herald-review.com Open in urlscan Pro
192.104.182.209 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://herald-review.com/
Submission: On November 29 via manual (November 29th 2024, 11:36:14 am UTC) from DE — Scanned from DE

Summary HTTP 77 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 77 HTTP transactions. The main IP is 192.104.182.209, located in United States and belongs to LEE-ASN, US. The main domain is herald-review.com.
TLS certificate: Issued by WR1 on October 16th 2024. Valid for: 3 months.

This is the only time herald-review.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	192.104.182.209 192.104.182.209	10668 (LEE-ASN) (LEE-ASN)
41	104.16.132.24 104.16.132.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223c:3c00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.3.93 108.138.3.93	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
3	18.66.147.119 18.66.147.119	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:ce00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.66.102.27 18.66.102.27	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.136 142.250.185.136	15169 (GOOGLE) (GOOGLE)
77	12

13 192.104.182.209 (United States) 1 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.us-midwest-1.vip.tn-cloud.net

herald-review.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:3c00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.3.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-93.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-119.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:ce00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.102.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-27.fra56.r.cloudfront.net

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	townnews.com bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 26052	1 MB
13	herald-review.com 1 redirects herald-review.com	99 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	629 KB
5	osano.com cmp.osano.com — Cisco Umbrella Rank: 5209	129 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2835	116 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	185 KB
2	gstatic.com www.gstatic.com	12 KB
1	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 347	85 KB
77	8

	Domain	Requested by
41	bloximages.chicago2.vip.townnews.com	herald-review.com bloximages.chicago2.vip.townnews.com
13	herald-review.com	1 redirects herald-review.com
6	www.googletagmanager.com	herald-review.com cmp.osano.com
5	cmp.osano.com	herald-review.com cmp.osano.com
3	tagan.adlightning.com	herald-review.com cmp.osano.com
2	securepubads.g.doubleclick.net	cmp.osano.com
2	www.gstatic.com	herald-review.com
1	c.amazon-adsystem.com	herald-review.com
77	8

This site contains links to these domains. Also see Links.

Domain
subscriberservices.lee.net
herald-review.obituaries.com
www.stringr.com
www.publicnoticeillinois.com
www.google.com
lee.net
bloxcms.com
bloxdigital.com

Subject Issuer	Validity	Valid
herald-review.com WR1	`2024-10-16` - `2025-01-14`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1	`2024-03-12` - `2025-04-12`	a year	crt.sh
*.osano.com Amazon RSA 2048 M02	`2024-09-17` - `2025-10-16`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M03	`2024-11-19` - `2025-12-18`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M02	`2024-07-30` - `2025-08-27`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://herald-review.com/
Frame ID: B3888E84DF07DBE921830216529BB439
Requests: 71 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 3A51B624293AA34A462EE53C27263BDA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Herald & Review | Breaking News | Read Decatur, IL and Illinois breaking news. Get latest news, events and information on Illinois sports, weather, entertainment and lifestyles.

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

77
Requests

92 %
HTTPS

27 %
IPv6

8
Domains

8
Subdomains

12
IPs

3
Countries

2447 kB
Transfer

6419 kB
Size

1
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://subscriberservices.lee.net/subscriberservices/Content/paymentpagesingle.aspx?Domain=herald-review.com&SubscriberLevel=DOP&Return=https%3A%2F%2Fherald-review.com%2F#tracking-source=header&ir=true
Title: Subscribe $1 for 3 months

Search URL Search Domain Scan URL

URL: https://herald-review.obituaries.com/?utm_campaign=consumerdirect&utm_source=lee&utm_medium=np_s&utm_content=herald-review
Title: Share a story

Search URL Search Domain Scan URL

URL: https://www.stringr.com/xl8qBvjUDG_
Title: Share video

Search URL Search Domain Scan URL

URL: https://www.publicnoticeillinois.com/search.aspx?paperid=390
Title: Public Notice

Search URL Search Domain Scan URL

URL: https://subscriberservices.lee.net/subscriberservices/Content/PaymentPagePromo.aspx?Domain=herald-review.com
Title: Gift Subscription

Search URL Search Domain Scan URL

URL: https://subscriberservices.lee.net/subscriberservices/Content/AccountStatus.aspx?Domain=herald-review.com
Title: My Subscription

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//1173%20FURLONG%20DR.%2BLibertyville%2BIL%2B60048
Title: 1173 FURLONG DR., Libertyville, IL 60048

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//1204%20GARFIELD%20AVE%2BCharleston%2BIL%2B61920
Title: 1204 GARFIELD AVE, Charleston, IL 61920

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//107%20S.%20MAIN%2BEUREKA%2BIL%2B61530
Title: 107 S. MAIN, EUREKA, IL 61530

Search URL Search Domain Scan URL

URL: http://lee.net/careers/opportunities/?utm_source=newspaper&utm_medium=blox&utm_campaign=workhere
Title: Work here

Search URL Search Domain Scan URL

URL: https://lee.net/advertise/tos/
Title: Advertising Terms of Use

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://bloxdigital.com/
Title: bloxdigital.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://herald-review.com/tncms/csrf/token/ HTTP 302
https://herald-review.com/_services/v1/client_captcha/challenge?request=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE3MzI4ODA0NjgsImlhdCI6MTczMjg4MDE2OCwicmVkaXJlY3QiOiIvdG5jbXMvY3NyZi90b2tlbi8iLCJzZXJ2aWNlIjoiX2xiX3JhdGVfZm9yZWlnbiIsInNpdGUiOiJoZXJhbGQtcmV2aWV3LmNvbSJ9.ROYJdUhgLCFf1q4Ae5ZRn-S8zgZMMOImRtXVtrzw0qw

77 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
herald-review.com/ 434 KB
56 KB 768ms
280ms Document
text/html 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.182.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.us-midwest-1.vip.tn-cloud.net

Software

Resource Hash

da9979426639576f9c4b85f3852dda82906618676ce654d33ce2dd8c25f3b774

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 9999
cache-control: public, max-age=10
content-encoding: gzip
content-length: 54943
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 29 Nov 2024 08:49:27 GMT
etag: W/6348a37f1dc096fff36255b8483f44a1
last-modified: Fri, 29 Nov 2024 08:49:27 GMT
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.0758030105fdd3a70dff03f4da4530e2.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.83.3; app4; 0.46s; 5.9M
x-ua-compatible: IE=edge
x-vcache: HIT
x-xrds-location: https://herald-review.com/tncms/xrds/
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
38 KB 152ms
77ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"60e609f2-1882c"
age: 16544
expires: Thu, 13 Mar 2025 15:39:09 GMT
date: Fri, 29 Nov 2024 11:36:07 GMT
content-type: application/x-javascript
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c597a66e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38456
server: cloudflