 200 easy-stn-player.js Show response
embed.sendtonews.com/easy-stn-player/7.23.0-A/ 667 KB
185 KB 83ms
32ms Script
application/javascript 18.172.153.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.153.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-153-124.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66a96f40edf674bec2e02e2f466a5c6f86ea97e857450831400bf74a799b64e0

Request headers

Referer: https://www.telegraphherald.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:02 GMT
x-amz-version-id: fXuli0NAL7F_NHrM7ls.O6svOuu_MIo_
content-encoding: br
last-modified: Tue, 12 Sep 2023 00:30:30 GMT
server: AmazonS3
via: 1.1 92a4cde97ae2b38a86c628fd13f8bbb2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P5
etag: W/"9b84d321fff5c2136f52d2ca98b7456b"
age: 22
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: VWf2nJegu7v3W5J2jEEUVp8xncY0T4_1GsfcwX5S5H7d4y9CbcVs5w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 182 KB
63 KB 26ms
25ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

633eaa5a97424418b0e0484f905744c4077492749d7c0c0dd2acc890267068f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64479
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Sep 2023 16:48:24 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 105 KB
28 KB 66ms
15ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e00c6ac4a08618cf6652f6f85a79aded49f44a64575a8e69672ef752b8c435dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: bgcRC1HNK.5R9aS.uVrpg21.Xb0wYGHs
content-encoding: br
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 16:46:49 GMT
x-amz-cf-pop: FRA6-C1
age: 99
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 11 Sep 2023 18:58:34 GMT
server: AmazonS3
etag: W/"5924d8466ba0f8d645875cd19b686661"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: E0ckJZiH1VlEh_N_HBmIF6Au9kd85KqkGd8KXvtaWSx3veyjEVHLrQ==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 507ms
35ms Script
text/javascript 18.66.127.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.127.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-127-127.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date: Fri, 15 Sep 2023 05:39:43 GMT
Via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 40123
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Wed, 06 Sep 2023 03:40:59 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: f01TwzdnwTrW89RJDG_1vGkZYd_E62kw0SEMXaZbBOB6k8IQvrNWsQ==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 139 KB
30 KB 144ms
79ms Script
text/javascript 104.22.52.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 09:30:49 GMT
server: cloudflare
x-amz-request-id: DT5P65FPBPWT4SZE
age: 2841
etag: W/"1a5f44cdb786ba83a7fa05963228f464"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 80725b6c8cb43614-FRA
x-amz-id-2: V4IMDkxuvzX6e7LToXqNpV6+QpGUPejj/VCiHP67kBAUOTAkihYtGtJ5uOA7MEysgKRbWB4UiuU=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 365ms
23ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Sep 2023 16:48:25 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 69ms
13ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 19:33:05 GMT
content-encoding: gzip
age: 1804520
x-guploader-uploadid: ADPycdsJEoGEdACkPhEpLcadnh3aQlj77UDinvOmb6bbnYP4ZBIZ1c4FNa4dKEFL9W-lxAEBMvtWjPiKZu_LC3LquNuUVfFyLVER
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 24 Aug 2024 19:33:05 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 108ms
59ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 6abf6bf3c64a7011ad688b71cd49b482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 120ms
39ms Script
text/javascript 52.85.242.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.242.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-242-83.arn1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 04:47:18 GMT
content-encoding: gzip
via: 1.1 9b9ff06545217fe747384bd8b8509aa4.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: ARN1-C1
age: 43268
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: x5HH30ypukxWIeTJDbzb01tV2Z6w4GtwYe7S4xO3Ta5hsnObNLCn9w==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 354ms
28ms Script
application/javascript 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 29273
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230037-FRA, cache-yyz4557-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMFehLUDB%2BUOF0LIDoVHhQgj22cXkkDqk2FZzv10LdMm59%2BVmcQepyu6n759Lw8JMMWgA1GWMcSVpHJfZ4q7zCYO%2F2doQPkvhQAnJNi4fnHrVI5XF2gHFM7Mz70YZOsGNxc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 80725b6e9e9abb9e-FRA

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 40 KB
9 KB 63ms
21ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 04 Aug 2023 18:38:49 GMT
server: cloudflare
age: 87230
etag: W/"64cd45b9-a13f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 80725b6d1d2cbbcb-FRA
expires: Mon, 18 Sep 2023 16:48:25 GMT

GET
H2 200 / Show response
www.telegraphherald.com/tncms/access/rules/ 27 KB
4 KB 88ms
88ms XHR
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/tncms/access/rules/

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/shared-content/art/tncms/api/access.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

c6c2dadf2519b1a53072c243e563a27c55d28d46c8777856983f16b542d42b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
X-TNCMS-Access-Version: 2023-09-05 20:22:45
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 08:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30039
content-length: 3549
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Sep 2023 08:27:45 GMT
x-vcache: HIT
etag: W/cfb60643afaea26fac4441565be53896
x-frame-options: SAMEORIGIN
vary: X-TNCMS-Access-Version, Origin, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://admin-newyork1.bloxcms.com
x-tncms: 1.71.0; app11; 0.23s; 2.2M
cache-control: public, max-age=86400
accept-ranges: bytes
x-robots-tag: noarchive
access-control-allow-headers: X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User

GET
H2 200 / Show response
www.telegraphherald.com/tncms/search/recommend/ 52 KB
4 KB 87ms
87ms XHR
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/tncms/search/recommend/?app=editorial&t=article&inline=summary&preview=1&k=grant-county-wis%2Ccassville-wis

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

676e0e6f7bc86b4026194972a4fc3545fcc8d907734ca93f4ca3de4d9e85483b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3054
content-length: 3791
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Sep 2023 15:57:30 GMT
x-vcache: HIT
etag: W/c2e15ce94b6373f55b531e65d918a9ea
x-frame-options: SAMEORIGIN
vary: X-IPCountry, Accept-Encoding
content-type: application/json; charset=UTF-8
x-tncms: 1.71.0; app10; 0.27s; 3.3M
cache-control: public, max-age=10
accept-ranges: bytes
x-robots-tag: noarchive

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 253 KB
87 KB 27ms
26ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6f4b09010b9b5b4a9f54313fe0c378c8d86bf79e9b4181d4b354dfc9a7d43cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88572
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 15 Sep 2023 16:48:25 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 222 KB
67 KB 56ms
10ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:25:40 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=130768
accept-ranges: bytes
content-length: 68444
expires: Sun, 17 Sep 2023 05:07:53 GMT

GET
H2 200 / Show response
www.telegraphherald.com/tncms/search/mlt/ 12 KB
4 KB 88ms
88ms XHR
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/tncms/search/mlt/?origin=4802ccae-4e6f-11ee-a910-f3fbe99ea3ee&app=editorial&preview=1&type=article%2Ccollection%2Cvideo%2Cyoutube

Requested by

Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

3663e7471d7fff9b357d199e9cfdd2127aebb6ae050ffa83a23e1f171db5adf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3054
content-length: 3449
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Sep 2023 06:00:00 GMT
x-vcache: HIT
etag: W/918ff78a9a75c3a3da72e9b58e5f7f3c
x-frame-options: SAMEORIGIN
vary: X-IPCountry, Accept-Encoding
content-type: application/json; charset=UTF-8
x-tncms: 1.71.0; app21; 0.05s; 3.2M
cache-control: public, max-age=10
accept-ranges: bytes
x-robots-tag: noarchive

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 50 B
859 B 109ms
18ms XHR
application/json 116.202.32.62
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.32.62 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy03.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash: 29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 66

GET
H2 200 compass-multimedia-sdk.js Show response
sdk.mrf.io/statics/ 6 KB
3 KB 46ms
46ms Script
application/javascript 172.67.159.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=754
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d34178fd2e5a63ee1aeada7c11ef3f65639935fee58ba0eafa99b2b1dbd67ee3

Request headers

Referer: https://www.telegraphherald.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P2
age: 1050
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Sep 2023 09:50:56 GMT
server: cloudflare
etag: W/"e6ad3179582ae74d56c8c6309f582ea6"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
timing-allow-origin: *
cf-ray: 80725b6c8be1366f-FRA
x-amz-cf-id: 2d62k4iba9crZ9GWue0qlfvZG9D2afNpdSTmgpcw-upkRqdbW1aA8g==

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 283 KB
93 KB 31ms
31ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-1KSYYTLTZT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

859aad130388e06a010aef6544f2388f59645b4ffeeb580665615256884390cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95097
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 15 Sep 2023 16:48:25 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 3 KB
1 KB 29ms
9ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc5c9d805c7cc14cbb1c2e1b3d9c7714e97176a0634ca2542a721aa6f87a350e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: UnK3Jzx82VjmkmXiPXCq1ZNpqTk7dOLW
content-encoding: gzip
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 14:40:02 GMT
x-amz-cf-pop: FRA6-C1
age: 7704
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 29 Aug 2023 20:45:09 GMT
server: AmazonS3
etag: W/"bce4f760852ffc7e53a6ecc84f0a6d9b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: q32lhYy2gjWMQe1ZQ4Pu9EB29BFSflUOYm_FXMfzC4eSVUDbztkDWg==

GET
H2 200 / Show response
www.telegraphherald.com/tncms/access/user/ 736 B
993 B 116ms
115ms XHR
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/tncms/access/user/

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/shared-content/art/tncms/api/access.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

6aa2b1d1d1ee8541c2b2c169b34728afb06a08ca39e5f2d5a4ed145636440eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-TNCMS-Access-User: anonymous
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 395
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
x-vcache: MISS
x-frame-options: SAMEORIGIN
vary: X-TNCMS-Access-User, X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://admin-newyork1.bloxcms.com
x-tncms: 1.71.0; app13; 0.02s; 1M
cache-control: private, max-age=3600, must-revalidate
accept-ranges: bytes
x-robots-tag: noarchive
access-control-allow-headers: X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1329857520488846 Show response
connect.facebook.net/signals/config/ 489 KB
134 KB 196ms
195ms Script
application/x-javascript 157.240.201.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1329857520488846?v=2.9.127&r=stable&domain=www.telegraphherald.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-ams4.fbcdn.net

Software

Resource Hash

ecadd5e05e21cee2f29ac9136fc2dfa15269b78b8be566bae9f08a061f3422e5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 15 Sep 2023 16:48:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: cvsfw3jtbLmrfd9UPbf47Nh8aueB0UDSxXG/IOiGhBtBUcDQwHXxiJVywICRf1hs2yEYRrblsZIBe7uP7t0Fqw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 187621-164323601241456.js Show response
js-sec.indexww.com/ht/p/ 33 KB
12 KB 62ms
26ms Script
text/javascript 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 15 Sep 2023 16:30:35 GMT
server: cloudflare
age: 1027
etag: W/"9022b2-856b-605684fe90ed4"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 80725b6dade74d1f-FRA
expires: Fri, 15 Sep 2023 20:48:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 450ms
47ms Stylesheet
text/css 172.217.18.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f106.1e100.net

Software

ESF /

Resource Hash

d7133c07da0d7df5ae3d5fe3ff8a67982a5af918e7ec147af765f1ba7e14b641

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 16:41:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 16:48:25 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
439 B 454ms
52ms Stylesheet
text/css 172.217.18.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f106.1e100.net

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 16:48:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 16:48:25 GMT

GET
H2 200 OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 20 KB
5 KB 346ms
15ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9818001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4023
last-modified: Wed, 16 Dec 2020 13:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fda05e7-4e34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KNwRbkEXpar4d7Kson%2BjqPyjdA3nTmHxOaOM%2F4M84Yrv9JpzE4u5ILA03RqrySLbnLi%2FDiCqjka0BhYS264No%2ByjmBd1%2FdQ42K8oPhOr3O0sV8sjtbibXv4RfRAlsh%2FuGubbOWQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80725b6fa8465b26-FRA
expires: Wed, 04 Sep 2024 16:48:25 GMT

GET
H2 200 OverlayScrollbars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame B1D7 53 KB
20 KB 344ms
24ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 10006476
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20502
last-modified: Wed, 16 Dec 2020 13:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fda05e7-d208"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnRjSahRz40nAX4abKUP0cADcbx2Re6gywnuQ9auOXUWQfgQg4U8KCFn0t6njHDMF1j%2BgufhrcZ1NCUnovpQ2Y3B3UNdjeXBOVQ8dCMrx3v0SiXBnS%2FWKHVNB%2BhMW6dtmznZTjgu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80725b6fa8485b26-FRA
expires: Wed, 04 Sep 2024 16:48:25 GMT

GET
H2 200 prebid.js Show response
embed.sendtonews.com/library/prebid/8.5.0/ Frame B1D7 356 KB
114 KB 32ms
32ms Script
application/javascript 18.172.153.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.153.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-153-124.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e53c57c02bc1893290ace288f875fb7f24ecd07008077da5e9751f51040907e

Request headers

Referer: https://www.telegraphherald.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: uMY2CXxBwlQN5uztKTa9X5zGVYToi.n.
content-encoding: gzip
via: 1.1 92a4cde97ae2b38a86c628fd13f8bbb2.cloudfront.net (CloudFront)
date: Thu, 14 Sep 2023 19:26:39 GMT
last-modified: Tue, 25 Jul 2023 22:19:16 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-P5
age: 76907
etag: W/"1d52ceae543e767ce76cb49d8c52ac94"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: G8BkvxKk-tFvY5tY_1CHx0Yc_qj12VjG9JYVogIX4x4roCU3Ao7tRw==

GET
H2 200 comScore.gt.min.js Show response
embed.sendtonews.com/library/streamsense/6.3.4.190424/ Frame B1D7 335 KB
60 KB 25ms
24ms Script
application/javascript 18.172.153.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.153.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-153-124.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Referer: https://www.telegraphherald.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: ..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
content-encoding: gzip
via: 1.1 92a4cde97ae2b38a86c628fd13f8bbb2.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 02:02:46 GMT
last-modified: Thu, 13 Apr 2023 16:36:13 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-P5
age: 53140
etag: W/"4a51b8991a6b67323936c2eb62e3518e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 6dGLIIyOAGcIQtnZuqsZPEF2Xww6Pb8T4HbRgZkpNcKl5TRaiXw27g==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 357 KB
123 KB 426ms
41ms Script
text/javascript 216.58.206.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f10.1e100.net

Software

sffe /

Resource Hash

02f8c15ba65b0ae9db6f957d28f9ae1adbc048090cca772bec7301451a8c1dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125468
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:48:25 GMT

GET
H2 200 reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 1 KB
1 KB 56ms
13ms Image
image/png 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 10:48:58 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 21568
etag: "cb93bb50e5d021cc38de445a672c18a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1094
x-amz-cf-id: JyQUS66Pag3WPiuPp5Yy4bk9jUa1ZxnZV7g2jWqUSZC2OUb8oBOkCg==

GET
H2 200 facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 322 B
654 B 57ms
14ms Image
image/png 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:04:08 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 6261
etag: "311cf2edc46e82f2a6911332b7db54e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 322
x-amz-cf-id: fgj79scjsaz_b63SHiHNUpc2xr9ktzK0wuu8XpMVjj4oU-uRigzHqw==

GET
H2 200 twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 832 B
1 KB 31ms
14ms Image
image/png 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 20:37:01 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 72685
etag: "8be584e844dabfe22970a0cb943c047e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 832
x-amz-cf-id: AzbVDN8sHVEgga3C_N4dNPqRMOOfVr6PueknzGqKBovz-jlhW1Qs6w==

GET
H2 200 email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 773 B
1 KB 12ms
11ms Image
image/png 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 09:15:49 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 27158
etag: "4bd445ddc3f9d6101690e15cfc1a04f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 773
x-amz-cf-id: Dcl7pqzxBMdiX4lkkY9ePDr853DQ9BOBHiBIIVDRwUkQ85VGoDGPjA==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame B1D7 249 KB
61 KB 29ms
28ms Script
application/javascript 18.66.202.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.202.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-202-223.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:59:34 GMT
content-encoding: gzip
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 240ebea27618238384903016b8e84168.cloudfront.net (CloudFront)
last-modified: Thu, 14 Sep 2023 19:03:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MXP63-P1
age: 2932
x-amz-server-side-encryption: AES256
etag: W/"c48a6ec54d501e77b70ec98cc7bfa1a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: adSHjWEBxjDgTzLVABpsdiHatiN7MfOvNtwyDiRX9g3toJOjxIqb_w==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
187 B 422ms
128ms Ping
image/gif 3.215.72.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=B2_wfQgnfwIDfn9h&instance=492445&version=7.23.0-A&age=230915&cmd=PRE_INIT&key=dtKKcuXb&seq=1&order=1&vIndex=0&absoluteTime=1744.5&relativeTime=0.2&canonical=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&serverHost=embed.sendtonews.com
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.72.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-72-221.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 data_read.php Show response
embed.sendtonews.com/player4/ 34 KB
6 KB 143ms
142ms Fetch
text/html 18.172.153.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=B2_wfQgnfwIDfn9h&instance=492445&version=7.23.0-A&age=230915&ESG_key=dtKKcuXb&type=FULL&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ogSet=1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.153.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-153-124.lhr50.r.cloudfront.net
Software: Apache /
Resource Hash: 41cecaa038154ac137aec8f90bb941a0dc641e6a661c0aebbb330b0213e23229

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
via: 1.1 92a4cde97ae2b38a86c628fd13f8bbb2.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: LHR50-P5
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1
alt-svc: h3=":443"; ma=86400
content-length: 5707
x-amz-cf-id: Ws4MUXclKRCXUFbdmpD0yzC_rLhNYf6yNuOP0N52O5hj5IsAiTalig==
expires: Fri, 15 Sep 2023 16:48:26 GMT

GET
H2 200 650217314748a.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/4/b7/4b71b763-05ea-5d87-9e93-16b3dfad15f9/ 9 KB
9 KB 111ms
110ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/4/b7/4b71b763-05ea-5d87-9e93-16b3dfad15f9/650217314748a.image.jpg?resize=200%2C133

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12bf21c79afd1b745b995feab05907b5a6dd4c6e0c6bf081e6a062fd7159874f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=9009, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 Sep 2023 20:10:30 GMT
server: cloudflare
x-vcache: MISS
etag: "95ac0ea2274017c03953370d6412bbd9"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b6dbe9e91fb-FRA
expires: Fri, 13 Sep 2024 00:48:12 GMT

GET
H2 200 64f6443e86149.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/b/7b/b7b05890-5c91-5827-9dc8-db083b9b5f04/ 11 KB
11 KB 127ms
127ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/b/7b/b7b05890-5c91-5827-9dc8-db083b9b5f04/64f6443e86149.image.jpg?resize=200%2C281

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

949707c119839bdedeeeb963c8badded3ad424efac94952ebdf30b85236708b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=11190, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 11006
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Sep 2023 20:55:28 GMT
server: cloudflare
x-vcache: MISS
etag: "b1a0c1bed2b1a547d2e2eeb26bba7891"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 80725b6dbe9f91fb-FRA
expires: Tue, 03 Sep 2024 21:45:23 GMT

POST
H2 200 recirculation.php Show response
events.newsroom.bi/ 12 B
724 B 16ms
15ms XHR
application/json 116.202.32.62
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/recirculation.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.32.62 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy03.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash: a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

POST
H2 204 collect
region1.analytics.google.com/g/ 0
260 B 350ms
16ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je39d0&_p=221444608&_gaz=1&cid=1541614084.1694796505&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&sid=1694796505&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_id=4802ccae-4e6f-11ee-a910-f3fbe99ea3ee&ep.canonical_url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ep.content_type=article&ep.canonical_content_id=4802ccae-4e6f-11ee-a910-f3fbe99ea3ee&ep.content_publish_date=2023-09-13T01%3A00%3A00-05%3A00&ep.content_group=%2Fnews&ep.townnews_crm_group_id=216&ep.generator=BLOX&ep.generator_version=1.71.0&ep.content_author_id=7c1716e6-b03f-11ec-b276-c312f26f2490&ep.content_author_eh=2ef1bfd93cef32b5a8ee3f22846ac721a2a5f2187b77c965c1e27e2dd4ad5bc2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 369ms
22ms Ping
text/plain 108.177.15.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=1541614084.1694796505&gtm=45je39d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wr-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 375ms
47ms Image
image/gif 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4T2EB147B8&cid=1541614084.1694796505&gtm=45je39d0&aip=1&z=1900979279

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 650217314748a.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/4/b7/4b71b763-05ea-5d87-9e93-16b3dfad15f9/ 23 KB
23 KB 126ms
125ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/4/b7/4b71b763-05ea-5d87-9e93-16b3dfad15f9/650217314748a.image.jpg?crop=1763%2C992%2C0%2C92&resize=400%2C225&order=crop%2Cresize

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06e9e2a54730b14b0b1428035793a435b80908dff97d12041475db03626b050b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=23736, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 Sep 2023 20:10:30 GMT
server: cloudflare
x-vcache: MISS
etag: "ef289f37513502c9d6248e1abaa04278"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 80725b6ecfbb91fb-FRA
expires: Fri, 13 Sep 2024 06:29:14 GMT

GET
H2 200 64f6443e86149.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/b/7b/b7b05890-5c91-5827-9dc8-db083b9b5f04/ 4 KB
5 KB 127ms
127ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/b/7b/b7b05890-5c91-5827-9dc8-db083b9b5f04/64f6443e86149.image.jpg?crop=332%2C189%2C0%2C139&resize=200%2C114&order=crop%2Cresize

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

866258ed4fb10a76634dc36a39641c59f865581add83d5816c5461a2a06f5d20

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=5291
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="64f6443e86149.webp"
content-length: 4518
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Sep 2023 20:55:28 GMT
server: cloudflare
x-vcache: MISS
etag: "749c10e3bff9d4a2841617334b32d162"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 80725b6ecfbc91fb-FRA
expires: Wed, 04 Sep 2024 07:47:31 GMT

GET
H2 200 764f46ed0012a3900512.js Show response
sdk.mrf.io/statics/ 45 KB
11 KB 55ms
55ms Script
application/javascript 172.67.159.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/764f46ed0012a3900512.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35faab1d07b33795967a3a1ba80cb5f15a6986b031ae84cefc3a4338076c5b8d

Request headers

Referer: https://www.telegraphherald.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
via: 1.1 8c1abfbb8460bed752668233d296dba8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: MUC50-P1
age: 1049
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Sep 2023 09:50:56 GMT
server: cloudflare
etag: W/"ef3afb0961b22b67b10ea1548e874ec0"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
timing-allow-origin: *
cf-ray: 80725b6ede8d366f-FRA
x-amz-cf-id: Wn7weJSe5p0ifRasBFOVZjFlSzhqH1QGATBWsfA4r87aIhgxM3yxSg==

POST
H2 200 / Show response
www.telegraphherald.com/tncms/access/meter/ 418 B
788 B 113ms
112ms Fetch
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/tncms/access/meter/

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/shared-content/art/tncms/api/access.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

6124aae08ac375883ddc4cfe0b6502e6855da0d6f8213003aae315fa749a0e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 258
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
x-vcache: MISS
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST
content-type: application/json; charset=UTF-8
x-tncms: 1.71.0; app1; 0.01s; 0.9M
cache-control: private, no-cache, no-store, max-age=0
vary: X-IPCountry, Accept-Encoding
x-robots-tag: noarchive
access-control-allow-headers: X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
410 B 44ms
13ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

6348e8233c5667225c0983e99a6dd951d0b1691700dcc68ca0ff5db3e6647a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.telegraphherald.com
date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 ajs-destination.bundle.0f003b5e4b03680982b4.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 9ms
9ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.0f003b5e4b03680982b4.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 01:33:37 GMT
x-amz-version-id: _H9yZPSmslU0Ha7Pi0hl0RDILCgEno6Z
content-encoding: br
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 5757289
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Jul 2023 00:08:20 GMT
server: AmazonS3
etag: W/"5c08e208387787e375df16faad0e6cd2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: QC1QW3467sb_ezq5ck1-lXB7K4NMescMF1P_vlZjRZqnwnMFkI420w==

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
332 B 157ms
34ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.telegraphherald.com
date: Fri, 15 Sep 2023 16:48:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
445 B 400ms
59ms XHR
application/json 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 241ms
17ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1KSYYTLTZT&gtm=45je39d0&_p=221444608&_gaz=1&cid=1541614084.1694796505&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&sid=1694796505&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.item_id=4802ccae-4e6f-11ee-a910-f3fbe99ea3ee&ep.author=Telegraph%20Herald&ep.published_time=2023-09-13T06%3A00%3A00Z&ep.cms_product=BLOX&ep.cms_version=1.71.0&ep.content_group=%2Fnews&ep.content_type=article
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-1KSYYTLTZT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 260ms
23ms Ping
text/plain 108.177.15.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1KSYYTLTZT&cid=1541614084.1694796505&gtm=45je39d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-1KSYYTLTZT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wr-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 265ms
47ms Image
image/gif 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1KSYYTLTZT&cid=1541614084.1694796505&gtm=45je39d0&aip=1&z=1402567729

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202209.1.0/ 376 KB
90 KB 28ms
27ms Script
application/javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 229oLfugqvtMNLM3e0uPaA==
age: 41672
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 91423
x-ms-lease-status: unlocked
last-modified: Tue, 11 Oct 2022 04:36:30 GMT
server: cloudflare
etag: 0x8DAAB422B1E6529
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9d360d5a-501e-00e4-32e1-5acbec000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80725b6fa95c380f-FRA

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
340 B 114ms
31ms XHR
application/json 52.209.147.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.147.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-147-201.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0ab8ad22c008c1739653ca8c35b9e0e3074e70e09f73716466a0d981a6352255

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:25 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache
x-server: 10.45.29.5
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
173 B 794ms
177ms XHR
application/json 50.16.31.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.telegraphherald.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.31.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-31-29.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.telegraphherald.com
date: Fri, 15 Sep 2023 16:48:26 GMT
access-control-allow-credentials: true
server: nginx/1.22.0
content-length: 2
vary: Origin
content-type: application/json

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
396 B 125ms
39ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 83d284fd936c9436c0cb859f6122a2dbd49e32b6482608e8f7b55560d6419780

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.telegraphherald.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 15 Oct 2023 16:48:25 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
357 B 166ms
53ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.telegraphherald.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H/1.1 200 v2 Show response
id5-sync.com/gm/ 276 B
694 B 32ms
11ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v2

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

175cc2540ec2a4d8c4c883c174a65020447d152c96220b0347f1ec6c56ac308e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.telegraphherald.com
date: Fri, 15 Sep 2023 16:48:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ Frame F66B 2 KB
519 B 84ms
52ms Stylesheet
text/css 172.217.18.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,700

Requested by

Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f106.1e100.net

Software

ESF /

Resource Hash

09430f3620f6c275e8b1549a197d320593921568230a827421e64ad31c2b9041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 16:48:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 16:48:25 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DF45 15 KB
6 KB 510ms
54ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.telegraphherald.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.telegraphherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:48:25 GMT
server: Kestrel
server-processing-duration-in-ticks: 285212
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame B1D7 6 KB
3 KB 51ms
51ms XHR
application/javascript 18.66.202.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.202.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-202-223.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 4f2ea10fb219db4bf9fbf41e299c3cbe.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 16:14:57 GMT
x-amz-cf-pop: MXP63-P1
age: 40484
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: l16ixCpXcY31T7sdCRk_Ww4OkuHtHB-J6xiUYPChMCxOFpm-_Gx-IQ==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 345ms
9ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1329857520488846&ev=PageView&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&rl=&if=false&ts=1694796505607&sw=1600&sh=1200&v=2.9.127&r=stable&ec=0&o=30&fbp=fb.1.1694796505605.2054226001&cs_est=true&it=1694796505139&coo=false&rqm=GET

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 15 Sep 2023 16:48:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 6c3f03cd-6fa8-4477-ac05-2c0f4f8da092 Show response
config.aps.amazon-adsystem.com/configs/ Frame B1D7 537 B
810 B 16ms
16ms Script
application/javascript 18.238.243.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-129.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1856d9b5b6bab37b309b28fe14f3de828d2997daa7e80b31da276ff234c3a8f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:34:54 GMT
via: 1.1 6592b72953c66e8c26c29c332cf2edf0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P1
age: 811
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: H2XHC4ek0x-r_D4Xt3TTnpROGdgz0xfVlv15m29dkOgnFt6OdReMgA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame B1D7 1 KB
1 KB 40ms
40ms XHR
application/json 18.66.202.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.telegraphherald.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.202.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-202-223.mxp63.r.cloudfront.net
Software: Server /
Resource Hash: 7d14d434794d4b7d3ec2cd2a97263773a8dd35b8da5302fe99d3dfb604c6fb91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:45:40 GMT
via: 1.1 240ebea27618238384903016b8e84168.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP63-P1
age: 3764
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1110
x-amz-cf-id: w1rogI_ggTXXQd0nP7V4S-Md4Lyr5d19qUbeKFE77Sh88HFgEvCSFg==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 136ms
136ms Ping
image/gif 3.215.72.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=B2_wfQgnfwIDfn9h&instance=214492445&version=7.23.0-A&age=230915&cmd=GET&key=dtKKcuXb&c_id=13403&seq=1&order=2&vIndex=0&absoluteTime=2160.6&relativeTime=416.3&canonical=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&playerCfg=FP&playerType=FULL&serverHost=embed.sendtonews.com
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.72.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-72-221.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 0.js Show response
player.sendtonews.com/bidderFiles/ 5 KB
2 KB 259ms
57ms Script
application/javascript 108.138.189.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/bidderFiles/0.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.189.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-189-25.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba005884302c65983e86c49afd2e6bf0d3ca60166c861ee2888d716ceed13e02

Request headers

Referer: https://embed.sendtonews.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: UQ7kWi2taw0bordMiyKDP_I_ByXqD8Mm
content-encoding: br
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront), 1.1 645f43b8717568c0a4b2c8f32ab504dc.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 03:43:37 GMT
x-amz-cf-pop: FRA56-P7, MXP64-P1
age: 47094
x-cache: Hit from cloudfront
last-modified: Thu, 07 Sep 2023 23:03:22 GMT
server: AmazonS3
etag: W/"25b745fa0d93d47bf009a28d8bcdf8d6"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id: jEKZL9upr4s8_eAUN-YxGPknykH8szAFhxsnKs4GITb-YtBCvNQlFw==

GET
H2 200 cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 28 KB
28 KB 39ms
16ms Image
image/jpeg 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d25b6f68b62ccf7af555bfafedb3d5a4764a5563ca6f13f5492593bc42091555

Request headers

Referer: https://www.telegraphherald.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 04:58:47 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 42578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 28378
last-modified: Fri, 15 Sep 2023 04:50:05 GMT
server: AmazonS3
etag: "1be2c645ae824059733921f72445310a"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: H6XU007zjetbsTlrQSYegJ0GZYYpV3QTJu9TYQXmaw2gr2RxchbAEQ==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 138ms
137ms Ping
image/gif 3.215.72.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=B2_wfQgnfwIDfn9h&instance=214492445&version=7.23.0-A&age=230915&cmd=RTP&key=dtKKcuXb&c_id=13403&seq=1&order=3&vIndex=0&absoluteTime=2163.6&relativeTime=419.3&sC_ID=4711&sm_id=3000503&load=1&status=LVFNSNIY&ac_id=2008&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&playerCfg=FP&playerType=FULL&DS=found
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.72.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-72-221.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
19 KB 340ms
10ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:21:06 GMT
x-content-type-options: nosniff
age: 80840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18628
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:21:06 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 330ms
16ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 07:35:16 GMT
x-content-type-options: nosniff
age: 33190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Sep 2024 07:35:16 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 283ms
30ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

ESF /

Resource Hash

aacede08eec2bdcf96fbd7e1d841798a95df694ae2a9975e151c4d4abde9c880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 15 Sep 2023 16:48:26 GMT

POST
H2 200 rfv.php Show response
compassdata.mrf.io/ 27 B
479 B 77ms
19ms XHR
application/json 116.202.32.62
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://compassdata.mrf.io/rfv.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.32.62 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy03.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash: 79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary8H1ykm11ksIFuxlq

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 42

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame B1D7 54 KB
17 KB 61ms
16ms Script
application/javascript 2.20.217.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.217.188 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-217-188.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Fri, 15 Sep 2023 17:03:25 GMT

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ Frame B1D7 24 KB
8 KB 22ms
22ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e102f8fcda630190f1eaccad78339089dbdc4de850ac6bca7bd057db23d36e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 04 Aug 2023 18:38:36 GMT
server: cloudflare
age: 87229
etag: W/"64cd45ac-60bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 80725b70eb55bbcb-FRA
expires: Mon, 18 Sep 2023 16:48:25 GMT

GET cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame B1D7 0
0

GET cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 0
0

GET cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame B1D7 0
0

GET cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 0
0

GET cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame B1D7 0
0

GET
H2 200 cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 28 KB
28 KB 24ms
24ms Image
image/jpeg 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d25b6f68b62ccf7af555bfafedb3d5a4764a5563ca6f13f5492593bc42091555

Request headers

Referer: https://www.telegraphherald.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 04:58:47 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 42578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 28378
last-modified: Fri, 15 Sep 2023 04:50:05 GMT
server: AmazonS3
etag: "1be2c645ae824059733921f72445310a"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: LVxq_G2iyQiHXOOqw3uHunXCwp_QaaIgjG8ZzD71izoaG1P2piOckg==

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 10ms
9ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 00:10:37 GMT
x-amz-version-id: MniMHHUYFjJc54scO3EWeBryCREtRHVz
content-encoding: br
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 14056669
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 06 Apr 2023 00:06:35 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: iBNoZtsz4GgFfmibqiFASOaOl_cGGxD2RyHDk_7F4dpehYJGJATSGw==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/62f59fd0-d7e3-438f-9ad5-b01d90539a49/ea56b807-a9bd-4840-a986-27a00bc3b66e/ 54 KB
12 KB 84ms
83ms Fetch
application/x-javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/62f59fd0-d7e3-438f-9ad5-b01d90539a49/ea56b807-a9bd-4840-a986-27a00bc3b66e/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

403b2909c28a9ec15859414656330bb266efccf0a660631faa249fe3945c2971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 52951
content-md5: 7kDwGG0M5FVG2rnvsURDLg==
content-length: 11585
x-ms-lease-status: unlocked
last-modified: Mon, 26 Sep 2022 04:01:12 GMT
server: cloudflare
etag: 0x8DA9F73C02BF97B
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5272b98b-001e-0030-21b8-a582cc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80725b712f209b5e-FRA
expires: Sat, 16 Sep 2023 16:48:25 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 54 B
320 B 265ms
76ms Fetch
application/json 34.241.2.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=273646

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.241.2.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-2-182.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=931536000; includeSubDomains
server: envoy
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.telegraphherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 54

GET sync
trends.revcontent.com/ 0
0

GET
H2 200 bridge3.589.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4D48 722 KB
232 KB 276ms
275ms Document
text/html 216.58.206.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f10.1e100.net

Software

sffe /

Resource Hash

9ea746bcaeb49d78462db0b0740de88e2f00bf5f492e14e65a5e811b45ee0220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.telegraphherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 83532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236935
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 17:36:14 GMT
expires: Fri, 13 Sep 2024 17:36:14 GMT
last-modified: Wed, 13 Sep 2023 16:17:11 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 630ms
121ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Sep 2023 16:48:26 GMT

GET
H2 200 0n08o08on1s95660r3072825o1nq9p2nplaylist.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 291 B
868 B 12ms
12ms XHR
application/x-mpegurl 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/0n08o08on1s95660r3072825o1nq9p2nplaylist.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f84986cd37501551e51910f93ed011a5a0ca71eadd20b3618796212a89023fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 04:58:47 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 42579
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 291
last-modified: Fri, 15 Sep 2023 04:51:24 GMT
server: AmazonS3
etag: "7efdd61158e4e6c637db35b61a6eface"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: OlN0DlcAl0Z1-hnV3yB-XlKb4Yg9pZngqtgo93dpGtua1Cv-itMiSQ==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 145ms
144ms Ping
image/gif 3.215.72.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=B2_wfQgnfwIDfn9h&instance=214492445&version=7.23.0-A&age=230915&cmd=IMA&key=dtKKcuXb&c_id=13403&seq=1&order=4&vIndex=0&absoluteTime=2351.6&relativeTime=607.3&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&playerCfg=FP&recoveryMethod=NONE&imaVersion=3.589.0&blocked=false&recovered=false&hasAdParams=true
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.72.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-72-221.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D873 40 KB
14 KB 12ms
11ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 15 Sep 2023 17:22:16 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ 2 KB
2 KB 391ms
42ms Fetch
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C55274853%2Ftelegraphherald-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2631244&vid=3000503&us_privacy=false&cust_params=sessionKey%3D214492445-B2_wfQgnfwIDfn9h%26schain%3Dstnvideo.com%2CSTN_0004186%26content%3D4711%26placementType%3DPremium%26embed%3DdtKKcuXb%26domain%3Dtelegraphherald.com%26player_size%3Dsmall%26player_width%3D930%26player_height%3D523%26player_type%3Dfull%26version%3D7.23.0-A%26player_status%3DLVFNSNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00014%26rand%3D7%26uhr%3D18%26iris_id%3Diris_b2771a5f53336ec9%26iris_context%3Dic_5619313%2Cic_3332335%2Cic_9233810%2Cic_0858141%2Cic_3003652%2Cic_1295502%2Cic_2291553%2Cic_3572470%2Cic_6703731%2Cic_2407074%2Cic_8328276%2Cic_1543298%2Cic_0344266%2Cic_5043113%2Cic_3890383%2Cic_8555203%26us_privacy%3Dfalse%26keywchk%3Dok

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

0dd308451bee19575d3290900c85b33f8efbff5775de1515ffdfcc93553f0c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1019
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 multimedia.php
events.newsroom.bi/ 12 B
0 44ms
17ms Fetch
application/json 116.202.32.62
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/multimedia.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/764f46ed0012a3900512.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.32.62 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy03.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
374 B 368ms
19ms XHR
application/json 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f14.1e100.net

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 0n08o08on1s95660r3072825o1nq9p2n.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 324 B
901 B 12ms
12ms XHR
application/x-mpegurl 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/0n08o08on1s95660r3072825o1nq9p2n.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dcf66f5ef082d7fd5259bc85352f7ce595fa2bf76fd51c2aec0ff6cb91db43c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 04:58:48 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 42578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 324
last-modified: Fri, 15 Sep 2023 04:51:32 GMT
server: AmazonS3
etag: "e0caac5bdf0e177c69940dfe9e392727"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 2cutsPViwNx7oyQi0a0CEEnlzu9nLTu97C1Fopj6A_LVfneCVwVkzA==

GET
H2 200 ospro135q92r5ns5o7n8s680582q8074base.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 694 B
1 KB 11ms
10ms TextTrack
text/vtt 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ospro135q92r5ns5o7n8s680582q8074base.en.vtt
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4369dba0d40345e88549c3e75afc75ab9b2b7eae4c5723f926d5910e9d87de87

Request headers

Referer: https://www.telegraphherald.com/
Origin: https://www.telegraphherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 04:58:47 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 42579
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 694
last-modified: Fri, 15 Sep 2023 04:52:23 GMT
server: AmazonS3
etag: "7d32e8fcc30cb98840564a94dbbb840b"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: text/vtt
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges: bytes
x-amz-cf-id: zOHXOSWICHL9WJikxWG_P-T2JxHPTalk_5ZeQV3RTNYX8n_BAwkmXQ==

GET
H2 200 0n08o08on1s95660r3072825o1nq9p2n-00001.ts Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 417 KB
419 KB 13ms
12ms XHR
video/mp2t 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/0n08o08on1s95660r3072825o1nq9p2n-00001.ts
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90e730b1fa0b9e32904fe429040d0be24a9f4dd191bdf1f74e5d39aa9e96cde2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 04:58:49 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 42577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 427512
last-modified: Fri, 15 Sep 2023 04:51:32 GMT
server: AmazonS3
etag: "e618e031f607c5e5223ac92eac7e0b19"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp2t
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: efYMHDYRvWPO09YWdShZHFBeTZowIzocOy2qBgJEgfLQp2m0fkcuTg==

GET envelope
lexicon.33across.com/v1/ Frame B1D7 0
0

GET
H2 200 / Show response
www.telegraphherald.com/tncms/dmp/segment_audiences/ 80 B
525 B 402ms
402ms Fetch
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/tncms/dmp/segment_audiences/?anonymous_id=1cdf4e00-3f74-4d7c-95e3-e0327e5978f4

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

313f39f8b90f51fd04e2708370e21674be8444df480db62d87382f85ad4e77cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
X-Requested-Feature: geoip
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 85
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Sep 2023 16:48:25 GMT
x-vcache: MISS
etag: W/669232951a0fdd7f7260cd7d7ff5df73
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=UTF-8
x-tncms: 1.71.0; app20; 0.31s; 1M
cache-control: public, max-age=300
accept-ranges: bytes
x-robots-tag: noarchive

GET
H2 200 / Show response
www.telegraphherald.com/tncms/dmp/segment_audiences/ 80 B
524 B 403ms
402ms Fetch
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/tncms/dmp/segment_audiences/?anonymous_id=1cdf4e00-3f74-4d7c-95e3-e0327e5978f4

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

313f39f8b90f51fd04e2708370e21674be8444df480db62d87382f85ad4e77cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
X-Requested-Feature: geoip
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 85
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Sep 2023 16:48:25 GMT
x-vcache: HIT
etag: W/669232951a0fdd7f7260cd7d7ff5df73
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=UTF-8
x-tncms: 1.71.0; app20; 0.31s; 1M
cache-control: public, max-age=300
accept-ranges: bytes
x-robots-tag: noarchive

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/ 9 KB
3 KB 109ms
108ms Fetch
application/json 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d94edd219d965011aa7c423435675f8fc3aba340d1d2a45840c88592b922dbf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Nv59uF4L5Erbm99maFPLHA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2612
x-ms-lease-status: unlocked
last-modified: Tue, 11 Oct 2022 04:36:22 GMT
server: cloudflare
etag: 0x8DAAB42260C012D
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0e8bf8bc-d01e-00b1-49f5-5a209b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80725b7208539b5e-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/v2/ 63 KB
14 KB 64ms
64ms Fetch
application/json 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33939bb9d827d73e58f184dd1b06e5024b34d62373bd41ce2aea6058d62aa902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: MrbBPvSp/nr/pc7Rs9pb+g==
age: 9374
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14053
x-ms-lease-status: unlocked
last-modified: Tue, 11 Oct 2022 04:36:23 GMT
server: cloudflare
etag: 0x8DAAB42272E5DAC
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 228c93c2-701e-0130-73c6-c0c499000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80725b7208579b5e-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/ 5 KB
2 KB 67ms
67ms Fetch
application/json 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: chhUbr1lo8VfhnCyj4C/QQ==
age: 9374
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1767
x-ms-lease-status: unlocked
last-modified: Tue, 11 Oct 2022 04:36:23 GMT
server: cloudflare
etag: 0x8DAAB4226B08D84
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 802faa02-f01e-016e-58e1-5a379a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80725b7208599b5e-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/ 22 KB
5 KB 88ms
88ms Fetch
text/css 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:48:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: B55i3ZY9miZIaUrwjufy0w==
x-ms-lease-status: unlocked
last-modified: Tue, 11 Oct 2022 04:36:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6f5573a8-001e-00d5-7de1-5a903b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80725b72085a9b5e-FRA

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
180 B 657ms
216ms Fetch
application/json 34.223.74.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.223.74.168 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-223-74-168.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.telegraphherald.com
date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 0n08o08on1s95660r3072825o1nq9p2n.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 326 B
903 B 11ms
11ms XHR
application/x-mpegurl 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/0n08o08on1s95660r3072825o1nq9p2n.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4455371fc3773f5c1738b4aabd050eeb99bfb4c6278698a5e6f2fa3b99ebf43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 04:58:50 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 42576
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 326
last-modified: Fri, 15 Sep 2023 04:51:32 GMT
server: AmazonS3
etag: "dacaae32767109092a002ecaffbfcb25"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: GPiTzAgOehdrm16au9_MTtQq2k5FDLs1B4k_xumKH0Vc4Edb_6_WyQ==

POST
H2 200 recirculation.php Show response
events.newsroom.bi/ 12 B
724 B 16ms
15ms XHR
application/json 116.202.32.62
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/recirculation.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.32.62 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy03.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash: a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:48:25 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

POST
H2 204 api-errors
yeet.revcontent.com/yeet/events/ 0
0 35ms
34ms Fetch 34.241.2.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/api-errors
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.241.2.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-2-182.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://www.telegraphherald.com
date: Fri, 15 Sep 2023 16:48:26 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
server: envoy
vary: Origin

OPTIONS
H2 200 api-errors
yeet.revcontent.com/yeet/events/ Frame 0
0 140ms
35ms Preflight 34.241.2.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/api-errors
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.241.2.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-2-182.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.telegraphherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.telegraphherald.com
content-length: 0
date: Fri, 15 Sep 2023 16:48:26 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
x-rc-region: eu-west-1c

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/afd1b6e5/www-widgetapi.vflset/ 209 KB
65 KB 9ms
9ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/afd1b6e5/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

200d2ad791858632f23e69eb768c5dd5bb8686158b5350c21f6237fc295b73ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:42:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65996
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 20:30:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 14 Sep 2024 16:42:35 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 telegraph-herald-horizontal-masthead.jpg
cdn.cookielaw.org/logos/94c60bf3-3eae-413b-b590-8270e0fb8490/477ec75b-8127-4b20-a42e-9f01cab7d0bd/227d63ca-b0a4-4b6f-a3c9-2293cdd5a658/ 43 KB
43 KB 41ms
40ms Image
image/jpeg 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/94c60bf3-3eae-413b-b590-8270e0fb8490/477ec75b-8127-4b20-a42e-9f01cab7d0bd/227d63ca-b0a4-4b6f-a3c9-2293cdd5a658/telegraph-herald-horizontal-masthead.jpg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a99ab7cb2c846dc63dc21c00c8eab1f9bbae618ef4a3b2b648a86d9855f80b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9v2G71U22mhDtZ9aJ9vQDQ==
age: 18723
content-length: 43668
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 12 Aug 2022 19:22:29 GMT
server: cloudflare
etag: 0x8DA7C97FF5221F9
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 6fa687f4-d01e-00f5-2ff5-5afcf7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80725b72fda9380f-FRA

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 30ms
29ms Image
image/svg+xml 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: LpuayL42jB78xRllx0vkOw==
age: 82744
x-ms-lease-status: unlocked
last-modified: Tue, 12 Sep 2023 06:30:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: bee69039-701e-0025-29c3-e590ff000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80725b72fdae380f-FRA

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame DF45 443 B
567 B 52ms
52ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=telegraphherald.com&sn=ChromeSyncframe&so=0&topUrl=www.telegraphherald.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.telegraphherald.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5d7009e670cd9d02c099149b89663d102d1e4ef22d661ac0d85a28ace6c5d780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.telegraphherald.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:25 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2320138
expires: 0

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 28 KB
15 KB 131ms
131ms Fetch
application/json 34.241.2.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=273646&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&icr_url=&va=0&user_uuid=undefined&time=1694796506137&up=pc&bn=chrome&bv=117&widget_width=1306&style_id=0&an=false

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.241.2.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-2-182.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

9ace690dc67b01e40a5cbccb6f2948cd1af206c0273cf259a4c31715d45f1d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=931536000; includeSubDomains
content-encoding: gzip
server: envoy
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.telegraphherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 61

POST
H2 200 / Show response
www.facebook.com/tr/ Frame BB4E 0
78 B 9ms
9ms Document
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.telegraphherald.com
Referer: https://www.telegraphherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.telegraphherald.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:48:26 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
214 B 18ms
16ms XHR
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=221444608&t=pageview&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&dp=%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ul=en-us&de=UTF-8&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAQCACAAI~&jid=2002879009&gjid=1468457815&cid=1541614084.1694796505&tid=UA-54716522-7&_gid=585155872.1694796506&_slc=1&gtm=45He39d0n71PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&cd15=3.155.0&cd16=true&cd17=Page%20View&cd20=4802ccae-4e6f-11ee-a910-f3fbe99ea3ee&cm1=404&z=714095830

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 21ms
21ms XHR
text/plain 108.177.15.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54716522-7&cid=1541614084.1694796505&jid=2002879009&gjid=1468457815&_gid=585155872.1694796506&_u=YCDAgUABAAQCAGAAI~&z=1512624885

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 15 Sep 2023 16:48:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
83 B 16ms
15ms XHR
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=221444608&t=pageview&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&dp=%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ul=en-us&de=UTF-8&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAAUABAAQCAGAAIAB~&jid=1677670796&gjid=901947987&cid=1541614084.1694796505&tid=UA-1002501-1&_gid=585155872.1694796506&_r=1&_slc=1&gtm=45He39d0n71PDQV3N&z=714497627

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

514010fa6b11f61340616503c07fc5c2e4951163e6dc26cc2b4a33c229cc38d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 99ms
16ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.telegraphherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.telegraphherald.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Fri, 15 Sep 2023 16:48:26 GMT

POST
H2 204 hb Show response
hb.undertone.com/ Frame B1D7 0
524 B 301ms
213ms XHR
text/plain 108.138.199.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3590&domain=telegraphherald.com&ccpa=1YYN
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.199.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-199-63.mxp64.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:26 GMT
via: 1.1 e4a3689d7c24fed4b0731b7a6a3b65fe.cloudfront.net (CloudFront)
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop: MXP64-P2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.telegraphherald.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-amz-cf-id: IgKj2n9unUTWh09lDXQBGaPvkAaa1_Gp6GH0dI8Q401jqwWf3CiQ1Q==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame B1D7 19 B
549 B 69ms
11ms XHR
application/json 18.195.246.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&tmax=3000&us_privacy=1YYN

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.195.246.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-195-246-49.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:26 GMT
accept-ch: sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch
x-auction-status: 16
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame B1D7 184 B
482 B 299ms
41ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: f09d2dd80be1f71530c872e2af69548c999924bb300f8b2bb0d416354d42d396

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/1.129.0
Content-Type: application/json
access-control-allow-origin: https://www.telegraphherald.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
Expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame B1D7 0
119 B 72ms
19ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.telegraphherald.com
date: Fri, 15 Sep 2023 16:48:26 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame B1D7 0
171 B 195ms
82ms XHR
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.telegraphherald.com
pragma: no-cache
date: Fri, 15 Sep 2023 16:48:26 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame B1D7 139 B
710 B 1137ms
42ms XHR
application/json 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ef19548345bd5acaadbc0b60bf299c0696e5f3c9706495818cf5532470711fce

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:27 GMT
an-x-request-uuid: 696b6bff-ad81-42de-815b-2772a5d2afc7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.115.237.89; 176.115.237.89; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame B1D7 37 B
558 B 181ms
139ms XHR
application/json 104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=438214
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b953780d2801d207ae094b2a6bbee94399af2043eb8e473a6c89fdbb87a06ccd

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEkOSWZNP%2BhkbnWquoIw3QDlzB9HaAVXz9x5t7SLL%2FGPFLyRGRL%2FqD2RHK1MWokyumzJuvzC9LHLSQP3bdg7GaySQuM2NkVr7GH2%2Bn0kHhRmPGWglzZcf41SjvOMCVSxaIP4PX%2Bq"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 80725b749c6c39d0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame B1D7 23 B
470 B 110ms
50ms XHR
text/javascript 108.156.28.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.28.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-28-96.lhr50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 890956aa1c00640d3d3a57403fa234d0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: LHR50-P1
x-amz-rid: NXKQKBHQ7QNHFYFM6REH
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Q3wD4x64j-g_rD-PTS9ge5PkOV8JiYWR6jHrxdd2g4VNtUHEdO-Suw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
95 KB 29ms
29ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1KSYYTLTZT&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7f72abe30ee329d2267b4d235447ff3c2898132237ba8e0c6e18f5b1a8978b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96891
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 15 Sep 2023 16:48:26 GMT

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 39ms
38ms Fetch 34.241.2.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.241.2.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-2-182.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region: eu-west-1c
date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=931536000; includeSubDomains
server: envoy
vary: Origin
access-control-allow-origin: https://www.telegraphherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
790 B 81ms
81ms Stylesheet
text/css 172.217.18.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f106.1e100.net

Software

ESF /

Resource Hash

7fd7424a4c35368a1f74b59332c21ad08e4570bf827d921c0af2dda5cec60bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 16:48:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 14:49:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 16:48:26 GMT

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 30 KB
8 KB 28ms
28ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 5480b146acd3834e1ae343058731a655cb7d708e01727c910052e645b98ece3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 18:58:37 GMT
server: AmazonS3
x-amz-request-id: 74QM3429G9NE16P3
etag: "36936ca54bdfacb78b91268c99a7c8a0"
x-amz-server-side-encryption: AES256
x-hw: 1694796506.cds109.lo4.hn,1694796506.cds220.lo4.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 8353
x-amz-id-2: fPrSoNs7YI17ux4WWRzC/mqLrQkcx4IvAS0j304kHoKF0kAhzNa+lUWxjFDLEyZveN9nzQGYFWA=

GET
H2 200 defaultWidget.delivery.js Show response
assets.revcontent.com/master/ 18 KB
7 KB 30ms
30ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 68cf129e93209a063b51097aa1b40c2a4149ba79a99f7e6d4d485623fe535b9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 18:58:37 GMT
server: AmazonS3
x-amz-request-id: GCQPYDQVTAGC5MTQ
etag: "ac82eecb05f5ff2b22ce8c6902242989"
x-amz-server-side-encryption: AES256
x-hw: 1694796506.cds109.lo4.hn,1694796506.cds238.lo4.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 6452
x-amz-id-2: x/I5atXIYLX485rVjh2WFhsc6VeKJ3Wg1p6U12ik3Jd2tNmvHL+CAZmvAkxObal9AHYbH4Uwn5w=

GET
H2 200 commonModal.delivery.js Show response
assets.revcontent.com/master/ 3 KB
2 KB 36ms
36ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/commonModal.delivery.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: f2153bde5c6d6551519feebc9ee20ad074dc4ed6baa1f0d483792fc03a7c24dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 18:58:36 GMT
server: AmazonS3
x-amz-request-id: 74QKS5J7WP8PANR4
etag: "7916ca1cce66f75b7ad11bb917bc1cfb"
x-amz-server-side-encryption: AES256
x-hw: 1694796506.cds109.lo4.hn,1694796506.cds103.lo4.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 1666
x-amz-id-2: Pdc5Ix6zRMlvewf0kQaZ2M6oKN4WxkiKF0ybjXGPddSzWiQgXn7yzzP1Eq+IqLDRG2Zx5IBhDJE=

GET
H2 200 /
img.revcontent.com/ 1 KB
1 KB 229ms
56ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
last-modified: Thu, 02 Jun 2022 15:22:42 GMT
etag: "1654183362"
x-hw: 1694796506.cds248.lo4.hn,1694796506.cds087.lo4.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1351

POST
H2 200 / Show response
www.telegraphherald.com/tncms/access/meter/ 418 B
789 B 113ms
112ms Fetch
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegraphherald.com/tncms/access/meter/

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/shared-content/art/tncms/api/access.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

39b00afc50e6cf61ad42574c148855b12530cd34c4f7a5765d91e4e5d94fa270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 259
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
x-vcache: MISS
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST
content-type: application/json; charset=UTF-8
x-tncms: 1.71.0; app9; 0.01s; 0.9M
cache-control: private, no-cache, no-store, max-age=0
vary: X-IPCountry, Accept-Encoding
x-robots-tag: noarchive
access-control-allow-headers: X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User

GET
H2 200 collect
www.google-analytics.com/ 35 B
131 B 11ms
11ms Image
image/gif 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=221444608&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&dp=%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ul=en-us&de=UTF-8&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=subscription&ea=free%20view&el=access%20first%20view&ev=1&_u=aCDAAUABAAQCAGAAIAB~&jid=&gjid=&cid=1541614084.1694796505&tid=UA-1002501-1&_gid=585155872.1694796506&gtm=45He39d0n71PDQV3N&z=1515078830

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:56:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3116
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
509 B 51ms
51ms XHR
text/javascript 108.156.28.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&pid=2dpjoJukrRzpc&cb=0&ws=1600x1200&v=23.829.1852&t=2000&slots=%5B%7B%22sd%22%3A%22tnt-smart-ad-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%2C%222x1%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-1009963%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-554570%22%2C%22s%22%3A%5B%22960x60%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-1009946%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-1009948%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-1009951%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-559358%22%2C%22s%22%3A%5B%22500x500%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%5D&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.28.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-28-96.lhr50.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 890956aa1c00640d3d3a57403fa234d0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: LHR50-P1
x-amz-rid: C0AG5DF3NCS98BPEVA7M
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: bfiK1yaC7NN6f8tX5gwTW-_UkDyKLsb21PCpNL62Hu74wTTy0MNR6g==

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 2 KB
2 KB 119ms
26ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
last-modified: Thu, 01 Jun 2023 15:43:57 GMT
etag: "1685634237"
x-hw: 1694796506.cds266.lo4.hn,1694796506.cds256.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=46
accept-ranges: bytes
content-length: 2091

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 349 KB
53 KB 542ms
541ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=126581214661874&correlator=3225692274344910&eid=31077365%2C31077697%2C31077900%2C31068366&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fifs&us_privacy=1YYN&iu_parts=132916964%3A55274853%2Ctelegraphherald.com%2Cnews%2Ctri-state&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C300x250%7C2x1%2C1x1%2C960x60%2C300x250%2C300x250%2C300x250%7C300x600%2C500x500&fluid=height%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&didk=3056683171~3106112522~2002308561~3106112711~3106112709~3106112553~1954143341&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694796506432&lmt=1694577600&adxs=321%2C800%2C120%2C1180%2C1180%2C1180%2C150&adys=854%2C56%2C127%2C734%2C1004%2C1274%2C3173&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&vis=1&psz=930x1%7C1600x1%7C1360x60%7C300x250%7C300x250%7C300x250%7C1310x500&msz=930x0%7C1600x1%7C1360x60%7C300x250%7C300x250%7C300x250%7C1310x500&fws=4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=930%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1541614084.1694796505&ga_sid=1694796506&ga_hid=221444608&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRiMv_nNqTFIAFICCGQSGQoKdWlkYXBpLmNvbRiLv_nNqTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMnE-c2pMUgAUgIIahIcCg1jcndkY250cmwubmV0GIy_-c2pMUgAUgIIZBIZCgpwdWJjaWQub3JnGMnE-c2pMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiMv_nNqTFIAFICCGQSFwoIcnRiaG91c2UYhcL5zakxSABSAghqEhQKBW9wZW54GJzB-c2pMUgAUgIIbw..&dlt=1694796503871&idt=1075&prev_scp=pos%3Dfixed_automatic_ad%2Cfixed_automatic_ad1%26amznbid%3D2%26amznp%3D2%7Cpos%3Dsticky-anchor%2CTHFlex-Footer-Anchor-Ad%2Cimpact-sticky-anchor%26amznbid%3D2%26amznp%3D2%7Cpos%3DTHFlex-Homepage-Slider%2CATF%26amznbid%3D2%26amznp%3D2%7Cpos%3Drectangle-one%26amznbid%3D2%26amznp%3D2%7Cpos%3Drectangle-two%26amznbid%3D2%26amznp%3D2%7Cpos%3Drectangle-three%26amznbid%3D2%26amznp%3D2%7Cpos%3DTHFlex-Sticky-Note%2CATF%26amznbid%3D2%26amznp%3D2&cust_params=browser%3DChrome%26asset_id%3D4802ccae-4e6f-11ee-a910-f3fbe99ea3ee%26k%3Dgrant-county-wis%252Ccassville-wis%26page%3Dasset%252Carticle%252Capp-editorial%26las%3Danonymous&adks=3578395192%2C1863230483%2C3697841261%2C2240819703%2C2240819705%2C2988551167%2C1850785976&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

f9d8875c6c82fc0adee6bdb05aeadcda161b2736b33a730bc0034bf4877036f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53962
x-xss-protection: 0
google-lineitem-id: 6381360436,-2,-2,6373692197,6377804824,6361719787,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138447071527,-2,-2,138444937542,138446418757,138443371780,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D1B4 6 KB
3 KB 393ms
17ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.telegraphherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:48:26 GMT
expires: Sat, 14 Sep 2024 16:48:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 10634912.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/cr_videos/181384/ 7 KB
8 KB 130ms
27ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/cr_videos/181384/10634912.jpg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

d98b03ac0c492d064f025a3071c62dc2cc700810479f0d70f4e40ff5d64f02b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Thu, 07 Sep 2023 21:08:31 GMT
server: Cloudinary
etag: "dbc645caeb80f2392af0c97f8eff0f6f"
x-hw: 1694796506.cds034.lo4.hn,1694796506.cds267.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: cld-fastly;mitm=po;dur=116;cpu=1;start=2023-09-07T21:40:56.070Z;desc=miss,rtt;dur=0,content-info;desc="width=420,height=315,owidth=426,oheight=240,obytes=11060",cloudinary;dur=36;start=2023-09-07T21:40:56.105Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 7452

GET
H2 200 61bc300dd86842bf1fb68f400aa0f3ae.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 10 KB
10 KB 125ms
27ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/61bc300dd86842bf1fb68f400aa0f3ae.jpeg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

e3f50b0cae939f3b13520a85641d2e719dbe122ec0108f1cd19f061e056911e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Sun, 16 Jul 2023 17:11:02 GMT
server: Cloudinary
etag: "2d168921a26c01586b2ad02e06ddb28b"
x-hw: 1694796506.cds034.lo4.hn,1694796506.cds305.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: cld-fastly;mitm=po;dur=101;cpu=0;start=2023-07-16T17:13:04.424Z;desc=miss,rtt;dur=0,cloudinary;dur=14;start=2023-07-16T17:13:04.468Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 10435

GET
H2 200 94d1efb1f7e2078e9149772769ad9c38.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 11 KB
11 KB 128ms
33ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/94d1efb1f7e2078e9149772769ad9c38.jpeg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

3b4434a3d73ceb29679d423243d4a9bc611bef2798347d3a8245257a400799f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Thu, 08 Jun 2023 15:27:35 GMT
server: Cloudinary
etag: "14c596841141b833833077f67f107ca1"
x-hw: 1694796506.cds034.lo4.hn,1694796506.cds009.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: cld-fastly;mitm=po;dur=134;cpu=1;start=2023-07-11T12:00:39.080Z;desc=miss,rtt;dur=0,cloudinary;dur=53;start=2023-07-11T12:00:39.120Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 11387

GET
H2 200 d4c2127d01806666d8103b4420d4992f.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 14 KB
14 KB 149ms
61ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/d4c2127d01806666d8103b4420d4992f.jpeg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

75a0730c134ecd15420801c19ff32782d9f4f98ff16fcf8de33467c2ce3f2f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Thu, 08 Jun 2023 15:27:00 GMT
server: Cloudinary
etag: "1f28dc8f04773ada029f4261f4203701"
x-hw: 1694796506.cds034.lo4.hn,1694796506.cds223.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: cld-fastly;mitm=po;dur=3;cpu=1;start=2023-06-08T15:28:24.329Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 14444

GET
H2 200 724bc6c840ab6ccdd53eb2af835959f4.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 17 KB
18 KB 128ms
41ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/724bc6c840ab6ccdd53eb2af835959f4.jpeg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

cloudflare /

Resource Hash

72d1bebed6bdd58b3e10eb56bc062975a68b86e703266974228b2f2c31c0f1eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=457;start=2023-08-31T00:48:06.780Z;desc=miss,rtt;dur=1,content-info;desc="width=420,height=315,owidth=1680,oheight=1260,obytes=1229523;";cloudinary;dur=52;start=2023-08-31T00:48:07.068Z
content-length: 17657
last-modified: Thu, 08 Jun 2023 15:27:02 GMT
server: cloudflare
etag: "85ecba602442089e499a1a297bc74c5d"
x-hw: 1694796506.cds034.lo4.hn,1694796506.cds256.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 7ff1441a5ab94177-LHR
timing-allow-origin: *

GET
H2 200 54df58c804111b077b87cb154de6656c.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 9 KB
9 KB 128ms
40ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/54df58c804111b077b87cb154de6656c.jpeg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

90d7ddb12d6b58867d1a7d87b765d74c4d3c16ce6974bb9b2c9989c6bf189861

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Sun, 16 Jul 2023 16:41:36 GMT
server: Cloudinary
etag: "193605a121e03e8d9ba6f9a185fcd605"
x-hw: 1694796506.cds034.lo4.hn,1694796506.cds248.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: cld-fastly;mitm=po;dur=96;cpu=1;start=2023-07-16T16:44:05.361Z;desc=miss,rtt;dur=0,cloudinary;dur=15;start=2023-07-16T16:44:05.401Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 9210

GET
H2 200 1944e3890dd35b5406683aa4776a7e76.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 17 KB
17 KB 51ms
50ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/1944e3890dd35b5406683aa4776a7e76.jpeg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

cloudflare /

Resource Hash

2e85bef6daad2a4e58352f93881c671a125dbad6b1a787cf7afd31e28b97d278

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=141;start=2023-07-20T22:14:25.546Z;desc=miss,rtt;dur=1;cloudinary;dur=16;start=2023-07-20T22:14:25.617Z
content-length: 17613
last-modified: Thu, 20 Jul 2023 22:12:19 GMT
server: cloudflare
etag: "3f7625d41d49463ebd62718360e82c41"
x-hw: 1694796506.cds034.lo4.hn,1694796506.cds249.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 7e9e8e99ac7c23e4-LHR
timing-allow-origin: *

GET
H2 200 aac355d2f9a91d181fd5429c48fa06dd.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 17 KB
17 KB 62ms
61ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/aac355d2f9a91d181fd5429c48fa06dd.jpeg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

cloudflare /

Resource Hash

a1877b0614160be67154a711c4e67bc314c75bd78f1bb83415512beffbd4e3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=140;start=2023-06-08T15:41:17.889Z;desc=miss,rtt;dur=1;cloudinary;dur=44;start=2023-06-08T15:41:17.949Z
content-length: 17638
last-modified: Thu, 08 Jun 2023 15:28:07 GMT
server: cloudflare
etag: "58aa9c2ea6c87926a16df41d7751af4f"
x-hw: 1694796506.cds034.lo4.hn,1694796506.cds316.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 7d423cfac8797515-LHR
timing-allow-origin: *

GET
H2 200 646e42a24a57c8-25266498.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 15 KB
15 KB 65ms
65ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/646e42a24a57c8-25266498.jpg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

01549885139728f060cdd5891523659dcb934c9ddc7154bedf6bb195a4cd211c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-fastly;mitm=po;dur=290;cpu=0;start=2023-07-13T08:16:59.321Z;desc=miss,rtt;dur=0,cloudinary;dur=206;start=2023-07-13T08:16:59.363Z,cld-id;desc=ec5b6150cb679583bf05875b9ef3b263
content-length: 14948
x-request-id: ec5b6150cb679583bf05875b9ef3b263
last-modified: Thu, 25 May 2023 00:40:50 GMT
server: Cloudinary
etag: "c6d4c3b9c4bd6160625ebbae65dd0fd6"
x-hw: 1694796506.cds034.lo4.hn,1694796506.cds298.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 c8162845e6860df4bb56954b5fec837b.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 18 KB
18 KB 68ms
68ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/c8162845e6860df4bb56954b5fec837b.jpeg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

cloudflare /

Resource Hash

2b511d3f44c895e063c6aa0f6829d2809af3ee9ec13ddc514ea8d1e6d9fecece

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=447;start=2023-09-13T08:53:09.568Z;desc=miss,rtt;dur=1,content-info;desc="width=420,height=315,bytes=18289,owidth=474,oheight=367,obytes=34799;";cloudinary;dur=15;start=2023-09-13T08:53:09.882Z
content-length: 18289
last-modified: Wed, 13 Sep 2023 08:45:43 GMT
server: cloudflare
etag: "925cf6ff9b785264dbcc314f969e6e31"
x-hw: 1694796506.cds034.lo4.hn,1694796506.cds109.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 805f287ecb2471c8-LHR
timing-allow-origin: *

GET
H2 200 80f3a132b2a9502092a4625be5613017.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 20 KB
20 KB 69ms
68ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/80f3a132b2a9502092a4625be5613017.jpeg

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

cloudflare /

Resource Hash

f6a8e74bed77ce6685a87979a1a6fa75deac0194b365e9958361124cd8b88cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=140;start=2023-09-13T08:53:09.570Z;desc=miss,rtt;dur=1,content-info;desc="width=420,height=315,bytes=20407,owidth=1024,oheight=682,obytes=124365;";cloudinary;dur=16;start=2023-09-13T08:53:09.633Z
content-length: 20407
last-modified: Wed, 13 Sep 2023 08:45:34 GMT
server: cloudflare
etag: "20ac84a6117b8893a0d43a611bcf70da"
x-hw: 1694796506.cds034.lo4.hn,1694796506.cds323.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 805f287ecbf971e4-LHR
timing-allow-origin: *

GET
H2 200 9e95fb25a6941c30a7b49a5fb815b158.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 9 KB
10 KB 73ms
72ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/9e95fb25a6941c30a7b49a5fb815b158.png

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

2e22d2b0c82ef8e52f4b8efab90fe97ce91f7bfc71ef520009000b43a7aedaf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Wed, 13 Sep 2023 08:45:48 GMT
server: Cloudinary
etag: "40c0b74e883ad9355a5dca555a7af26e"
x-hw: 1694796506.cds034.lo4.hn,1694796506.cds088.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: cld-fastly;mitm=po;dur=101;cpu=1;start=2023-09-13T08:53:10.425Z;desc=miss,rtt;dur=0,content-info;desc="width=420,height=315,bytes=9703,owidth=867,oheight=648,obytes=588644",cloudinary;dur=16;start=2023-09-13T08:53:10.470Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 9703

GET
H2 206 10634912.mp4
media.revcontent.com/cr_videos/181384/ 66 KB
0 115ms
26ms Media
video/mp4 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://media.revcontent.com/cr_videos/181384/10634912.mp4
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.telegraphherald.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
x-amz-version-id: K1Y7AlTyONnQHLKXWqcJnjHNL8_wEwM5
last-modified: Thu, 07 Sep 2023 11:01:21 GMT
server: AmazonS3
x-amz-request-id: 07187Q5QQ49QSQR8
etag: "5f2e41e33021abdd4d0aba59ee3c35a1"
x-amz-server-side-encryption: AES256
x-hw: 1694796506.cds249.lo4.hn,1694796506.cds301.lo4.c
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-342680/342681
cache-control: max-age=3600
accept-ranges: bytes
Content-Length: 342681
x-amz-id-2: WPGZ6TNML6LslIjzxNAC6EoHKxQV6TKNIWM/0Ss/4rfBLYkYI/uMcG1ba0A2nQptSUCcGuYoWt4=

OPTIONS
H2 200 page-view
yeet.revcontent.com/yeet/events/ Frame 0
0 35ms
34ms Preflight 34.241.2.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.241.2.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-2-182.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.telegraphherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.telegraphherald.com
content-length: 0
date: Fri, 15 Sep 2023 16:48:26 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
x-rc-region: eu-west-1c

OPTIONS
H2 200 widget-loaded
yeet.revcontent.com/yeet/events/ Frame 0
0 34ms
34ms Preflight 34.241.2.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.241.2.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-2-182.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.telegraphherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.telegraphherald.com
content-length: 0
date: Fri, 15 Sep 2023 16:48:26 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
x-rc-region: eu-west-1c

POST
H2 204 page-view
yeet.revcontent.com/yeet/events/ 0
0 34ms
34ms Fetch 34.241.2.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.241.2.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-2-182.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://www.telegraphherald.com
date: Fri, 15 Sep 2023 16:48:26 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: Origin

POST
H2 204 widget-loaded
yeet.revcontent.com/yeet/events/ 0
0 37ms
36ms Fetch 34.241.2.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.241.2.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-2-182.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://www.telegraphherald.com
date: Fri, 15 Sep 2023 16:48:26 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
server: envoy
vary: Origin

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 396ms
63ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a1e3f3b50a2a88fcc561ea1dbebc36fe2c976581389b1fbf0952d8889ed35858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12030
x-xss-protection: 0

POST
H2 200 ingest.php
events.newsroom.bi/ 2 B
787 B 16ms
15ms Ping
application/json 116.202.32.62
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.32.62 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy03.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

POST
H2 200 recirculation.php Show response
events.newsroom.bi/ 12 B
724 B 22ms
21ms XHR
application/json 116.202.32.62
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/recirculation.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.32.62 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy03.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash: a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

POST
H2 200 recirculation.php Show response
events.newsroom.bi/ 12 B
724 B 28ms
27ms XHR
application/json 116.202.32.62
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/recirculation.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.32.62 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy03.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash: a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:48:26 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

GET
H2 200 b-e09f10f-34756dc3.js Show response
tagan.adlightning.com/townnews/ Frame 5F4D 81 KB
31 KB 59ms
59ms Script
application/javascript 108.156.2.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-3.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 07:16:44 GMT
content-encoding: gzip
via: 1.1 595b5bc75f9607fd025370f043f817c2.cloudfront.net (CloudFront)
x-amz-version-id: vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop: MXP63-P4
age: 3835904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30930
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:34 GMT
server: AmazonS3
etag: "bd7974ac83b1adc649e5e24a01f74b12"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ro7zBYtpdZo7TwsfzjcuSqoLzQUXZcVOV6WB_S3hnen0Lu-GeZZXqQ==

GET
H2 200 17967651262382493954
tpc.googlesyndication.com/simgad/ Frame 5F4D 49 KB
49 KB 366ms
16ms Image
image/gif 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17967651262382493954

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

589749731f4b75a4303d26b1e17dee3ad4685a12123a13255a8c6debd33b7fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 08:56:49 GMT
x-content-type-options: nosniff
age: 28298
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49748
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 21:55:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Sep 2024 08:56:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 5F4D 23 KB
9 KB 360ms
10ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 5F4D 3 KB
1 KB 361ms
12ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 15:23:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F4D 182 KB
57 KB 371ms
20ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:48:27 GMT

GET
H2 200 b-e09f10f-34756dc3.js Show response
tagan.adlightning.com/townnews/ Frame 4A96 81 KB
31 KB 47ms
47ms Script
application/javascript 108.156.2.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-3.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 07:16:44 GMT
content-encoding: gzip
via: 1.1 595b5bc75f9607fd025370f043f817c2.cloudfront.net (CloudFront)
x-amz-version-id: vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop: MXP63-P4
age: 3835904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30930
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:34 GMT
server: AmazonS3
etag: "bd7974ac83b1adc649e5e24a01f74b12"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: RWIUd_hcfvBdzepjAQ2GEysoenM7i0gu4b47v67fBZGX581T7tX70Q==

GET
H2 200 4159524897651612409
tpc.googlesyndication.com/simgad/ Frame 4A96 131 KB
131 KB 283ms
22ms Image
image/gif 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4159524897651612409

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

7a5058aa7e0090827fb2c2e9816c697909bc88d06cf6f8191e6333e053a16ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 19:43:50 GMT
x-content-type-options: nosniff
age: 335077
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133742
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 21:50:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 19:43:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 4A96 23 KB
9 KB 274ms
14ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 4A96 3 KB
1 KB 274ms
14ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 15:23:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A96 182 KB
57 KB 314ms
53ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:48:27 GMT

GET
H2 200 b-e09f10f-34756dc3.js Show response
tagan.adlightning.com/townnews/ Frame 1992 81 KB
31 KB 51ms
50ms Script
application/javascript 108.156.2.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-3.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 07:16:44 GMT
content-encoding: gzip
via: 1.1 595b5bc75f9607fd025370f043f817c2.cloudfront.net (CloudFront)
x-amz-version-id: vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop: MXP63-P4
age: 3835904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30930
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:34 GMT
server: AmazonS3
etag: "bd7974ac83b1adc649e5e24a01f74b12"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: JyLT6IFG1srU93kuDolbqXV5AX9h0un5CUWLlEt7jxX6JyzMym4ypQ==

GET
H2 200 17619229133571204497
tpc.googlesyndication.com/simgad/ Frame 1992 24 KB
24 KB 66ms
66ms Image
image/jpeg 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17619229133571204497

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

7047164794eabb4ef86b71eafcad7b03c9e1aadbb2ee1010335e0912780320e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:27 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24558
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 19:48:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Sep 2024 16:48:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 1992 23 KB
9 KB 40ms
39ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 1992 3 KB
1 KB 40ms
40ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 15:23:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1992 182 KB
57 KB 219ms
45ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:48:27 GMT

GET
H2 200 b-e09f10f-34756dc3.js Show response
tagan.adlightning.com/townnews/ Frame E14F 81 KB
31 KB 70ms
70ms Script
application/javascript 108.156.2.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-3.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 07:16:44 GMT
content-encoding: gzip
via: 1.1 595b5bc75f9607fd025370f043f817c2.cloudfront.net (CloudFront)
x-amz-version-id: vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop: MXP63-P4
age: 3835904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30930
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:34 GMT
server: AmazonS3
etag: "bd7974ac83b1adc649e5e24a01f74b12"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: cESgqrIIl6z5v3mi8zKd3EKoQLR3_h5eSBZNv96f_aS1-PCYFB8WTw==

GET
H2 200 14679568334586638181
tpc.googlesyndication.com/simgad/ Frame E14F 26 KB
26 KB 42ms
41ms Image
image/jpeg 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14679568334586638181

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

4ddd83effd6074abee838166695da6463438ba68e7956bbfa4d1ccf58b6a40c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 02:02:53 GMT
x-content-type-options: nosniff
age: 312334
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26247
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 21:34:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 02:02:53 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame E14F 23 KB
9 KB 41ms
40ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame E14F 3 KB
1 KB 41ms
40ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 15:23:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E14F 182 KB
57 KB 132ms
46ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:48:27 GMT

GET
H2 200 container.html Show response
3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8B9F 6 KB
3 KB 12ms
11ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.telegraphherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:48:26 GMT
expires: Sat, 14 Sep 2024 16:48:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 55ms
54ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Sep 2023 16:48:27 GMT

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 136ms
135ms Ping
image/gif 3.215.72.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=B2_wfQgnfwIDfn9h&instance=214492445&version=7.23.0-A&age=230915&ldt=BIDS&key=dtKKcuXb&c_id=13403&seq=1&order=5&vIndex=0&absoluteTime=4190.4&relativeTime=2446.1&sm_id=3000503&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=4711&load=1&status=LVFNLNIY&ac_id=2008&bidIndex=1&prebid.cid=0&prebid.bidders.undertone.time=304.4&prebid.bidders.triplelift.time=82.3&prebid.bidders.rubicon.time=303.8&prebid.bidders.pubmatic.time=79.9&prebid.bidders.unruly.time=296.5&prebid.bidders.appnexus.time=1389.3&prebid.bidders.ix.time=224&prebid.start=2790.6&prebid.time=1399&prebid.timeout=3000&adIndex=-1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.72.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-72-221.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:27 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
469 B 51ms
51ms XHR
text/javascript 108.156.28.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.28.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-28-96.lhr50.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:27 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 890956aa1c00640d3d3a57403fa234d0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: LHR50-P1
x-amz-rid: 69A2HF4CR3E83RH8HXE9
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ob44FQwfZJV8L6OVvSFUrbFwb91OVvUWAirXIwAztw9bw5q1jDGwZg==

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5F4D 0
0 47ms
46ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGB7hAKXKRwVWVQirZyoiz2xA6mGLjDP6sG7p2z9hDSFWAFCRcyroHT-ojAYHKgnLqYJyN9AV-939ojwQRusg7x8JlfrZqnSZJlqgxm3W7GOmJLVK9qjwa5oh_LAAYI6oEVwuMFRKaIezEDUk4deSWSpRJX-H5MlABavObNhcQyN2CXlH9VO9HqSyfXICIJ1o3rIat28O0yxojAs-x2NV9POFG2d3LsfKksdU8NN_K2q5YTrx41pvyQAoAfimxIE1pa_CrlQ9p8mRAeaFBIHy7BPkeF0fmMzrzKUsdY2X3EhtdBzDJl98JnlGw3giRBHdyf-7NUIMr1URhu1IxdxOS8FxXv9q917tGRpNaHvxMB0Kq7ACTZkw&sai=AMfl-YTT3LIzYOYD4-2iyah0XFL2XwWzaZJeSiyMo3219vxv3XxrKz889AZTwxUoPhkRHdBlQmppT0BoXEJr4XeTyyQMfbVBEFRfbzoDsf-X1RQa1ODXiPWCf707C0yafAUjG0iZzf6r3Z30xdn3DfU&sig=Cg0ArKJSzP_hLyCB-qhtEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:48:27 GMT

GET
DATA 200
OK truncated
/ Frame 5F4D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba17fd09032a40f1560ed2f3e82a3e587208b5c3d7d4bb290be556ec9dfe25b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4A96 0
0 473ms
472ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhgqb7r9hejNJagMPh7Eyud0GG9CThzPs-6aSq-THGW6DQVlA45O9gTc_H6R7HY0uj598lZm6xzV7NhEdMkoZFYOxYolDItR6gqbVI9DFUaiHPqB6SPL4Y9xqfiP52tNMyvo0v9h9oEhWz9U-qyefmZlQUwcvzcU85BnroKpxPCs306BrO6QnVteIJ4YRvEbu76gj_Opvj-J6Lizc_x1vtDP0__HU64G_bD_KtKlsZQEvS5VmALAwqrRzC2nwm95pAv_GiKQ3TixEKIfKag4WRf32cn2OoQzwv_QkYD66CvAeVEFlmBtas3aZHlTWhM1DX6IuRqpHH_XeDHhidhinJEsg8YPhRncsjcxS4G020C0UMexPGHlo&sai=AMfl-YQE43p37fU1yOrs-slGu3OhFN75OD85u27fxkTVUHMacuJ8_YJTpKhonExX2-ic9IaFFHFBLwb2vO7dN-MtnKUeo0ILmdelA-Am0seTUtNJpc4ohpgAhSQ9_IZvy5NP8Tk60czplAKnS6cexMs&sig=Cg0ArKJSzOQmJaZussMCEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4A96 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fee9e8c68485f6334a60c758a03334f4b943623c777be24aa58b42429fcb565d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1992 0
0 336ms
336ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseGLGFMjBLajNS_qDPSCskvQFql6iW4EpqGDBQmf5qLzr4z18TM7bsnaj3xUh7q8anz-S_IIetd1t6UD91PKYTFgvBgfJVol8TRqMQeHMTbrHZqF8BABd7JhnAmqM6a3bjOyh634kvBNR1S7KwCH40cVCGWyPljjc01RDroDPtSsdG8f77YwFkALGkpIQRuun6UIe4BSLOv1jvhsZHO70xuFn8_iS9_GO8MR_VDGfahqsPruY0F8u3_k3SsA07acc6IgMJE-4RZCbEYWHio1FBWBglcGrjjkGX5uhuTqmFxPCFU-A5tSyHYnwazYXJ9ZxR_MDv9dlYzrSoe_kn5vrJ_9ogrP2tUtLwqUfOfGDdNCJPGNdTvT4&sai=AMfl-YQH34altvQN1wDjkQQZ8CsvKK1unsmTFU9aSw67Fw5UdNFaTuJ2eykRmbfKnq8rty-_27mUtONLftfM8FhFdNKKDWmqs3HHtB_RWSx9XXryiNzvKKEqnhs8xKjRcT5B-oxH_a4yMrMus0TQWoA&sig=Cg0ArKJSzKRG12EDXkkAEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1992 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d116056b634cc079be08b15db6c5b9170cce422c939726aa39e629d2dddc73d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E14F 0
0 191ms
191ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3wDGoXEH1eVhSCi6_mvoC9Eg8P-N_HKNI_Rh0nDOoHasomUakJotUn43aUDdRqE0sWJScl-PUwTKBp1SRv2t03Sa7BUNktaUQNa91difqF0Y0hSqhRhWRraBuyjazW59c0-XqrO_aLh7ei-bF328rUCh-f0PcEegLFaw9n0sJNmkBhoWvlMZd9ZJqFtIFycIwggJi_KGfTI1_nUv9gZ4H5rPzyf6gvqDnPZob4DEg_AjERgUo3e3YK1Vy275xrwaxd9-Lrsb2yxlI42FCanmELltt0MnZFCw2hAgzJlwlClwdn08vtSy089Wlngs30aZyEExwPMSAi_cclu2LVvEp7gwMgzlBfAZzKNk64ofRZLczDRAsT0Y&sai=AMfl-YS-UIt0LN0yzDmYdVTT7fwNdCneuAFWWblmjT4ihovhvz67CkZl1u8TriSiFH9Ldbc83PLMWACP-gHcUqQJ_PI8LhNN9e4elN1qCUDMoLkzckGA_ziRfOozXYnd8GQwHPqnnARp3GFgfqh-Bd0&sig=Cg0ArKJSzNBO-BPe2PEtEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E14F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71cdf373da799dc5fa4cb4f31dc6146449a049692ab75e893531944c82c36373

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bl-ef0aa10-eb644f7f.js Show response
tagan.adlightning.com/townnews/ Frame 8B9F 73 KB
30 KB 235ms
235ms Script
application/javascript 108.156.2.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/bl-ef0aa10-eb644f7f.js
Requested by: Host: 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
URL: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-3.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 197d57973f476d5a90adbeb556aa75d0dd3b0de064773b87e9ac4315858a03a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 15:37:40 GMT
content-encoding: gzip
via: 1.1 595b5bc75f9607fd025370f043f817c2.cloudfront.net (CloudFront)
x-amz-version-id: URKQx7fx6_jf5ilRKQVENDhziRpFv7ub
x-amz-cf-pop: MXP63-P4
age: 177049
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30654
x-amz-meta-git_commit: ef0aa10
last-modified: Wed, 13 Sep 2023 15:33:03 GMT
server: AmazonS3
etag: "cf5585934ccd581e98fb184e006c7b11"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 1rmV2yNZxDNAFTHGcRoECjSnjeZWVkifZMntLH6ueyyShYIkBO2MHQ==

GET
H2 200 b-e09f10f-34756dc3.js Show response
tagan.adlightning.com/townnews/ Frame 8B9F 81 KB
31 KB 280ms
279ms Script
application/javascript 108.156.2.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by: Host: 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
URL: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-3.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 07:16:44 GMT
content-encoding: gzip
via: 1.1 595b5bc75f9607fd025370f043f817c2.cloudfront.net (CloudFront)
x-amz-version-id: vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop: MXP63-P4
age: 3835905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30930
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:34 GMT
server: AmazonS3
etag: "bd7974ac83b1adc649e5e24a01f74b12"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: UVDdkKtoqKzOYsq5833oAX99Uf9kGCKPiXb3GqWCGdEvzVmE-N0vkg==

GET
H2 200 2ab36c0d951b69d9c04f85f5eb613648.js Show response
www.gstatic.com/mysidia/ Frame 8B9F 9 KB
4 KB 342ms
11ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019

Requested by

Host: 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
URL: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 09:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 373090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3933
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 09:10:18 GMT

GET
H2 200 67d9e921b5f32e3b1de66b84352f195e.js Show response
www.gstatic.com/mysidia/ Frame 8B9F 142 KB
52 KB 343ms
13ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/67d9e921b5f32e3b1de66b84352f195e.js?tag=video_mra/web_raspberry_ms

Requested by

Host: 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
URL: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

0bbb877b10c6b6a071b0eb507bbf5ed6dcf6ad2702cb430686ef963eb997580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53568
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 17:48:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 19:23:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8B9F 21 KB
1 KB 195ms
194ms Stylesheet
text/css 172.217.18.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Requested by

Host: 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
URL: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f106.1e100.net

Software

ESF /

Resource Hash

d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 16:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 16:00:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 16:48:28 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ Frame 8B9F 110 KB
32 KB 431ms
28ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
URL: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a2d0d3fdc1c807ba04b6a66564b4db6c0a1d997cc3b655e60f9ae294c5668225

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 15 Sep 2023 16:48:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32157
x-xss-protection: 0
server: sffe
etag: "526f779e48dbd5da"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Sep 2023 16:48:29 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 8B9F 2 KB
975 B 19ms
19ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
URL: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 8B9F 23 KB
9 KB 10ms
9ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
URL: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 8B9F 3 KB
1 KB 11ms
10ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
URL: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 15:23:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 8B9F 20 KB
8 KB 160ms
160ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
URL: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:29:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 18:29:58 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 8B9F 36 KB
15 KB 10ms
9ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
URL: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 17:48:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 18:03:41 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
24 KB 395ms
394ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=126581214661874&correlator=1277540436974512&eid=31077365%2C31077697%2C31077900%2C31068366&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fifs&us_privacy=1YYN&iu_parts=132916964%3A55274853%2Ctelegraphherald.com%2Cnews%2Ctri-state&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&ifi=8&didk=3106113153&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D299c925244f13701%3AT%3D1694796506%3ART%3D1694796506%3AS%3DALNI_MZKt-3udH3lUWhwuwdVqI3dJLcz-Q&gpic=UID%3D00000c7622a63337%3AT%3D1694796506%3ART%3D1694796506%3AS%3DALNI_MZAqtw8tdqbDxcPRN_1ZPHx14dCyA&abxe=1&dt=1694796508323&lmt=1694577600&adxs=1180&adys=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsk3suJbulhPCld4-UXtK-A8IUB7DYffCSQzfAr0HcGM_YTlKsEq7fIx1EJdFjcGUex5HociW8RHSVg7eLas2tqQn61W3vpr%2CAOrYGsn7veNQ5vL94Vot1SNebtdy-lG2gh_kMT5BwuaHSPMjRvGqccaSFbSP1GhAVsYf_0fTwhIjeZgpolaI_jDnZAyiTl_4QlJ_%2CAOrYGsnNLfHIkHhaDV1DFrmoDx701ITxxdGBVKLfI3QH9cCaIXRWvTYrfGmY_ykQ568Sp34N8Cddog3BQNNDKzcxdoFzW-m0gvwb%2CAOrYGsk1CG93dUruBd1GGQBQlb4AN0S1i_M8Fg2Y6Q4FsS-eY9H5dBiB0x4LshUcy2u2_VPX2CHDq8IqyEM8he42xoPcNjPt-I9M&ga_vid=1541614084.1694796505&ga_sid=1694796506&ga_hid=221444608&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRiMv_nNqTFIAFICCGQSGQoKdWlkYXBpLmNvbRiLv_nNqTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMnE-c2pMUgAUgIIahIcCg1jcndkY250cmwubmV0GIy_-c2pMUgAUgIIZBIZCgpwdWJjaWQub3JnGMnE-c2pMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiMv_nNqTFIAFICCGQSFwoIcnRiaG91c2UYhcL5zakxSABSAghqEhQKBW9wZW54GJzB-c2pMUgAUgIIbw..&dlt=1694796503871&idt=1075&prev_scp=pos%3Dsticky-side-rail%26amznbid%3D2%26amznp%3D2&cust_params=browser%3DChrome%26asset_id%3D4802ccae-4e6f-11ee-a910-f3fbe99ea3ee%26k%3Dgrant-county-wis%252Ccassville-wis%26page%3Dasset%252Carticle%252Capp-editorial%26las%3Danonymous&adks=2196492607&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

82c6ab8263236632fff5b7a8ddb50041c22dd7694ef5d583faed34e484aaaed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23997
x-xss-protection: 0
google-lineitem-id: 6186000154
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138431169595
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4D48 45 KB
8 KB 703ms
301ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Ftelegraphherald-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214492445-B2_wfQgnfwIDfn9h%26schain%3Dstnvideo.com%2CSTN_0004186%26content%3D4711%26placementType%3DPremium%26embed%3DdtKKcuXb%26domain%3Dtelegraphherald.com%26player_size%3Dlarge%26player_width%3D930%26player_height%3D523%26player_type%3Dfull%26version%3D7.23.0-A%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D0%26excl_cat%3Dstl_id00014%26rand%3D12%26uhr%3D18%26iris_id%3Diris_b2771a5f53336ec9%26iris_context%3Dic_5619313%2Cic_3332335%2Cic_9233810%2Cic_0858141%2Cic_3003652%2Cic_1295502%2Cic_2291553%2Cic_3572470%2Cic_6703731%2Cic_2407074%2Cic_8328276%2Cic_1543298%2Cic_0344266%2Cic_5043113%2Cic_3890383%2Cic_8555203%26us_privacy%3D1YYN%26keywchk%3Dok&url=https%3A%2F%2Fwww.telegraphherald.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.62%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=250000&vrid=1263268&us_privacy=1YYN&hl=en&cmsid=2631244&vconp=2&video_doc_id=3000503&vpa=auto&vpmute=1&cnc=55274853&kfa=0&tfcd=0&sdkv=h.3.589.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=445&ptt=20&adk=130015200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.589.0&sid=C46A56DA-E0E6-4D37-A3B2-979EBE316635&a3p=EhsKDDMzYWNyb3NzLmNvbRiMv_nNqTFIAFICCGQSGQoKdWlkYXBpLmNvbRiLv_nNqTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMnE-c2pMUgAUgIIahIcCg1jcndkY250cmwubmV0GIy_-c2pMUgAUgIIZBIZCgpwdWJjaWQub3JnGMnE-c2pMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiMv_nNqTFIAFICCGQSFwoIcnRiaG91c2UYhcL5zakxSABSAghqEhQKBW9wZW54GJzB-c2pMUgAUgIIbw..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797965%2C44800470&top=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&loc=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&dlt=1694796503871&idt=2359&dt=1694796508337&cookie=ID%3D299c925244f13701%3AT%3D1694796506%3ART%3D1694796506%3AS%3DALNI_MZKt-3udH3lUWhwuwdVqI3dJLcz-Q&gpic=UID%3D00000c7622a63337%3AT%3D1694796506%3ART%3D1694796506%3AS%3DALNI_MZAqtw8tdqbDxcPRN_1ZPHx14dCyA&correlator=458296897918853&scor=1272659680486652&ged=timeout

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a14b740347514174b708ced6cc32d93df8b221477bcb8e596a56fbc996194c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8010
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4A96 0
0 123ms
122ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYqk8Vn4mNPpU2D_aTAmOQRmZobzk-gLKgUbjL8-CXukI178sQZOMBSSkbSthgkcNFYzSwk05PVuNiq_op_SD1Ze09IX1jWAImSnKWXJ9-5_or_oRs97S_z52JzOAByGTgWQpCbx56HE4lWHrQ3kf18VQHtr2K1nb5KF42UOF--AdQ_lIV9yEzemGR09gQfm3n99TZbFSmzDwqp6Bz_uAWtUJ0lhlPa3zPd_cmMsDTlYg0srljgEbIPthrj3Vz87A5DvfB7Gj935aSjoa88AbqFxgW8pYCj83zGywVc3EH1mGn3lBEgjw3gOu9r8ky_TkLG1-L148S1uoFOypXPoI0aCnUVuGCTxbJoUyynQrOTIWubT1t-77j_g&sai=AMfl-YQzsxAa2kQ8zGBZ_Rw2WfOkHAoVJL4O1vyMUGhpaJX22xJJf_6F9Utf9Z8LUVRRcNDOCmZUiUli7jVnZ79j-qQz9zjfHuO0VeKApzW2wXw9LxLw_LWM4VBEG3qqfHsUsIWAND0VxpvyS3GjdHM&sig=Cg0ArKJSzEuR_5dV-nuEEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:48:28 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5F4D 0
0 103ms
102ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0w36YiFCOR0Xpfhle0-Uw7V8BojlZdQQl2Xrn1vDU3jZdu_PjRcRSt8PnlQeXIhWXHduXKhQJiXeWZW7u85brHstrBP-JqkGqU590WPQAwqA_oEU8yalxHgdLpGWESYCGfLMSV7eLdemwtYNur-8-cMnHmbJwZZxus4L_OCz7q02yiR4Ljb15KNNe4f1dxCAAIARFE396KL1ninanQtzvyokxke1_ZMAD33aRVawi6qHIWwi7OwibPxaTYdxNIEK7huKb0FSTlPH6J1Lf_U1QoaWzbFuJLktVFIDl6K13rpRFFeuv6IZ986gFAGS3GzuH_j32YpmoO1nIBwKjh9Pd4g8mT2GWE_c1p4IAnlEraW2q8PAL1ix1tw&sai=AMfl-YTM1V-kL3vAf_fk9cuptnvZCThQtKBQ5AqFKx3k09y9muYewqaTay3wmlV-UxS55-rHswhPoZ1VTpAslFGdGWUnkAVVWqHRKgG8cNR5dc6UFDXZCmXHasJORdKLWyyp2317VgABS2U0LDaXmdo&sig=Cg0ArKJSzJJwacqqcZEiEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:48:28 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1992 0
0 79ms
79ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQ6WUd5fobMd_WD0YIrtq6r-u8safdyhyMOWNallXoDkvUua4LsRQILkdg2wnpG74QMIEhN45TcJ5r8EvzcXgdlxCy5kcY0Ut7Nmx8x_W4CrffZvCQiADBcs140LthIY6StGD5Ah0mQ8IiodMzOI9mFRDVtxCI-FS7pWOdk_hvpWKH_mYNXpwdjK2EDuckakVoeRuU0x9TFkEe33lI09z16nGV5KEjnlcSyVQjm5liQbRtOJBNwN5TnnOdqBwF7o6xi8T5AN8A2JI8G9JxU-S2hfAndmjymhr3_m5Y3O2-LCfPqdYIJuQ0AggqW8JAemxWjSOapdvkhTq_6zSHBMOGLJOOKhEckI9XQH1805CfmGowGR4qh33_vA&sai=AMfl-YTL8MWjno18vFQzGUbP4-gBCm9dmiXzjtQCxbjVrRmhcFMtIYuny2JplunOzXYGhPjmVc-Cpmwn-tR-iaCkI_GFENj9tpyfpEhnYl8N7KKQxVgWchfRlSUDmXaGqR-XQZ9R5bwiHlOo14HXweA&sig=Cg0ArKJSzA3vFLiK16EHEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:48:28 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E14F 0
0 61ms
60ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSOMXRKtzQHiapJJBGcUQKBnFpG9_5cSVPlzK6Y-2y_8iKs3nWzvl9D68GjbWjyukwhDQG17YlNURK5sFJwE5JE5ykv_AO4ybE24uX8Blb2Nvn8gOA6pyC4rE6YJVebbmXGvhAcac4f1oJM9rZNFBAQV2hxEhHUC7UbUb9e1awnkXMTXG7YWj9p3aMdh2gvzq9lYZlREzfq3coIFJdeAnQj5QlrwH1hu4RmKgLMah7X5zM18P2XapQhM_wrljcjR-j915SCGjTZ532xpyoBsif2N4CHI2zelpfJfmU9ujdP0BbvuD4tp2h4xHNBYpXroqptKzU9WjnzYL_0wKJRpY5M1fuvS-VMF-iXfiBgBrC24WuWNZ4L8BSbQ&sai=AMfl-YSkyEBTU9DA4hLVivINkpXRZ53QVab4TENQsvBU9I5uenBT4uvOxye_bxAFYQF4w4lmza94euydIq7hL_zi18hBnPRJLQj22l20qaBJkCNflVEIdWAxfw6cH-sdRqLamXdPz-SO6ai46_jTyFw&sig=Cg0ArKJSzFg3URMSw-DJEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:48:28 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 350D 13 KB
5 KB 24ms
23ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.telegraphherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5098
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 15:23:30 GMT
expires: Sat, 14 Sep 2024 15:23:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0192 829 B
1 KB 352ms
23ms Document
text/html 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

GSE /

Resource Hash

1cf9bd27d7d28a116c0c9f21e939dded96c4d0e8417c67c1deca041378db21f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uOiX4CIilHftYk2YUXkGnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.telegraphherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-uOiX4CIilHftYk2YUXkGnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:48:28 GMT
expires: Fri, 15 Sep 2023 16:48:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js Show response
pagead2.googlesyndication.com/bg/ Frame 350D 37 KB
15 KB 27ms
26ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

sffe /

Resource Hash

9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 09:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14603
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 09:37:12 GMT

GET
H2 200 b-e09f10f-34756dc3.js Show response
tagan.adlightning.com/townnews/ Frame 0510 81 KB
31 KB 29ms
29ms Script
application/javascript 108.156.2.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-3.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 07:16:44 GMT
content-encoding: gzip
via: 1.1 595b5bc75f9607fd025370f043f817c2.cloudfront.net (CloudFront)
x-amz-version-id: vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop: MXP63-P4
age: 3835905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30930
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:34 GMT
server: AmazonS3
etag: "bd7974ac83b1adc649e5e24a01f74b12"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: RCR08STR2CnYvm63cphhVishpZvEq7dVqfIAHIIHk_4NlU5R1la44g==

GET
H2 200 6586040974430877014
tpc.googlesyndication.com/simgad/ Frame 0510 35 KB
35 KB 17ms
15ms Image
image/gif 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6586040974430877014

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

95ad6a3c2d11d5a3c188ad7c06cb4cac712934b9302197cbfb0a1869a18d0b21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 04:14:10 GMT
x-content-type-options: nosniff
age: 304458
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35769
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 16:55:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 04:14:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 0510 23 KB
9 KB 11ms
9ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 0510 3 KB
1 KB 11ms
10ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 15:23:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0510 0
0 17ms
16ms Image
text/html 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTw_4mk7a4_D1ihn3FMvDWptoFtEPm9kTF7ZPXDLENX0Nk7d2TE8khK8utMBmcv487pJbYw
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0510 182 KB
57 KB 22ms
21ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:48:28 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8B9F 0
54 B 371ms
31ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmku2zom&c=1138639531647&slotId=569319765823.5&qqid=CLrh8_2IrYEDFWaW_QcdXBoNXQ&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/67d9e921b5f32e3b1de66b84352f195e.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3750564941785490450/ Frame 8B9F 2 KB
2 KB 11ms
10ms Image
image/png 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3750564941785490450/14763004658117789537?w=100&h=100

Requested by

Host: 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
URL: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

4f9957eeadbfde6ae44641d8d31c1ac89c347426bc02b4a6b03100c2e76e0554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 08:07:29 GMT
x-content-type-options: nosniff
age: 31259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1884
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 03:58:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Sep 2024 08:07:29 GMT

GET
DATA 200
OK truncated
/ Frame 8B9F 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/18048368465396328993/ Frame 8B9F 184 KB
184 KB 13ms
12ms Image
image/jpeg 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18048368465396328993/14763004658117789537

Requested by

Host: 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
URL: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

10d01d46df72e3d570ac99162113615d68fc823381fd319aa61e136fb255829d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 08:53:05 GMT
x-content-type-options: nosniff
age: 374124
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 188216
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 10:52:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 08:53:05 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 350D 0
41 B 38ms
38ms Image
text/plain 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ut2VYQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0510 0
0 49ms
49ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGsXZbbgYfGEuYng03qeG5PIUhyz_TyeCNzH3bnyU7TqXdF26RoJ4RxoWY1Po_NELCYeqWGhjaq97EJ2jlD299eKCqkHKfp-Xie_wpEdiYJ2zQkdbXmicNFcNZA2LEXQ70u3H1Kdk5L-r-y5KWbOiSRpjyaWArv2ayRjc5_FxLyv_zbXHQ-reaAKbce2lEt0sbOQL3RimJ24JemZ1TSl5nvGx57T_mBtqZbxEJbXv9CXo79lk-rKJWQtrWhPLXIdt-zoW7FWEP5UPMbaHbT2Zgx5lzTBozk_OAUxMi_JQ54Dp4n6e1MJOPYBD3vh5AqPdWJr4vsjrssqpziyA-aa4U7QYd_m-on6PRSBY4qgzjPTKqH9bvT7g&sai=AMfl-YRMNErLxTsLT7Pdqvqkn9x0A4vO-JHvvDg4wiLE8d1lzLqVgez_gghvX6eJY5p4-heKmLiG4Y3BTMLOSNrSeIvUwO9ck-jY57wwrL4hpABMKJIc3Ml_5H4gQWl4jA&sig=Cg0ArKJSzA1wtFQbygc0EAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0510 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73b0f4997b2773213ec1a214c972a996a8e62b6aa24633a0ed4c9cc1f3613c50

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 206
Partial Content videoplayback
rr2---sn-4g5edndd.googlevideo.com/ Frame 8B9F 1 MB
1 MB 544ms
177ms Media
video/mp4 172.217.133.167
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edndd.googlevideo.com/videoplayback?expire=1694825306&ei=2ooEZb_1Nd3Bx_AP1o-qkAY&ip=176.115.237.89&id=a71faddae2dd7233&itag=18&source=youtube&requiressl=yes&mh=16&mm=31&mn=sn-4g5edndd&ms=au&mv=m&mvi=2&pl=22&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=14.784&lmt=1679701549510738&mt=1694796131&txp=4430434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgDTcuy3d1OWvYrDBK1rhaj9GOiXjR1aLLV2hzJQFL2jwCIQD0lEsCPB03OFqZkww8g7fYP6kplSBiX9gMBn6Gu5ul2g==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgHRMIGB4QDc9JgLuEAQVTiv7RB4yhi4uYSX_B8a7Bs6UCIEXvNeafrcXOsryETHGmTkk66Q4cHXtppTpFf4XSeYQw&cpn=X7NLan76LFoR2L-x

Requested by

Host: 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
URL: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.217.133.167 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s66-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

a19ac37c1c0f4c355f2cafaada2424ee1d901d7c79cb9d54cf8760f0c21a1ab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 15 Sep 2023 16:48:29 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 24 Mar 2023 23:45:49 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1088140/1088141
Cache-Control: private, max-age=28497
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1088141
Expires: Fri, 15 Sep 2023 16:48:29 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4D48 0
234 B 147ms
31ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmku2xjv&c=6314144949563&slotId=3157072474781.5&eee=missing-element&bi=missing-id&vast_v=4.0&wta=1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8B9F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 984b54f3d2d37cacbde9efbb1648d9614ff074d41de453b3303ef3e70a3986a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8B9F
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CQyvp2ooEZbqMIOas9u8P3LS06AXyyt3Ib4G7zJuRCmQQASDViZMWYJUCoAHuzPb3A8gBCakCUuqVUizgsT7gAgCoAwHIAwqqBIkDT9AsPwVO5npiJpKzFzIGI2nBTPEmKs6iI5NDVPb0...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210172506089370299557%22,%22debug_reporting%22:true,%22destination%22:%22https://lapstore.de%22,%22event_report_window%22:%...

0
0

95ms
51ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210172506089370299557%22,%22debug_reporting%22:true,%22destination%22:%22https://lapstore.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%221056810606%22],%224%22:[%2209-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226773068196818508193%22}&andc=true

Requested by

Host: 3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
URL: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:29 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10172506089370299557","debug_reporting":true,"destination":"https://lapstore.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["1056810606"],"4":["09-15"],"6":["true"]},"priority":"500","source_event_id":"6773068196818508193"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:48:29 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Sep 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10172506089370299557","debug_reporting":true,"destination":"https://lapstore.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["1056810606"],"4":["09-15"],"6":["true"]},"priority":"500","source_event_id":"6773068196818508193"}&andc=true
access-control-allow-origin: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 46ms
45ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CQyvp2ooEZbqMIOas9u8P3LS06AXyyt3Ib4G7zJuRCmQQASDViZMWYJUCoAHuzPb3A8gBCakCUuqVUizgsT7gAgCoAwHIAwqqBIkDT9AsPwVO5npiJpKzFzIGI2nBTPEmKs6iI5NDVPb0CRuGSqoG4ckNIS8FSWseoM3bME5r-LDS7ed-AZbr4RCILUb2L5_3CFAT24ETmF7VrWThAFw6cdT_DBGd6MzZxWE_QFf3ahNOe0uujTRBcZxQRbL3h2rG5AedPZgv0lU2m3SJeFq-q29sD7EscQlS1cT6sQ2wmaKksNbooaTVlKhEiKmvh3oP42eaR_XdRiZswx69VzZotAD1UuqkNms9YQ9Lb31OQ0XPySeZfckGfe0wCLc25FS4d89SdR5p1tEkyHRhU7BKpzULMXti4Xce_8ofvFiyWKJ6McWslILnKcUV6LQDEMIeaKoYqVqbPejm2lw2DdUXnFDcz34y413mc-O4wEOmiu1OC0uTVihRQlkVy2No48p7vZtPQCmqUY1mInRyeMbzTfnMfYNe8w6k7xaucoTBmw9M7l1J9q6wfaRMIqEwaeTakuuUt0AEHed6XmIdjFlvmGNjNk_O02pdbx1A3kgFux_lyiEMwATdqa68oALgBAGIBZLOnJAYkgUECAQYAZIFBAgFGASgBi6AB_qyiQioB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCoogzSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi05NzUxODk0NjQwMjY2MTA2mgkwaHR0cHM6Ly93d3cubGFwc3RvcmUuZGUvP3RhZz1kaXNwbGF5JnRhZz1ncmV0YXJngAoDyAsBuBOcG9gTDYgUCtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zMjQ3OTE5NDA4MTMyMzIyGLzOGQ&sigh=r6mUnlHpQj4&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWXBMMgqBXuklXwoN9hMpW-qtnXcJi9JyPAhv3zM7Vm2cdNPy-lx6dtqrKvzVeTnvPitOoSFW2hR5_K-ylm7AhKU-Cxp2nyBgB&template_id=3484&cbvp=2&vis=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 15 Sep 2023 16:48:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0192 0
0 109ms
109ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309120101&jk=126581214661874&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil07s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0510 0
0 49ms
49ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFYrTN881iMshSZF9KgYdhavmlXU0erwn0LYBhL0upcxtnsV_LfIkwhCjaT9ORSTkgaTzSG_YoOekQXUwq7JgT5NnB2BLOc_iP6s6QA_5Y0m2SoxbHZdfpWOO4r6myWBY3lj6B4NY8S95wirqcWYpNcHcGCjj5otmbWEOmm9TCxG_-JN6PwmJDOjjOy1KxhZjM0AHlzlvDlFKlEAqHPtvkTygy39hSQnh3DNpsGk6IZYjGXC4jOgg9LfNz0Tt5vsGdulY4NvRih8lhvosvk8iy2HaAZ90RNOZqWWCvAte0cGU4DzBglAmKULcNhNzqNmmI6ghcKNROshAhW6Am7v4WXMZh4cb0bkUhKxgXXAMofSYt8l-_xUhLsQ&sai=AMfl-YT7-jGTBtJmFjTaH1OejrALUXxpKX8KM5cxAZIiswW03Rs1HeqMQNHDLzIBD0Js-nDCo4LEx0-p99zyt4CNWJSIoeX2aCInc2ZpncVz6gwT4vbNmvpwQHLvxyHmzw&sig=Cg0ArKJSzE7opKAB7eryEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:48:29 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 4D48 36 KB
18 KB 75ms
59ms XHR
text/xml 108.177.15.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-B6frjqLDKS2_1gRPtN3stZliAdXV9M18hyij6IYPHaVSckeMYHlrRUfh1qrw1ROjuDzEpyABWnwQNiE-KJ-bBhQ1J2ng&cry=1&dbm_d=AKAmf-DMJ4_hgKDs-q_5TbbyXccPWxTHG8I0ZOt3_S1N-XB9QMwmrmjpEg3_RPLZmATYjHPuKIei3tucKfRpzt5lEPpalMN62NSBxKuaJMioMBTIu-Nc4HKKrWH3ytKFb3Fel1u8be1iXQgWb3cj4R13Dd1Z1Lqq9bqfZap9cCXd89NphTzPr4x6UHu6aTln_m7AW33ZSUNsQInFRCxLBF-Lrh7hmx9eOy7btnwriCzZe_cOXcrqHxDOUskVhZsGIFZF2tkLqIMezPmkwtHQlL70CTTDdo7l4n_QIZJZGJGcl2WRVYv6rkaOW4Qv7iVZcgAUu6M3BOq0zLqhHwZHXu5pGY_uObwyzLhfnG-ve-62cHAYV9KmA5-UnoKSyUh16bD-g_dtgDlkZ8TMfpnF-qfW0ZQdvQp3KrBcYCAZBoZGcZi9hzVSFXrx08XrsifWddfRBfyeVTmiH7lAjjSuQYkT72IMh_X9NMyGUCld0zP2X4PJUVk8U7nWgNng-3VHwnob9uYtP3AD2kNLO3ETg7qXeVRHZBUZz9PxnJFve9ZSx-A-pFjAkagCHpHj4h2PzEwNIXMya61bdeIk-gt4vQAkfPWdr5idzFiVzPSt1DIffM-x_IOBByGjy3vS1sLRfWAqk-SJCYY7-pYJlX8WNYrzCmdfLXf2BZmrBrLuPJcYWWXt8UbKjUvIKCDbE0nZ2Ql00qmZ7vDDcvhH7CEfFlyQMaiECvr9CQAauTXuyJC4KRThByX91EoIxgIQ69PvrzlTTS3wRxDToL1bWao-VdXQGnZEiSExx2w-eE_XsvBVp5B-PVuYeOijMURHXVjLaMwKhO3bBOV23jveETplHyIqt28faxcK2vKfiYRT7vvyf1F9s4viKNIaS_v6naykDBmYn8hBn9iL-nReaxRAcCsRunLzE_IY3vBi2MgpTH-WxEL7KjKwIPK-s9PyU8WIdRC2Cf6uoYNiwALUThwnFOwQqycwxuV2KBLavCxA7ghJ3Kp7qYi86ndubyJ4-p9KBuApbUtoAyqc65khiFDiMTh4HLFvN-u3lUsOBpszgezQNokjQ4Y5FrR2q3GW10AEQ5MfhNgLsJMvJzTl76sGQLwcLlYzlOnMO3PpRmuGkrsTa_7F2ODt1QqNfqmrWUaN9hDk3uR8PGupwEEqqRb6Mx3uIu4QkuGdUCHRjhiIng7qWGwDaaXCCcoUQF3xUjdZmx9R6yN5-XDxY-3DjDvtW8ukegZwQqXMiVZuOK7Ypj8td4DuhLVEhW6i6oHS8mrjhOFQ-Hm2GG0AkVD5QJQVHj8v8-e7D_2R-nLLvvPo1CiQwPbTb1GOkGSEi8c3pq757nvt69rVkhTYvArKgsSGaNrIEfU9ePa_fCw3hnfkqBQu6E1Xq1mZbj1YIXvBQ6Dt2pLeN5-2wIDaOtp1CyNdvqSDIgo7takJlDg201yDDkF3_06LcWbs7OQBTbsuYDKRhnE4ZHV4ODh_6zDChj7zBGrRIn5uK70WAoHT14xYVlAVuvESrWwWLbZERdSHMCmv8y9kQ2wap-gFwHqtZH1jQ7zgb0mrW7qiRQd_lO4DVTwxQXKGFiXBPpFV0yaqH5r-6qvoUBMWUeCRIn_38y0hE7DnqU7qD8xBESoBEOpTScxPTtzeH0HAcc2XUPghvgH4XCVM66DHAFvBH4xLRv9Ycmx1LI25QN8-NCIQJVphR5DMLcoJkeatYQb9PQsQfl_fFuA29p7BQMABhSuC1m9mgaLr9WnL_LRgVyngNpZLlFz8gU-ztRjQe5-WOMf4KLXPM3-jXItPymcKqW9KpRtkP4ZADljUQZrpNwnN7C411YSI_hXg8E3gAo6cMgTLH7IizlBEgT1LK8tT6mI5SN59b55SekWuZc7sDAOqr3l4Z_FD5jwEum2jOLHcvBB1OiNW7_3tv5SIO-HCJTHavn_GTN4Wi3XTTMiKbAH2-KBJ3e5LZXhIFexA90KG6Bv0BG9UjVw7-4Zn1aUzG0aTwEnUA5hANixJIXc5dtv6DxzbH-QGd_46IUkzRMAxGpj12DxgOkhb8ejvEBT7ofPhdknrTYJBruCGv4i_xGmeFFteOsApVoQZYNnvulXbAirZyK2O9pqhAqhktjzH-lQoK6yLfoRhtu4h6RlHWZIRO4aktfOPCCIhJAt4zRcFFAkW4KQMlYICbAqPJNNCwb1_tLzKMopEktSm1IYLP4XOoYr-yaq1wgXQ7gsatyBLF2168j0hbnrsEPLxXp6n_KZoz7oc2aZAI0YBF1a4zteDBXhCwjWIj1dfaDYTGNWF90_fiMiRrUFMalsR2eDtCcjhzDNBFOI6gas7y6sEsv1ame8-wQyLyyjTe_8_ZbR93sqMlSrO3cjXvoog5DNZXL6QoOskPwmguLLh-okwCVo3Z5lgfnsmDdP1AoVLtQFNQbmCgQhBdROosXl2684FhMVt0sEbV8PhRAKGkpQ8qXdK7cNIMNkRH9Wt2pwbDTimRRgUgRhcYhvTXEaUFa0RiCrBTVW3EhLzMxWp7pnQjpN4x-lnLfujTnUy-BMP8x722w9DXO-73rGvoP_gEjXrTd4SKnh5rcDBWA-Gd41dj04IoNt8eSitzAh64w4Vul95P1IFqhYxfrPi0vHsnMX5TcQ52VFsb-mgE0uxA_pnDGVUVnkEmeqmQ_0PgQGUz_T4b_1jGi5UDTxAZ7nLf4Pp7dR0oJtY8iy_Xcu47F50237cyD93WUjDwIeVvcTObN65yX0eDf9FgRWqU6UiE5gq5zkWh-nc2zx8qa1RtY4VMWqDMB9DFmQw-FvULZz0-5EsiHwgAFvLhp00S7ZXSFN8zqwiIk2Ka6zHl2gph5MXe1qrg1Zr8nb6575qahU2WeDxQAWgFxdFELvIcaPlY3xvWVsPNAQYcFN1KYnon2DMbbVYovsPnpDNKsFQUijBclb-kcfjNLKpb9sb0Qipv4Giobt6855pKpdHTmtnPl1wiKyCKv2sJlJS3dYdw1Q1uw0VwTLa9KXMWjN9jN-H84S6HI7b4iJzAnSX6Y4azHigWDbwJ1mjfZNFpPddblAXKuHs6nbkoD9ADBTp-QhsWg-IkxqYwmLIEW5340Qfz2wG5nDUW_matFokTGrGtBvD5yBO3Lcj_PEWbSVjgKGb3Obd46gNKEDmNjsqu-mns0AQa75aiIDNRHK7XANMijhOQrpUfW9t5BqDXjVEexUXO8BOhSWuiJ0C4bbYArOb0_7ZvSd0V48qUuKcm9dudHkVsBKjnvc3T-Qg2AbODYbBPeiyT8-CN4wOdI4krWZhrgBJXFKjGMaS46us1K1Xs8qvuZASri46pcwLtW6W_bbTqoSHF2Z3lcK1_vnsjD8q2M_-ZdzT7jHmZEcgLm2I8_TaI4AYzfOdk2jbdrDk9olxf1In3JgCek8dIX3XRgN3bEg2EEph3kpvUGkQNQLiq3qNWHQXH0jJ2ca1uFTfavInm7zt9O3LGVnoEOLQsU59ZGGVA6RYWdhZ7i74QZ7SKfMzdiiuschsyMg0J4lyx-3KOPBQiY6GsFd92Y-qUTjT0Lbp2JYTtBBgohv4YmWJ0Zr2-mNOUOyJhSu5P7WFn61K1ipcK129SGLbJGQXKIbLeztnXNE5hlQo5ILSfm_qQDjJ6o1VUWxAE1-04j-90ed1x80MwP3JgTV3707rfOpa5wO3spayA1x4XM-qQQ56EZ29EYgcW_sab76gGWAzIBYa2_eAMuwZNhEZgulmaOV9DHi_792arNFp9OUanBaX6BjLeLfGINJ5bhzNjU6RWTn0ztKHu1XLGHtFW_n9IT4Qkh8ARnECPpf9VvLtVG5U-V-ixqNWaPo0ur2-r8Aza08ORnsDw18v8GxK2BDxa2MAPhxGmmma6PSVfJUwfF690RLQQyRjOardZcvVGy12aA_bRY4hUBvgr04-eevtChcEHkHQRCTjclTU1m5glw6yzJ-i9ooglc57UnZxTv3bkbf4iZnFcJ-3R5_ojquqmBfOBD0NgQ&cid=CAQSOwBpAlJWbOV7ZXeCUGeePrDjUXd7F2-35GnO5L9d8-jBNdeOue2JS6_e2M4GOPGyaIpxQ3QU2WCIx3BpGAE&vpa=auto&vpmute=1&vconp=2&sdkv=h.3.589.0&osd=2&frm=0&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&us_privacy=1YYN&sdki=445&ptt=20&adk=130015200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.589.0&sid=C46A56DA-E0E6-4D37-A3B2-979EBE316635&a3p=EhsKDDMzYWNyb3NzLmNvbRiMv_nNqTFIAFICCGQSGQoKdWlkYXBpLmNvbRiLv_nNqTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMnE-c2pMUgAUgIIahIcCg1jcndkY250cmwubmV0GIy_-c2pMUgAUgIIZBIZCgpwdWJjaWQub3JnGMnE-c2pMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiMv_nNqTFIAFICCGQSFwoIcnRiaG91c2UYhcL5zakxSABSAghqEhQKBW9wZW54GJzB-c2pMUgAUgIIbw..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797965%2C44800470&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&dlt=1694796503871&idt=2359&dt=1694796509262&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f155.1e100.net

Software

cafe /

Resource Hash

54b7ff8f4951395d3fbb3d680e91b814bb1c7d6fa779823f021547836a936008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18399
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8B9F 33 KB
33 KB 10ms
9ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 214441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 05:14:28 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 93ms
45ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 15 Sep 2023 16:48:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 4D48 0
54 B 31ms
30ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmku2zv3&c=6314144949563&slotId=3157072474781.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797965%2C44800470&vmfc=7&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D48 0
0 110ms
109ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=317396281&message=vl&sdkv=h.3.589.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 108ms
108ms Ping
image/gif 3.215.72.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=B2_wfQgnfwIDfn9h&instance=214492445&version=7.23.0-A&age=230915&cmd=INV&key=dtKKcuXb&c_id=13403&seq=1&order=6&vIndex=0&absoluteTime=5873.2&relativeTime=4128.9&alt=0&sC_ID=4711&sm_id=3000503&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&REF=https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&playerCfg=FP&playerType=FULL
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.72.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-72-221.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:29 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 204 csi
csi.gstatic.com/ Frame 4D48 0
54 B 32ms
32ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lmku2zz8&c=6314144949563&slotId=3157072474781.5&qqid=CKWt__6IrYEDFUcV4AodfA8ObA&gqid=3IoEZYzbL9ClgQeLub2gAg&fb=ima_html5-lima&sdkv=h.3.589.0&ppt=stnvideo%2Fplayer&mrd=4&aab=1&itv=1&faa=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D48 0
0 109ms
108ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=317396281&message=omo&sdkv=h.3.589.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D48 0
0 110ms
109ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=317396281&message=oms&sdkv=h.3.589.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4D48 42 B
443 B 385ms
48ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHMXg3IoEZaXPMceqgAf8nrjgBtGJ2O1yjNDy5bwR6p_coNQBEAEg8ev7RmCVAqAB-6OOhirIAQWpAj6nO7yT5mM-qAMByAMTmAQAqgSvAk_QE_RVb7GozuHZcT77YXrAwmyR6ZHZNynKCNEFESAnm9YYnpxTHtGifveX2tnT_fSGJkBr0OR9fiEFBzGd9I1IKC-7Oc_VAn42Qh7vVI6O4U5AmE8vjP1_QPPWcfx1QG6rOSlJuYZglUPKh7FgSiDnx3lVZRG2cVxmndMsMDlK-2eB3wEZ1jeWaXlnlzRyrWz8yPYX_DN2Hlf20zY_kf887jSfmMZjE9_NOXArxAgZzx2ORYWwMS52wja9crGsdjtzAoSdkBfJgTM-b09N_GYURoHxcYFn_LZir2ghu88B5Bh4U1oIBBrHfALceeZryt_sLJF4h5WaMaAZOL_4D5F171jgSy_J3mpPcTryHgzXhx30_ysN_ble06GGCnYh0T_15pz7c7c0rpnmOuxu5sAEqMq7o9QE4AQDiAXxq4S9TJAGAaAGdoAH-9ve5QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOoAKA8gLAeALAYAMAaoNAkRFyA0BsBPHi9sUyBPhrNbjA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=tii00GBTNLM&label=show_ad&sdkv=h.3.589.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Njg4ODE4MTg0MzBA1wYKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NjQwMjQ3NzMyCTE5Njc0MDYwNkBTUjMI2AcQDyUAAHRCKAE6CzUwOTQxNTU2NS0xQgRHREJNUABaEFFjUjVlMWIxSVNDTmV3bzAYAQ..

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
pubads.g.doubleclick.net/pagead/ Frame 4D48 0
0 63ms
63ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CfCf23IoEZaXPMceqgAf8nrjgBtGJ2O1yjNDy5bwR6p_coNQBEAEg8ev7RmCVAqAB-6OOhirIAQWpAj6nO7yT5mM-qAMBmAQAqgSsAk_QE_RVb7GozuHZcT77YXrAwmyR6ZHZNynKCNEFESAnm9YYnpxTHtGifveX2tnT_fSGJkBr0OR9fiEFBzGd9I1IKC-7Oc_VAn42Qh7vVI6O4U5AmE8vjP1_QPPWcfx1QG6rOSlJuYZglUPKh7FgSiDnx3lVZRG2cVxmndMsMDlK-2eB3wEZ1jeWaXlnlzRyrWz8yPYX_DN2Hlf20zY_kf887jSfmMZjE9_NOXArxAgZzx2ORYWwMS52wja9crGsdjtzAoSdkBfJgTM-b09N_GYURoHxcYFn_LZir2ghu88B5Bh4U1oIBBrHfAKEeCw3wI06HAPeJjHThwQIg1O8tX1MGObYvLmm-mCZeBPqn91xv-poRgYj5UXFJ-U8xM4M_SdRciCyxebGZlL978AEqMq7o9QE4AQDiAXxq4S9TJIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH-9ve5QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDXzgEYjaH08gHSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6gAoDyAsBsBPHi9sUyBPhrNbjA9ATANgTCogUBNgUAdAVAYAXAbIXHgocCAASFHB1Yi02NDczMzM4MTgwMTI1MTMzGLniKOgXBQ&sigh=zzhXLxHLj3g&cmd=Ch1jYS12aWRlby1wdWItOTUwNTgyMzc0Mzk3ODMzNxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ase=2&cid=CAQSOwBpAlJWbOV7ZXeCUGeePrDjUXd7F2-35GnO5L9d8-jBNdeOue2JS6_e2M4GOPGyaIpxQ3QU2WCIx3BpGAE&vt=10&sdkv=h.3.589.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Njg4ODE4MTg0MzBA1wYKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NjQwMjQ3NzMyCTE5Njc0MDYwNkBTUjMI2AcQDyUAAHRCKAE6CzUwOTQxNTU2NS0xQgRHREJNUABaEFFjUjVlMWIxSVNDTmV3bzAYAQ..
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 32ms
31ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lmku2x8y&c=6314144949563&slotId=3157072474781.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

22
r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726332509/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip...
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726332509/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726332509/sparams/acao,ctier,expire,id,ip,ipbits,ita...

4 MB
0

427ms
15ms

Media
video/mp4

74.125.111.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726332509/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/06DC008C35DF6DB5531BD427D3C7C67BB1359DC6.7F3648664042DFA269D17A81FD0304D7F6F12BFF/key/cms1/cms_redirect/yes/mh/qX/mip/176.115.237.89/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1694795852/mv/u/mvi/1/pl/22?cpn=QcR5e1b1ISCNewo0&file=file.mp4

Protocol

HTTP/1.1

Server

74.125.111.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s57-in-f6.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:48:30 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 08 Aug 2023 11:35:04 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-9011108/9011109
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 9011109
Expires: Fri, 15 Sep 2023 16:48:30 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:29 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726332509/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/06DC008C35DF6DB5531BD427D3C7C67BB1359DC6.7F3648664042DFA269D17A81FD0304D7F6F12BFF/key/cms1/cms_redirect/yes/mh/qX/mip/176.115.237.89/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1694795852/mv/u/mvi/1/pl/22?cpn=QcR5e1b1ISCNewo0&file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 669
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D48 0
0 119ms
118ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=317396281&message=ss&sdkv=h.3.589.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D48 0
0 119ms
118ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=317396281&message=oml&sdkv=h.3.589.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1992 42 B
111 B 120ms
119ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwD4ERk7sto5-IVwWDGNb0r20evH8GV9ibDn1C5TQHmxptM03QDSnVtKR43ihutbPmRqihDdApgjvITectgK3kTXQGqmKT2-KODWn-BxvWgghLaBhWoLqaLM-Gg5q6&sig=Cg0ArKJSzLg_QVNMDbP4EAE&id=lidar2&mcvt=1000&p=885,1180,1135,1480&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2240819705&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694796507290&rpt=1127&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4A96 42 B
108 B 117ms
116ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszyBKJvdXAkhFfP4ePHI4KDYTqFeKdbcodkJ-oDIT6vObfN-5a2RnQUNl0AlCRQK0hVokChwhzpDWU9VJ0raPYZIjuLWvnT0mw8gHz3o7h33YGaynkNOLDoWGkBjVS&sig=Cg0ArKJSzDes9py3IVtdEAE&id=lidar2&mcvt=1007&p=615,1180,865,1480&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2240819703&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694796507202&rpt=1172&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5F4D 42 B
108 B 114ms
114ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKAxlQrDDy7TToG9xL_aVA0GNF5w4kkskFnbxgj0kzLOZhpa0y7RpTZ-1syyP4xs0sMBvrZmnrBuIXlxlSqI_31s0sIkK_DJxNLJbA3wS86-ljujzFVxtvqLymVl09&sig=Cg0ArKJSzHDOqptVFH36EAE&id=lidar2&mcvt=1014&p=735,321,825,1048&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3578395192&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694796507032&rpt=1363&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 113ms
113ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309120101&jk=126581214661874&bg=!hYalhsnNAAZQjyUVcI87ADQBe5WfOOXY6_do8G-AT5zqXMb_0qOnQsrdkzKOmbeQh_2igkZJTFgUq2vPOJSr-s1g9Z6-AgAAAsFSAAAAG2gBB5kC7iU-gB9zHadWM88lwdUMdc6cCjbDiR3KPIrfKlLJxrSzm0IImpamogS3ahoCKA46laMOc2RF_6c-0HTNktTrH7xdYmlTx61lzYXXf0pLBTElrLZXbwAEtrE9eqpaBSlNlUmHHemy-I8gxwU8O0i9zA9fArSSui2LMwDqZFBpXR_ilTfCIvXNqqQ2TSe2QR-gWSLNf-AWVDZq5XAfKox2tPInq1-Mr1MJUNo3BhX9VBLvE0Q0nDpySYYHiZTpxl7Cb1I9cX9jZ-4hfC6Gckuxhnbu9zAcFbL9lDzfuwqnMLvCpv7N-Sq-l-ReY_vRzbgh-IjspVkm030qH853VN6LZbASxVGHL_eqfttzA5ynnZ37IAbY58eZPkJliddyZz3Ti9J0NQ9VshlQJ-J7m7U6ELqVfdegUYVq5JdIUrBKmRGf3hO3kLOiVldiADWpxyyyWDKs-0-gKJOFP5Ldb--G2k8o_SdMKGr1x8RP1FJmDVxarin8Rs6w3tWqszHW-qU8JEI2aAySAWp8ojnkXLlYYBHcbIc6rUAx1AUp9s4JBQUOmZXKDbeYUS-RI1xxyur-yzOkWW7jqI0_jH-_jC_YQ4BmfrHSAmag9TYlQVjKWZ3C0_XALLRW4wNf2inLxVuvUFtl2DJIejKnDWdIUE65x3Os2AmgtGIBWG7LIjCwzOet9F8nTZasLmXi2uKspszEUkBEVfHGCCfR_lAr1cifdxTYnE8fPBDltLqxiXYum1wIC3Vatsqt4zfFMbbxFPtZO2PwsUgmOFEKSAIzfL5ZFX3A4HJOoNQv_poPsVZS6xJ8p98ELQ4qLGX8dMCGZwmIZK4KeUjbk30aYgyhPfHkgctE0gjCPaEka5fnGRRX-O6P8RhLDwZfo1t34ThX2GariIByfyj6tdDt7MSJDLAVRzjMDeDzycrShwy9pZMonZie3wRG-x-U6QjLLmJvn0FnIaGFry43FsUGBq_QVp0GtDe_8YS72561OOcdw3MLFQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil07s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4D48 42 B
108 B 67ms
66ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHMXg3IoEZaXPMceqgAf8nrjgBtGJ2O1yjNDy5bwR6p_coNQBEAEg8ev7RmCVAqAB-6OOhirIAQWpAj6nO7yT5mM-qAMByAMTmAQAqgSvAk_QE_RVb7GozuHZcT77YXrAwmyR6ZHZNynKCNEFESAnm9YYnpxTHtGifveX2tnT_fSGJkBr0OR9fiEFBzGd9I1IKC-7Oc_VAn42Qh7vVI6O4U5AmE8vjP1_QPPWcfx1QG6rOSlJuYZglUPKh7FgSiDnx3lVZRG2cVxmndMsMDlK-2eB3wEZ1jeWaXlnlzRyrWz8yPYX_DN2Hlf20zY_kf887jSfmMZjE9_NOXArxAgZzx2ORYWwMS52wja9crGsdjtzAoSdkBfJgTM-b09N_GYURoHxcYFn_LZir2ghu88B5Bh4U1oIBBrHfALceeZryt_sLJF4h5WaMaAZOL_4D5F171jgSy_J3mpPcTryHgzXhx30_ysN_ble06GGCnYh0T_15pz7c7c0rpnmOuxu5sAEqMq7o9QE4AQDiAXxq4S9TJAGAaAGdoAH-9ve5QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOoAKA8gLAeALAYAMAaoNAkRFyA0BsBPHi9sUyBPhrNbjA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=tii00GBTNLM&label=video_ad_loaded&sdkv=h.3.589.0&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Njg4ODE4MTg0MzBA1wZaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KigEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNTY0MDI0NzczMgkxOTY3NDA2MDZAU1IzCNgHEA8lAAB0QigBOgs1MDk0MTU1NjUtMUIER0RCTVAAWhBRY1I1ZTFiMUlTQ05ld28wWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D48 0
0 133ms
132ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=317396281&message=i&sdkv=h.3.589.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 4D48 41 KB
15 KB 24ms
23ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 07:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Sep 2024 07:54:59 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D48 0
0 128ms
128ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=317396281&message=ps&sdkv=h.3.589.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D48 0
58 B 127ms
123ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4D48 0
557 B 178ms
63ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstaYSBYH8fj56S9ccUkkrnUWzzXlmD3pfM-iHR6e-3iFQ_0EstK0RcVRtAwTOlz3itxs6bx9A3f2rM8rXDaZdOOOAvVdkbID2yPxRy0O8uRRskunVTrbFGUC7qpSeJY56Ow5rfF9BI8MBr3VhmMfQzU75pC7d8I2r5gaMQa6x13dAoHG6dFhVG2IQhQRfIp6rBRVLp-XelBVWuThMd-2KQ2LPRh7xFDl0COikMQI9VlC4tGfbmBTK0VXDU4yf0LWoACDR8Jc_wf_T2djbru7Kk6JbSw2GQJwMc3OXX1_gB2-qkdG51VaLDl8wGQzX_qxlr-XWkODNA5DmIovOP7TdBGGSiMC9YV75Tcmj2_IxKRQiDboifcsYELXZNuBuFvxtNWg_qAJFCMHAp-kluVxOHkFpATuUFxQuBPTvIFhUzduc4lSZZHHyFz5i0pvLmpLE5_wJFhZOWfv0vDW_I1xLW4AdVzqZna32F4S-cC9UdpkTCT0KqN-ZtFISgfJ1DE9C1x_uUtysEk2Pc0T8YmLOju7oL5WVNAUhTz1BrS05zcKYPsWnG7UpTANrsSFQQTVHi_jSjFaYbx2cxc9Hljb8Dmkanq6hT1d_eQk9fxFd00wfAQ4mrZ_9dEZOd8ncFm6QsBNzzmMcXM_87BPiBZTlL_cRkbo-BsYjQWgpG1RY37EmuK6sANDQpxTSx1jWR3KALA0g1OKXs48UU996cw7lXty46TLl0sMrNBM5j3jQ05f6X-8nf1-xKdxtmHcqOXxE7hmYvuOqo-ffBwB3fcRfyKRYPLEDNuqQEgWGeTYPwbVQXdD0e8z0rFxyiMp3F16ZVVN73wM9cQBhdTArerx2LdVeX8UHiyg5NQunDOD3XZGGqlBK1RFweMFdrIPq0Gqy__3p4Z-ea9zLD_7dyOM0uM1dkkvFSmTz0S15kkB5Lxbj004BpR7iCgvYiXtgg6OY9H-7If-NdjTp5qxUjQ5dCmKsM2JkxzTIQK4_hGO-2Ud1jAMIjZq2dermHUgfXM6GUTTXxvP-akeTNolkYL5387HYNv-X25yMCJM80fm0BvXtonLVnGARfofcUj5Pt0IwZ5gHpwc3RANmLBlyb9XqFAYNk-VO1CH4PikoOUA2LD67iEA7PsVhxcVzRM_G5yh4PBZtafMkS1uEDnhUqn1XXSm7uQb0OPQuozhHnhOCz7djAwcAi3Fv1WP4TZOSkXAvbUl15EN1z0CM4b_wvRlzm17bNPs99sIt25Wg0Onl2G1Jm4ihsevR2y2bApfOdLKMU42YItf8W66VbKFsH8h5cFCWlky9sxzRTmoDwuApE&sai=AMfl-YS1xqgTKju9pJYhZ6FutPMfjIDPrss7EPvN6RaXIQmpf7cCHVVowtiorri2IRevfoIIGqdotESug2XqMiE3snZBX3uz_O6-zPhLPNMjCGyLbe9HsW4S4Krxv7OdgiiSxb-FwFKjO1uzuLjfT6JodWKih4jeehglRqh0bDjSRFi69kvOVjGtHJw8u3AGBJT6zyPYX5xfwmv739NvTTUqSlLFU-HKhrXGpHpTJA8_xzAlgrJ9hOrjAgKiK0L6IY4DXJZz&sig=Cg0ArKJSzJYmDSPRiMMiEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.589.0&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Sep 2023 16:48:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 4D48 0
0 79ms
74ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOriuECENfEsZUFGI2h9PIBIAEwAQ&v=APEucNUUkNADR6p2ekDPlm0ME2LTauTqtod77cz-5bg74GDwqb52GMoCmJmGvtvDtCm_R4tPdZCeCrhq9tkKNxPnz5OKBxrweA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4D48 42 B
108 B 64ms
60ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHMXg3IoEZaXPMceqgAf8nrjgBtGJ2O1yjNDy5bwR6p_coNQBEAEg8ev7RmCVAqAB-6OOhirIAQWpAj6nO7yT5mM-qAMByAMTmAQAqgSvAk_QE_RVb7GozuHZcT77YXrAwmyR6ZHZNynKCNEFESAnm9YYnpxTHtGifveX2tnT_fSGJkBr0OR9fiEFBzGd9I1IKC-7Oc_VAn42Qh7vVI6O4U5AmE8vjP1_QPPWcfx1QG6rOSlJuYZglUPKh7FgSiDnx3lVZRG2cVxmndMsMDlK-2eB3wEZ1jeWaXlnlzRyrWz8yPYX_DN2Hlf20zY_kf887jSfmMZjE9_NOXArxAgZzx2ORYWwMS52wja9crGsdjtzAoSdkBfJgTM-b09N_GYURoHxcYFn_LZir2ghu88B5Bh4U1oIBBrHfALceeZryt_sLJF4h5WaMaAZOL_4D5F171jgSy_J3mpPcTryHgzXhx30_ysN_ble06GGCnYh0T_15pz7c7c0rpnmOuxu5sAEqMq7o9QE4AQDiAXxq4S9TJAGAaAGdoAH-9ve5QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOoAKA8gLAeALAYAMAaoNAkRFyA0BsBPHi9sUyBPhrNbjA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=tii00GBTNLM&label=vast_creativeview&ad_mt=0&sdkv=h.3.589.0&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Njg4ODE4MTg0MzBA1wZaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNTY0MDI0NzczMgkxOTY3NDA2MDZAU1I2CNgHEA8lAAB0QigBOgs1MDk0MTU1NjUtMUIER0RCTUj8BlAAWhBRY1I1ZTFiMUlTQ05ld28wWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIqYid_4itgQMVBioGAB0C9gKvEAAYACD-i-hdOhoI18SxlQUQqMq7o9QEGOGs1uMDIIzQ8uW8EUITCKWt__6IrYEDFUcV4AodfA8ObA;dc_rmcid=CAQSOwBpAlJWbOV7ZXeCUGeePrDjUXd7F2-35GnO5L9d8-jBNdeOue2JS6_e2M4GOPGyaIpxQ3Q...
ade.googlesyndication.com/ddm/activity/ Frame 4D48 42 B
401 B 131ms
63ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIqYid_4itgQMVBioGAB0C9gKvEAAYACD-i-hdOhoI18SxlQUQqMq7o9QEGOGs1uMDIIzQ8uW8EUITCKWt__6IrYEDFUcV4AodfA8ObA;dc_rmcid=CAQSOwBpAlJWbOV7ZXeCUGeePrDjUXd7F2-35GnO5L9d8-jBNdeOue2JS6_e2M4GOPGyaIpxQ3QU2WCIx3BpGAE;eps=CIDhgHAQARgdMgLrAjoCgEBIvf3BOg;met=1;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4D48 42 B
108 B 64ms
61ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHMXg3IoEZaXPMceqgAf8nrjgBtGJ2O1yjNDy5bwR6p_coNQBEAEg8ev7RmCVAqAB-6OOhirIAQWpAj6nO7yT5mM-qAMByAMTmAQAqgSvAk_QE_RVb7GozuHZcT77YXrAwmyR6ZHZNynKCNEFESAnm9YYnpxTHtGifveX2tnT_fSGJkBr0OR9fiEFBzGd9I1IKC-7Oc_VAn42Qh7vVI6O4U5AmE8vjP1_QPPWcfx1QG6rOSlJuYZglUPKh7FgSiDnx3lVZRG2cVxmndMsMDlK-2eB3wEZ1jeWaXlnlzRyrWz8yPYX_DN2Hlf20zY_kf887jSfmMZjE9_NOXArxAgZzx2ORYWwMS52wja9crGsdjtzAoSdkBfJgTM-b09N_GYURoHxcYFn_LZir2ghu88B5Bh4U1oIBBrHfALceeZryt_sLJF4h5WaMaAZOL_4D5F171jgSy_J3mpPcTryHgzXhx30_ysN_ble06GGCnYh0T_15pz7c7c0rpnmOuxu5sAEqMq7o9QE4AQDiAXxq4S9TJAGAaAGdoAH-9ve5QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOoAKA8gLAeALAYAMAaoNAkRFyA0BsBPHi9sUyBPhrNbjA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=tii00GBTNLM&label=part2viewed&ad_mt=0&sdkv=h.3.589.0&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Njg4ODE4MTg0MzBA1wZaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNTY0MDI0NzczMgkxOTY3NDA2MDZAU1I2CNgHEA8lAAB0QigBOgs1MDk0MTU1NjUtMUIER0RCTUj8BlAAWhBRY1I1ZTFiMUlTQ05ld28wWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIqYid_4itgQMVBioGAB0C9gKvEAAYACD-i-hdOhoI18SxlQUQqMq7o9QEGOGs1uMDIIzQ8uW8EUITCKWt__6IrYEDFUcV4AodfA8ObA;dc_rmcid=CAQSOwBpAlJWbOV7ZXeCUGeePrDjUXd7F2-35GnO5L9d8-jBNdeOue2JS6_e2M4GOPGyaIpxQ3Q...
ade.googlesyndication.com/ddm/activity/ Frame 4D48 42 B
107 B 131ms
64ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4D48 42 B
108 B 63ms
61ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHMXg3IoEZaXPMceqgAf8nrjgBtGJ2O1yjNDy5bwR6p_coNQBEAEg8ev7RmCVAqAB-6OOhirIAQWpAj6nO7yT5mM-qAMByAMTmAQAqgSvAk_QE_RVb7GozuHZcT77YXrAwmyR6ZHZNynKCNEFESAnm9YYnpxTHtGifveX2tnT_fSGJkBr0OR9fiEFBzGd9I1IKC-7Oc_VAn42Qh7vVI6O4U5AmE8vjP1_QPPWcfx1QG6rOSlJuYZglUPKh7FgSiDnx3lVZRG2cVxmndMsMDlK-2eB3wEZ1jeWaXlnlzRyrWz8yPYX_DN2Hlf20zY_kf887jSfmMZjE9_NOXArxAgZzx2ORYWwMS52wja9crGsdjtzAoSdkBfJgTM-b09N_GYURoHxcYFn_LZir2ghu88B5Bh4U1oIBBrHfALceeZryt_sLJF4h5WaMaAZOL_4D5F171jgSy_J3mpPcTryHgzXhx30_ysN_ble06GGCnYh0T_15pz7c7c0rpnmOuxu5sAEqMq7o9QE4AQDiAXxq4S9TJAGAaAGdoAH-9ve5QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOoAKA8gLAeALAYAMAaoNAkRFyA0BsBPHi9sUyBPhrNbjA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=tii00GBTNLM&label=admute&ad_mt=0&sdkv=h.3.589.0&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Njg4ODE4MTg0MzBA1wZaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNTY0MDI0NzczMgkxOTY3NDA2MDZAU1I2CNgHEA8lAAB0QigBOgs1MDk0MTU1NjUtMUIER0RCTUj8BlAAWhBRY1I1ZTFiMUlTQ05ld28wWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 160ms
159ms Ping
image/gif 3.215.72.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=B2_wfQgnfwIDfn9h&instance=214492445&version=7.23.0-A&age=230915&ldt=AD_IMP&key=dtKKcuXb&seq=1&order=7&vIndex=0&absoluteTime=6805.7&relativeTime=5061.4&sm_id=3000503&visiblestatecd=I&soundcd=OFF&adX=true&lineItem=668881818430&adSystem=AdSense/AdX&firstLineItem=668881818430&firstAdSystem=AdSense/AdX&lineItemsGDFP=&adIndex=-1&advertiser=&bidIndex=1&cid=13403&pposition=float&floattype=s&DS=found&adServer=gam&iu=/92056281,55274853/telegraphherald-premium&logAssertiveYield=false&rand=12&rmt=ns
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.72.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-72-221.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:30 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 p
sb.scorecardresearch.com/ Frame B1D7 43 B
301 B 148ms
36ms Image
image/gif 18.66.218.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1694796505668&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=61000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=mid-roll&ns_st_ci=3000503&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1694796510296&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=4627&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&c8=&c9=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.218.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-218-75.mxp63.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:30 GMT
via: 1.1 66a9d30cb1014679858f80448b50159c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MXP63-P2
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: YxZLut-9qIEjP0qgBC5PCU6HZZ9Ps_yiFuPoDwp5Peo8xh3hYVsxPQ==

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 403B 23 KB
8 KB 28ms
28ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 06:00:55 GMT
expires: Sat, 14 Sep 2024 06:00:55 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js Show response
pagead2.googlesyndication.com/bg/ Frame 403B 37 KB
14 KB 25ms
25ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

sffe /

Resource Hash

9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 09:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14603
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 09:37:12 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 403B 0
58 B 137ms
137ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.589.0&bgai=BAh4_3YoEZemlEobUmLAPguyL-AoAAAAAOAHgBAI&bg=!h4SlhMvNAAZQjyUVcI87ADQBe5WfOE7jZB5ugo82-UkvAY190_s4Vi-x2KcubpfxjgsLy5_Cw-AQZRW44jAcA227C0d6AgAAAERSAAAABWgBBwoAJbGwAhLX4byASySUh2XXyhDbGgx9llVUjknhjAjK1-8oAjmqtvWZAxAo6dCEHQ44v3y4DrfUL0W5GtFWY7rqoFniy9Q0OLf6m4ySHg-gif6z2ztnn7hw51V17toj_obsrx3uktPEtm27OlwFZXpt2ZF0L1-mlC3Uulco9lohmn4X3l0FuaWwYLyotCip1svxab38auDRj_Ux7a1HDyejwQA7H6rXmgsRLLayhuimBzfE8_RH6UmZzl6tQGND_TwXmGRMVPQJBw66OwcD3yLGhxkew6F0MXcvJm4MhAu3Sf5aOLukhS3IsujdJyd0ZhKBG3jwtp0KzZYxe2uHe_fqSjkleu3_oB6bmGpPYUhB82Ls1A4x_fB8-7pihXok2lSRV7gs97Sj2T2pT2ftljZ2YOsI5uqq1qQ0O_-xREzkY492FicfsaKcm0s7Xp908IpxpsB5V9mEvXd4SDzV00U6Kd9U3sgWT5sgCzz09qGwSBkZS33Ta3-mfK-AU9M8mV6fTb88iMiJHYtax2NII5Or3IsYV3Y8umMkhCKqExLqwQiV38LDxsvNzEtJqelQsoNnfj_cKfBlB6_h1uAO-prTeAX_Nmz_Bk5OrCZ1V8S8Zg4wWg5VC1isdCdF0MKMq8Q5I034vr96ui1E6T-kkLgnoka-TAJU9swmCD0pJJWt3J1kqqsla8HF-ocNAPVqaNkZSEjTovZULO1s-HXQfGcmCKIJo5-kTEVZfoS4at7HfluRwrrRt9Qx-cdKeHIrRpkEs9SsXfwKkdGrKyWqs_by22B9Ov2aU37n9V1CzMPtU6RHvR0U0UVqnC_XLkI0UjiNeh7rnLVwv3u3SdASLw0KIWEilan3O4nwrgjXzTDAeoF-OTvgy0r8x06S_H-AAH23pFbEBXWjy8cl0cip_nGRSnrufRT3kTXtAoAPNog-aqoTvGx7l6Qa-Q4Rj8x3G7xPOWRX69Pff_yewGyaRtzlgHwEMNiTD0_TwRYpSbJyull9JeZ4WyzCNYLfyWENo_lijM9M8qdFeFR8fb7Y2nyC-3LDKyLSfvzW68r9cRVsOYpgHiqM_GkOis6mRh-RxqjRm5IW-44Mx6xo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 00DB 281 B
554 B 59ms
12ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1YYN
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.telegraphherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 15 Sep 2023 16:48:30 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

POST
H2 200 multimedia.php
events.newsroom.bi/ 12 B
0 15ms
15ms Fetch
application/json 116.202.32.62
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/multimedia.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/764f46ed0012a3900512.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.32.62 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy03.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:48:30 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 00DB 36 KB
11 KB 11ms
11ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1YYN
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f27d2c5f66b94230e004d6c66655d01a1cd15174edb43a04feced5daf4d5315f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1YYN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:48:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Sep 2023 15:37:22 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=82135
Connection: keep-alive
Content-Length: 10521
Expires: Sat, 16 Sep 2023 15:37:25 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 00DB 7 B
797 B 257ms
50ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?us_privacy=1YYN
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 8B9F 0
54 B 32ms
31ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmku2zow&c=1138639531647&slotId=569319765823.5&qqid=CLrh8_2IrYEDFWaW_QcdXBoNXQ&umsem=0&ape=1&ple=1&met.4=vil.lmku30bp~vfl.lmku30cs
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/67d9e921b5f32e3b1de66b84352f195e.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 00DB
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1YYN
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1YYN&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3QUB3xD0Qz6jpThKTEDNqA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3QUB3xD0Qz6jpThKTEDNqA

43 B
479 B

109ms
109ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3QUB3xD0Qz6jpThKTEDNqA

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2023 16:48:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KH4H3HABTY96D07X27F3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3QUB3xD0Qz6jpThKTEDNqA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 00DB
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1YYN
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1YYN&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VuvK8I07QdOlK4l4pS4G8Q&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=VuvK8I07QdOlK4l4pS4G8Q

43 B
479 B

40ms
40ms

Image
image/gif

67.220.228.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=VuvK8I07QdOlK4l4pS4G8Q

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

HTTP/1.1

Server

67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2023 16:48:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: W5EJMEZKEK5EBF08QG3B
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=VuvK8I07QdOlK4l4pS4G8Q
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 00DB 70 B
264 B 35ms
34ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1YYN
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 15 Sep 2023 16:48:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 00DB
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1YYN
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1LVTMxOFktUS00NlBZ&us_privacy=1YYN
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENOzmvlhAsSwK3xEHJolIFo&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1LVTMxOFktUS00NlBZ&google_push=

170 B
232 B

28ms
27ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1LVTMxOFktUS00NlBZ&google_push=

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1LVTMxOFktUS00NlBZ&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 00DB
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&us_privacy=1YYN
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMKU318Y-Q-46PY&us_privacy=1YYN

0
513 B

597ms
204ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMKU318Y-Q-46PY&us_privacy=1YYN
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:31 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7AA36764B6AA41B485085822242F4F4E Ref B: FRAEDGE1407 Ref C: 2023-09-15T16:48:31Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYFaJALbpO9NRYdQoGEzA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMKU318Y-Q-46PY&us_privacy=1YYN
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 00DB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YYN
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDTwo485-GVmHT7TTjt2dBA&google_cver=1

42 B
710 B

53ms
12ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDTwo485-GVmHT7TTjt2dBA&google_cver=1
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDTwo485-GVmHT7TTjt2dBA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 00DB
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YYN
https://pr-bh.ybp.yahoo.com/sync/rubicon/ZJywN5CEefbhMqOuzEEOTg?csrc=&us_privacy=1YYN
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-l6PeBKdE2oLsZE8Jf3IgQGsAhgk6jS7oKTsF1A--~A

42 B
710 B

15ms
14ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-l6PeBKdE2oLsZE8Jf3IgQGsAhgk6jS7oKTsF1A--~A
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 15 Sep 2023 16:48:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-l6PeBKdE2oLsZE8Jf3IgQGsAhgk6jS7oKTsF1A--~A
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 00DB
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YYN
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDVlZDE2YmEwMWY2YWIzODE1Yzc0NjUxN2I3NDkwYjgwOGE0MjA3Nw&us_privacy=1YYN

170 B
243 B

25ms
25ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDVlZDE2YmEwMWY2YWIzODE1Yzc0NjUxN2I3NDkwYjgwOGE0MjA3Nw&us_privacy=1YYN

Requested by

Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDVlZDE2YmEwMWY2YWIzODE1Yzc0NjUxN2I3NDkwYjgwOGE0MjA3Nw&us_privacy=1YYN
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: aca6c52e983509e86b136a052e19be23
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 17ms
16ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je39d0&_p=221444608&cid=1541614084.1694796505&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEIE&sid=1694796505&sct=1&seg=0&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.telegraphherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 multimedia.php
events.newsroom.bi/ 12 B
0 16ms
16ms Fetch
application/json 116.202.32.62
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/multimedia.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/764f46ed0012a3900512.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.32.62 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy03.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:48:35 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 9ms
9ms Script
text/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJWBF3J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 15 Sep 2023 15:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3858
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 15 Sep 2023 17:44:21 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
95 B 14ms
14ms Image
image/gif 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=221444608&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ul=en-us&de=UTF-8&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Time&ea=15s&_u=aCDAAUABAAQCAGAAIAB~&jid=&gjid=&cid=1541614084.1694796505&tid=UA-1002501-1&_gid=585155872.1694796506&gtm=45He39d0n81KJWBF3J&z=1043833607

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:56:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3129
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame B1D7 43 B
297 B 29ms
29ms Image
image/gif 18.66.218.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1694796505668&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10003&ns_st_cl=61000&ns_st_hc=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=mid-roll&ns_st_ci=3000503&ns_st_pt=10003&ns_st_dpt=10003&ns_st_ipt=10003&ns_st_ap=10003&ns_st_dap=10003&ns_st_et=10003&ns_st_det=10003&ns_st_upc=10003&ns_st_dupc=10003&ns_st_iupc=10003&ns_st_upa=10003&ns_st_dupa=10003&ns_st_iupa=10003&ns_st_lpc=10003&ns_st_dlpc=10003&ns_st_lpa=10003&ns_st_dlpa=10003&ns_st_pa=10003&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1694796520299&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&c8=&c9=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.218.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-218-75.mxp63.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:40 GMT
via: 1.1 66a9d30cb1014679858f80448b50159c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MXP63-P2
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: e9a8OY4A2_gjzuuY0r9HsrmuglcQ79Nlhnu4cNoDnbJ8l5Max728Pw==

GET
H2 200 dc_oe=ChMIqYid_4itgQMVBioGAB0C9gKvEAAYACD-i-hdOhoI18SxlQUQqMq7o9QEGOGs1uMDIIzQ8uW8EUITCKWt__6IrYEDFUcV4AodfA8ObA;dc_rmcid=CAQSOwBpAlJWbOV7ZXeCUGeePrDjUXd7F2-35GnO5L9d8-jBNdeOue2JS6_e2M4GOPGyaIpxQ3Q...
ade.googlesyndication.com/ddm/activity/ Frame 4D48 42 B
107 B 47ms
46ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4D48 42 B
108 B 48ms
47ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHMXg3IoEZaXPMceqgAf8nrjgBtGJ2O1yjNDy5bwR6p_coNQBEAEg8ev7RmCVAqAB-6OOhirIAQWpAj6nO7yT5mM-qAMByAMTmAQAqgSvAk_QE_RVb7GozuHZcT77YXrAwmyR6ZHZNynKCNEFESAnm9YYnpxTHtGifveX2tnT_fSGJkBr0OR9fiEFBzGd9I1IKC-7Oc_VAn42Qh7vVI6O4U5AmE8vjP1_QPPWcfx1QG6rOSlJuYZglUPKh7FgSiDnx3lVZRG2cVxmndMsMDlK-2eB3wEZ1jeWaXlnlzRyrWz8yPYX_DN2Hlf20zY_kf887jSfmMZjE9_NOXArxAgZzx2ORYWwMS52wja9crGsdjtzAoSdkBfJgTM-b09N_GYURoHxcYFn_LZir2ghu88B5Bh4U1oIBBrHfALceeZryt_sLJF4h5WaMaAZOL_4D5F171jgSy_J3mpPcTryHgzXhx30_ysN_ble06GGCnYh0T_15pz7c7c0rpnmOuxu5sAEqMq7o9QE4AQDiAXxq4S9TJAGAaAGdoAH-9ve5QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOoAKA8gLAeALAYAMAaoNAkRFyA0BsBPHi9sUyBPhrNbjA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=tii00GBTNLM&label=videoplaytime25&ad_mt=15343&sdkv=h.3.589.0&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Njg4ODE4MTg0MzBA1wZaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNTY0MDI0NzczMgkxOTY3NDA2MDZAU1I2CNgHEA8lAAB0QigBOgs1MDk0MTU1NjUtMUIER0RCTUj8BlAAWhBRY1I1ZTFiMUlTQ05ld28wWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:48:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 100ms
100ms Ping
image/gif 3.215.72.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=B2_wfQgnfwIDfn9h&instance=214492445&version=7.23.0-A&age=230915&ldt=AD_QUARTILE&key=dtKKcuXb&seq=1&order=8&vIndex=0&absoluteTime=22169.7&relativeTime=20425.4&sm_id=3000503&visiblestatecd=I&soundcd=OFF&quartile=1&adIndex=-1&pposition=float&floattype=s&rand=12
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.23.0-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.72.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-72-221.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:45 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 multimedia.php
events.newsroom.bi/ 12 B
0 18ms
18ms Fetch
application/json 116.202.32.62
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/multimedia.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/764f46ed0012a3900512.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.32.62 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy03.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 16:48:45 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

POST
H2 200 ingest.php
events.newsroom.bi/ 2 B
787 B 19ms
19ms Ping
application/json 116.202.32.62
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2738
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.32.62 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy03.cl03.het.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.telegraphherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 15 Sep 2023 16:48:46 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.telegraphherald.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H2 200 p
sb.scorecardresearch.com/ Frame B1D7 43 B
298 B 32ms
32ms Image
image/gif 18.66.218.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1694796505668&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=20004&ns_st_cl=61000&ns_st_hc=2&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=mid-roll&ns_st_ci=3000503&ns_st_pt=20004&ns_st_dpt=20004&ns_st_ipt=10001&ns_st_ap=20004&ns_st_dap=20004&ns_st_et=20004&ns_st_det=20004&ns_st_upc=20004&ns_st_dupc=20004&ns_st_iupc=10001&ns_st_upa=20004&ns_st_dupa=20004&ns_st_iupa=10001&ns_st_lpc=20004&ns_st_dlpc=20004&ns_st_lpa=20004&ns_st_dlpa=20004&ns_st_pa=20004&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1694796530300&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&c8=&c9=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Requested by: Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.218.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-218-75.mxp63.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:48:50 GMT
via: 1.1 66a9d30cb1014679858f80448b50159c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MXP63-P2
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: FzSogcPsmmielpGyh_p8MktoxDrrUFYPadbq3nmnBx8LciN-M8pM2g==

GET
H2 200 collect
www.google-analytics.com/ 35 B
95 B 10ms
10ms Image
image/gif 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=221444608&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&ul=en-us&de=UTF-8&dt=Public%20comment%20sought%20for%20draft%20of%20environmental%20assessment%20of%20Cardinal-Hickory%20Creek%20line%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Time&ea=30s&_u=aCDAAUABAAQCAGAAIAB~&jid=&gjid=&cid=1541614084.1694796505&tid=UA-1002501-1&_gid=585155872.1694796506&gtm=45He39d0n81KJWBF3J&z=76366165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telegraphherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:56:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3144
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg

Domain: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg

Domain: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg

Domain: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg

Domain: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/cwwzxogeiw209j8xppj7t02xoc0fvu0p.jpg

Domain: trends.revcontent.com
URL: https://trends.revcontent.com/sync

Domain: lexicon.33across.com
URL: https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.0.1

Verdicts & Comments Add Verdict or Comment

334 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.telegraphherald.com/	1969-12-31 23:59:59	Name: ___nrbic Value: %7B%22previousVisit%22%3A1694796505%2C%22currentVisitStarted%22%3A1694796505%2C%22sessionId%22%3A%2263ff0385-0def-4c61-8ce7-71b5bbf2071e%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.telegraphherald.com/news/tri-state/article_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html%22%2C%22referrer%22%3A%22%22%7D
.telegraphherald.com/	1970-01-20 19:08:44	Name: ___nrbi Value: %7B%22firstVisit%22%3A1694796505%2C%22userId%22%3A%226540e202-b73b-458b-91ea-446c3db8f30f%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1694796505%2C%22timesVisited%22%3A1%7D
.telegraphherald.com/	1970-01-20 19:08:44	Name: compass_uid Value: 6540e202-b73b-458b-91ea-446c3db8f30f
events.newsroom.bi/	1970-01-20 19:05:48	Name: 2738_u Value: 6540e202-b73b-458b-91ea-446c3db8f30f
events.newsroom.bi/	1970-01-20 15:29:48	Name: 2738_lv Value: null
events.newsroom.bi/	1970-01-20 15:29:48	Name: 2738_ut Value: 0
.telegraphherald.com/	1970-01-21 00:22:36	Name: _ga_1KSYYTLTZT Value: GS1.1.1694796505.1.0.1694796505.60.0.0
www.telegraphherald.com/	1970-01-20 15:29:48	Name: _pbjs_userid_consent_data Value: 3524755945110770
.telegraphherald.com/	1970-01-20 16:56:12	Name: _fbp Value: fb.1.1694796505605.2054226001
.telegraphherald.com/	1970-01-20 23:32:12	Name: ajs_anonymous_id Value: 1cdf4e00-3f74-4d7c-95e3-e0327e5978f4
www.telegraphherald.com/	1970-01-20 23:32:12	Name: usprivacy Value: 1YYN
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: v1Vf4rGYEAs
.youtube.com/	1970-01-20 19:05:48	Name: VISITOR_INFO1_LIVE Value: HlDHM5pLJ0U
.telegraphherald.com/	1970-01-20 23:32:12	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Sep+15+2023+18%3A48%3A26+GMT%2B0200+(Central+European+Summer+Time)&version=202209.1.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_4802ccae-4e6f-11ee-a910-f3fbe99ea3ee.html&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0
.criteo.com/	1970-01-21 00:08:12	Name: uid Value: 42d745d8-31c2-4948-8f9b-0f13fd95f427
.telegraphherald.com/	1970-01-20 14:46:40	Name: AMP_TOKEN Value: %24NOT_FOUND
.telegraphherald.com/	1970-01-21 00:22:36	Name: _ga Value: GA1.2.1541614084.1694796505
.telegraphherald.com/	1970-01-20 14:48:02	Name: _gid Value: GA1.2.585155872.1694796506
.telegraphherald.com/	1970-01-20 14:46:36	Name: _dc_gtm_UA-54716522-7 Value: 1
.telegraphherald.com/	1970-01-20 14:46:36	Name: _gat_UA-1002501-1 Value: 1
.telegraphherald.com/	1970-01-21 00:08:12	Name: cto_bundle Value: VKWfQl9vVklNeCUyRnlQYkdXaUY2OHZzYzR2enFuek5Fb1NNM051cHZacGFzQ2ZGUXhGVHJ3OGdseWtxSVJFdWZ2OUFKeXRXMUY2Y21LR25tbFM5a0tGTk84d3JnRGMySEJ0Ynh2dWxhSlNkU1ZJWEhTWG9KbUVLOFUlMkJiSWxmRmxOUWE0QnRxRUhjMHFudUR2YmNXeWFCMXE3OVA4ZkFBQkJpYWFOdTQySEZrTmx3Ym5rJTNE
www.telegraphherald.com/	1970-01-20 15:08:31	Name: tncms:meter:assets6639bb10-c083-11ea-ae08-af90189f6992 Value: 1
.telegraphherald.com/	1970-01-21 00:08:12	Name: __gads Value: ID=299c925244f13701:T=1694796506:RT=1694796506:S=ALNI_MZKt-3udH3lUWhwuwdVqI3dJLcz-Q
.telegraphherald.com/	1970-01-21 00:08:12	Name: __gpi Value: UID=00000c7622a63337:T=1694796506:RT=1694796506:S=ALNI_MZAqtw8tdqbDxcPRN_1ZPHx14dCyA
.doubleclick.net/	1970-01-21 00:08:12	Name: IDE Value: AHWqTUmS0f2cbUkjqE3eQb4Xx1UoOqrDSRgulVh9YwRlha8kbRMSJZPd-A1MHVCQnAo
.telegraphherald.com/	1970-01-21 00:22:36	Name: _ga_4T2EB147B8 Value: GS1.1.1694796505.1.0.1694796508.57.0.0
.doubleclick.net/	1970-01-20 19:05:48	Name: APC Value: AfxxVi5n3HfmcaDGFFwFiWfN6rSU2UDeeSUrtIHDuoqylRvOGUJdcA
.googleadservices.com/	1970-01-20 16:56:12	Name: ar_debug Value: 1
.rubiconproject.com/	1970-01-20 23:32:12	Name: khaos Value: LMKU318Y-Q-46PY
.amazon-adsystem.com/	1970-01-21 00:22:36	Name: ad-privacy Value: 0
.yahoo.com/	1970-01-20 23:32:34	Name: A3 Value: d=AQABBN-KBGUCEGgfo5W6HBjgILEX42PaeVAFEgEBAQHcBWUOZQAAAAAA_eMAAA&S=AQAAAtULXRTUcEmHVWT-7w1C-WY
.linkedin.com/	1970-01-20 23:32:12	Name: bcookie Value: "v=2&2aa4573c-0e58-4cc3-808c-f0089f95ce16"
.linkedin.com/	1970-01-20 14:48:02	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2591:u=1:x=1:i=1694796511:t=1694882911:v=2:sig=AQG1NVVd_zjm-GNH3YlPNn8l_HV4wcf4"
.amazon-adsystem.com/	1970-01-20 19:33:10	Name: ad-id Value: Azf8enUYNkGGnDEesO4kIHI
.rubiconproject.com/	1970-01-20 23:32:12	Name: audit Value: 1\|wT+cxJtwe/nkcC2eAUQeG9UFZL4wort1CHrz6sxWclUGDllMyl7eRUucMkQwFvtikYbaNQS4t1siZ07GJqnMnkAB1LOiaydkvspVenLgrno4pZ+1N4jAynC6OAgUVOsf
events.newsroom.bi/	1969-12-31 23:59:59	Name: 2738_s Value: 63ff0385-0def-4c61-8ce7-71b5bbf2071e

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
security	warning	URL: https://tagan.adlightning.com/townnews/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/townnews/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/townnews/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/townnews/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/townnews/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/townnews/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3eeb9168ff5988529557f5162bfb67cc.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ade.googlesyndication.com
ads.pubmatic.com
ampcid.google.com
ampcid.google.de
api.rlcdn.com
api.secondstreetapp.com
api.segment.io
assets.revcontent.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
bloximages.newyork1.vip.townnews.com
buttons-config.sharethis.com
c.amazon-adsystem.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.cookielaw.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.revcontent.com
cdn.segment.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
compassdata.mrf.io
config.aps.amazon-adsystem.com
connect.facebook.net
csi.gstatic.com
d29xw9s9x32j3w.cloudfront.net
embed.secondstreetapp.com
embed.sendtonews.com
embedcdn.sendtonews.com
eus.rubiconproject.com
events.newsroom.bi
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.sv.rkdms.com
id5-sync.com
images.revcontent.com
imasdk.googleapis.com
img.revcontent.com
invstatic101.creativecdn.com
js-sec.indexww.com
l.sharethis.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
media.revcontent.com
oa.openxcdn.net
pagead2.googlesyndication.com
pixel.rubiconproject.com
platform-api.sharethis.com
player.sendtonews.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
px.ads.linkedin.com
r1---sn-4g5edn6k.c.2mdn.net
region1.analytics.google.com
rr2---sn-4g5edndd.googlevideo.com
s.amazon-adsystem.com
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
sdk.mrf.io
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tagan.adlightning.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trends.revcontent.com
www.accessdubuque.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.telegraphherald.com
www.youtube.com
yeet.revcontent.com
d29xw9s9x32j3w.cloudfront.net
lexicon.33across.com
trends.revcontent.com
104.16.133.24
104.16.86.20
104.17.25.14
104.18.131.236
104.18.32.137
104.18.35.167
104.18.38.76
104.18.39.155
104.22.52.86
108.138.189.25
108.138.199.63
108.156.2.3
108.156.28.96
108.157.177.7
108.177.15.155
116.202.32.62
13.107.42.14
142.250.181.227
142.250.185.129
142.250.185.164
142.250.185.194
142.250.185.206
142.250.185.66
142.250.185.70
142.250.185.78
142.250.185.98
142.250.186.110
142.250.186.130
142.250.186.161
142.250.186.40
142.250.186.66
142.250.186.97
142.250.74.195
151.139.128.10
157.240.201.15
157.240.252.35
162.19.138.119
162.19.138.83
172.217.133.167
172.217.16.130
172.217.16.131
172.217.18.106
172.67.159.162
178.250.1.3
178.250.7.13
18.172.153.124
18.195.246.49
18.238.243.129
18.66.127.127
18.66.202.223
18.66.218.75
18.66.97.25
184.175.83.79
185.64.189.112
192.104.183.109
2.20.217.188
216.239.32.3
216.239.34.36
216.58.206.34
216.58.206.42
216.58.206.46
216.58.212.162
23.32.184.192
3.160.212.72
3.215.72.221
3.65.41.111
34.102.146.192
34.120.133.55
34.223.74.168
34.241.2.182
34.96.70.87
35.71.131.137
37.252.171.53
46.228.174.115
50.16.31.29
52.209.147.201
52.46.155.104
52.85.242.83
54.197.229.45
54.76.57.143
67.220.228.201
69.173.144.137
69.173.144.139
69.173.144.165
74.125.111.134
95.101.149.233
99.86.159.40
99.86.8.175
01549885139728f060cdd5891523659dcb934c9ddc7154bedf6bb195a4cd211c
029b26f8121f14889b98ac012ec687039b9c5f3091e8245490eb8732f805e3ca
02f8c15ba65b0ae9db6f957d28f9ae1adbc048090cca772bec7301451a8c1dfd
03aa80580b402aebc5e486b943a2da82ee76790993dfffc4f4a421592e2d6f57
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e9e2a54730b14b0b1428035793a435b80908dff97d12041475db03626b050b
076f281a9257ad662f34badb12393195fdca0dc2fde9acd1f1628b9674a96aee
07a170a7411835031a08ba9a8499c88b73eb0e9ca71729ad3bdcfce3c4332242
07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8
09430f3620f6c275e8b1549a197d320593921568230a827421e64ad31c2b9041
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
098febc0d0ea7ff5edd7991f8ea8db5997c8f2ca32bbeb0ab2da5b28f0c96c35
0ab8ad22c008c1739653ca8c35b9e0e3074e70e09f73716466a0d981a6352255
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbb877b10c6b6a071b0eb507bbf5ed6dcf6ad2702cb430686ef963eb997580b
0dd308451bee19575d3290900c85b33f8efbff5775de1515ffdfcc93553f0c84
0e53c57c02bc1893290ace288f875fb7f24ecd07008077da5e9751f51040907e
0f84986cd37501551e51910f93ed011a5a0ca71eadd20b3618796212a89023fc
10d01d46df72e3d570ac99162113615d68fc823381fd319aa61e136fb255829d
12bf21c79afd1b745b995feab05907b5a6dd4c6e0c6bf081e6a062fd7159874f
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
175cc2540ec2a4d8c4c883c174a65020447d152c96220b0347f1ec6c56ac308e
1856d9b5b6bab37b309b28fe14f3de828d2997daa7e80b31da276ff234c3a8f6
197d57973f476d5a90adbeb556aa75d0dd3b0de064773b87e9ac4315858a03a7
1cc0575bd745d49db9c22623993c7f06871ee1c0448209faf503609602f4b193
1cf9bd27d7d28a116c0c9f21e939dded96c4d0e8417c67c1deca041378db21f3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
200d2ad791858632f23e69eb768c5dd5bb8686158b5350c21f6237fc295b73ea
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2b511d3f44c895e063c6aa0f6829d2809af3ee9ec13ddc514ea8d1e6d9fecece
2e22d2b0c82ef8e52f4b8efab90fe97ce91f7bfc71ef520009000b43a7aedaf5
2e85bef6daad2a4e58352f93881c671a125dbad6b1a787cf7afd31e28b97d278
30a97e877e58e281f6311f0e2d8d503ad4d4aa36ec36b08776fa9dfc7a45b668
30e4d1e0f46d3af24c1b100040fa413fd22cc1e0260bbc63017f6fbd69fa7eb5
313f39f8b90f51fd04e2708370e21674be8444df480db62d87382f85ad4e77cf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4
3328bd9037407076ea9796475ce6b141b3123ebaaedbc56efdc43ee07cd43dc1
33939bb9d827d73e58f184dd1b06e5024b34d62373bd41ce2aea6058d62aa902
33d27a2237dd1e05c016cffdd6e7f19af210d5ab0f278a1090d0c342ee151a69
34fc4e7529fac73aeaa0c93e5d6c40dcf6dc896aa0df459fac69542fb8a2a547
35faab1d07b33795967a3a1ba80cb5f15a6986b031ae84cefc3a4338076c5b8d
3663e7471d7fff9b357d199e9cfdd2127aebb6ae050ffa83a23e1f171db5adf7
37b564138a8c782c7ef7f804054712a1bb75a63677dca0e6e186b82102aebb93
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
389f438844f7135c2be70a4a9f6654443a8c76482f1f0fbbea73b903c0d5cfad
38a8c69764cb608dd9ab1a715c2bcc582d8ffdf33ea486a8926234bf68d5733c
39b00afc50e6cf61ad42574c148855b12530cd34c4f7a5765d91e4e5d94fa270
39d6835ee4b7c5b33295b8e6ca78c56ce6fbcf44d80e79d218d528a2453fb185
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b4434a3d73ceb29679d423243d4a9bc611bef2798347d3a8245257a400799f9
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403b2909c28a9ec15859414656330bb266efccf0a660631faa249fe3945c2971
41cecaa038154ac137aec8f90bb941a0dc641e6a661c0aebbb330b0213e23229
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
4369dba0d40345e88549c3e75afc75ab9b2b7eae4c5723f926d5910e9d87de87
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448e1a4179ffa476609ed1e8909867082486239c06fb2e277f7843e3269d427b
4502a3093838e13382b726c462761c6f8d75ace126ecccebc1f051f0beb3a11c
4530108a7846e31d33b46c776fcd52a54aa52c879577dee1cd75dbae68dc0585
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a96fa4f8b7be243cc0f92c4f877dfc84490eac8cba15ef27bbd4a1ae79c221
47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549
485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4d950bcf10ea02125f7e203a9d96b3589a74558d66b33171845e4fa3d0a18d25
4ddd83effd6074abee838166695da6463438ba68e7956bbfa4d1ccf58b6a40c8
4f9957eeadbfde6ae44641d8d31c1ac89c347426bc02b4a6b03100c2e76e0554
50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a
50fbe9616388df1e7a91f703afacdbffeab1ff64df2838ac53527dbf265889a2
514010fa6b11f61340616503c07fc5c2e4951163e6dc26cc2b4a33c229cc38d9
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5480b146acd3834e1ae343058731a655cb7d708e01727c910052e645b98ece3b
54b7ff8f4951395d3fbb3d680e91b814bb1c7d6fa779823f021547836a936008
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5829a4bb2db7aa971395872851eae5fb07ce0196772c09fa9fd1576f5852b0df
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
589749731f4b75a4303d26b1e17dee3ad4685a12123a13255a8c6debd33b7fba
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08
5a8637ad045df67e5f877ca96c133ef97633ddd5eb99f22f27de7f11ec8853d1
5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd
5c01b4ea39d41a159cae309e742b5cd4dcbfb24d99456a6ab3822f426120f765
5c4a23a217e269ad2451e4668ad319a23ad3c70ec0d3d84a43d3a2564f0d3287
5d7009e670cd9d02c099149b89663d102d1e4ef22d661ac0d85a28ace6c5d780
5e601d8d6f7a7e9ea77b0779587ac065677343a89df058a6638129e9b0f1ebdd
6124aae08ac375883ddc4cfe0b6502e6855da0d6f8213003aae315fa749a0e58
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62864dfc09682e01eedffa6de15991cab27064828cb39a1831059ab9a7bb735b
62fa775e491874d7e0eb6dc4293d4920d156c6d04eb9d2cbc62519115822ae44
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
633eaa5a97424418b0e0484f905744c4077492749d7c0c0dd2acc890267068f6
6348e8233c5667225c0983e99a6dd951d0b1691700dcc68ca0ff5db3e6647a3a
64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66a96f40edf674bec2e02e2f466a5c6f86ea97e857450831400bf74a799b64e0
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
676e0e6f7bc86b4026194972a4fc3545fcc8d907734ca93f4ca3de4d9e85483b
68cf129e93209a063b51097aa1b40c2a4149ba79a99f7e6d4d485623fe535b9f
6aa2b1d1d1ee8541c2b2c169b34728afb06a08ca39e5f2d5a4ed145636440eec
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6b69de612111c26b096a1f30502688185e5bd0fcb1681c9fd7a9a1b89fa9d82e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f3218520fb3b459db9dc11e59edcf65c53625e8df7e82a095d32f06fa83522d
6f4b09010b9b5b4a9f54313fe0c378c8d86bf79e9b4181d4b354dfc9a7d43cd5
7047164794eabb4ef86b71eafcad7b03c9e1aadbb2ee1010335e0912780320e1
71cdf373da799dc5fa4cb4f31dc6146449a049692ab75e893531944c82c36373
71f8a4b9e9bcfa836f956ca781c230632f86510b33ae8887042db3ee349c9dba
72d1bebed6bdd58b3e10eb56bc062975a68b86e703266974228b2f2c31c0f1eb
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73b0f4997b2773213ec1a214c972a996a8e62b6aa24633a0ed4c9cc1f3613c50
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e
75a0730c134ecd15420801c19ff32782d9f4f98ff16fcf8de33467c2ce3f2f6b
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7a5058aa7e0090827fb2c2e9816c697909bc88d06cf6f8191e6333e053a16ce6
7d14d434794d4b7d3ec2cd2a97263773a8dd35b8da5302fe99d3dfb604c6fb91
7e29e7a53319f0f692a359d1dd23f412bebb653718dd3a9435ff2d12081b8cef
7f72abe30ee329d2267b4d235447ff3c2898132237ba8e0c6e18f5b1a8978b9f
7f84a292e0721d3de1fed900349151e455ca5a03561747a4d58088693729efa5
7fd7424a4c35368a1f74b59332c21ad08e4570bf827d921c0af2dda5cec60bfd
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82c6ab8263236632fff5b7a8ddb50041c22dd7694ef5d583faed34e484aaaed2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d284fd936c9436c0cb859f6122a2dbd49e32b6482608e8f7b55560d6419780
859aad130388e06a010aef6544f2388f59645b4ffeeb580665615256884390cd
866258ed4fb10a76634dc36a39641c59f865581add83d5816c5461a2a06f5d20
870028f088733265a28509511a09579ac83710b15ab1141ac8a58fe625cb2eb8
883aa8eae3e60fb3293982ea005b7d0825faf153e68b7495fc6fe5893c38cb8c
88d4f98d1321828d2c59ac968166e5a356ba6e08ded73cad6b38fe5e2bd25260
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f1cfc02cb95103ce088d49e98ba6dfa4eaadb10fe50939f8b0cbca742a0802f
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
90d7ddb12d6b58867d1a7d87b765d74c4d3c16ce6974bb9b2c9989c6bf189861
90e730b1fa0b9e32904fe429040d0be24a9f4dd191bdf1f74e5d39aa9e96cde2
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
949707c119839bdedeeeb963c8badded3ad424efac94952ebdf30b85236708b5
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
955becd6590ca9099279669e95771cf8d4d519ff8643dc8c398b6daaba6061a8
95ad6a3c2d11d5a3c188ad7c06cb4cac712934b9302197cbfb0a1869a18d0b21
9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611
984b54f3d2d37cacbde9efbb1648d9614ff074d41de453b3303ef3e70a3986a5
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9ace690dc67b01e40a5cbccb6f2948cd1af206c0273cf259a4c31715d45f1d87
9bfb4a2c4f974120f57a48cc57f7937f8045abe2bfb1f78b6683dab126091464
9ea746bcaeb49d78462db0b0740de88e2f00bf5f492e14e65a5e811b45ee0220
9fb252a7b0f03225554f0781925db4039148977f4731567d3d161a7b2f8bac64
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a0bb12bc1cb0dd34d2c3db06e0e376e55d14453983513e9670973e39ea2b7f65
a14b740347514174b708ced6cc32d93df8b221477bcb8e596a56fbc996194c54
a1877b0614160be67154a711c4e67bc314c75bd78f1bb83415512beffbd4e3fe
a19ac37c1c0f4c355f2cafaada2424ee1d901d7c79cb9d54cf8760f0c21a1ab3
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a1e3f3b50a2a88fcc561ea1dbebc36fe2c976581389b1fbf0952d8889ed35858
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b
a2d0d3fdc1c807ba04b6a66564b4db6c0a1d997cc3b655e60f9ae294c5668225
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a59df0e9bd45c2897db8be1409882ef4ebb7508ed14cd742c75160e5256f845e
a6519b2e757cd863fa5d0fd7476b99cd8983f6b34cda36b65b0ef6791b9bd60c
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a99ab7cb2c846dc63dc21c00c8eab1f9bbae618ef4a3b2b648a86d9855f80b2f
aa05997ea2c6a549852ad57323ba29ddf9cc361a636871be8fe52617d1b2cd7c
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
aacede08eec2bdcf96fbd7e1d841798a95df694ae2a9975e151c4d4abde9c880
ada9d82a1291abeb8fe95fb82359767ce8d18b87553c624d3049368e93d28c92
af6bea70dc94c86467e3682e344566a3f7097d677b5329fe22fd41abb9a443bd
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b33206bcdd3dc06f5d13265b61a6afc0b61a09b366c9f7b84b7a869274dd2654
b398ca5776a86c9873f15b54b0e4f51a30b844915c2286630072d2410f4ced00
b4455371fc3773f5c1738b4aabd050eeb99bfb4c6278698a5e6f2fa3b99ebf43
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b953780d2801d207ae094b2a6bbee94399af2043eb8e473a6c89fdbb87a06ccd
ba005884302c65983e86c49afd2e6bf0d3ca60166c861ee2888d716ceed13e02
ba17fd09032a40f1560ed2f3e82a3e587208b5c3d7d4bb290be556ec9dfe25b1
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc1009104ffcf20bdd8170964316315eb915d2d565aebc9d8f21b8b8f8e94150
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
c1f33558d1045531b408a422d50e71ad01b0b33984d74d6a3a06d97e4cfd3d81
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4f4a1449fff0e667a601b7c2a9a4e3dbe306903c3047b9d21b2f6a7b05ca2e5
c5bf9da61f9d4956b20577fe79038e5bd6dd8db076059155b18d8f4f2f8d6b34
c66013cda2311853afac3fb10ca1e7bec5f583d26cfd6eaf8a2a87a610072d05
c6c2dadf2519b1a53072c243e563a27c55d28d46c8777856983f16b542d42b0f
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb9c4209cb9614d749efa807c0f454fc51136f7d5914ca629945cadad984edf7
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
ce4b865cf3629aa782468de4e0c9aa7dbd539d654d90c4779613f11d55a13d2e
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
d06b0e662cfd11cf87c4c75d9a1c22bb7f710d0d1b9c6d5dfc099e52672a4246
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d116056b634cc079be08b15db6c5b9170cce422c939726aa39e629d2dddc73d7
d25b6f68b62ccf7af555bfafedb3d5a4764a5563ca6f13f5492593bc42091555
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2d5da788f85f6c7606a2ce6b73ffdc5bbae4f1c94718b3682e614317a97ed0d
d34178fd2e5a63ee1aeada7c11ef3f65639935fee58ba0eafa99b2b1dbd67ee3
d5040a141549518c773b0d75420b0d4d316b26c029e4c94946d60d5d3afac7cf
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d6f235c0ae26135f22383f4adf497677205319471b09ee53ab9d8b2b4a364fc7
d7133c07da0d7df5ae3d5fe3ff8a67982a5af918e7ec147af765f1ba7e14b641
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
d94edd219d965011aa7c423435675f8fc3aba340d1d2a45840c88592b922dbf2
d98b03ac0c492d064f025a3071c62dc2cc700810479f0d70f4e40ff5d64f02b7
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dcf66f5ef082d7fd5259bc85352f7ce595fa2bf76fd51c2aec0ff6cb91db43c0
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e00c6ac4a08618cf6652f6f85a79aded49f44a64575a8e69672ef752b8c435dc
e06c1b5835373a277ddc9b512293612f0cd5cb5cd876ee5fa3ef7833c91f6864
e102f8fcda630190f1eaccad78339089dbdc4de850ac6bca7bd057db23d36e94
e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f50b0cae939f3b13520a85641d2e719dbe122ec0108f1cd19f061e056911e8
e6f9679b4a3f1b11233b36ccc9728ee7db25cffd51542ce046c82f1f368a6740
e87afb07bae07c473cd2c18190936b19be8925b8f47e94ff7cb8f477c3c9ffbc
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ecadd5e05e21cee2f29ac9136fc2dfa15269b78b8be566bae9f08a061f3422e5
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef19548345bd5acaadbc0b60bf299c0696e5f3c9706495818cf5532470711fce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef363fc8d14e4cdfc401792ea044108d84aa709594566611808f8e5aa0779c4c
ef545107e05d08ac455ec0a3b36290ef3d3a5e7b49d2ed8f5f1499398b58fc43
f09d2dd80be1f71530c872e2af69548c999924bb300f8b2bb0d416354d42d396
f180d76be4fe3072f5c29b64ac56aa850f4ee0bfc2fcfe33541f918cd2801ad4
f2153bde5c6d6551519feebc9ee20ad074dc4ed6baa1f0d483792fc03a7c24dd
f27d2c5f66b94230e004d6c66655d01a1cd15174edb43a04feced5daf4d5315f
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38
f5069584ce49d3443299d9a275b0924a94f054ec25dabfcbc2118d2425dda672
f6a8e74bed77ce6685a87979a1a6fa75deac0194b365e9958361124cd8b88cf1
f9d8875c6c82fc0adee6bdb05aeadcda161b2736b33a730bc0034bf4877036f4
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fc5c9d805c7cc14cbb1c2e1b3d9c7714e97176a0634ca2542a721aa6f87a350e
fee9e8c68485f6334a60c758a03334f4b943623c777be24aa58b42429fcb565d

www.telegraphherald.com Open in urlscan Pro 192.104.183.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

375 Requests

95 %HTTPS

0 %IPv6

58 Domains

99 Subdomains

87 IPs

8 Countries

6645 kBTransfer

20234 kBSize

36 Cookies

53 Outgoing links

Redirected requests

375 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.telegraphherald.com Open in urlscan Pro
192.104.183.109 Public Scan

Screenshot
Live screenshot

Full Image

375
Requests

95 %
HTTPS

0 %
IPv6

58
Domains

99
Subdomains

87
IPs

8
Countries

6645 kB
Transfer

20234 kB
Size

36
Cookies

375 HTTP transactions
10 data transactions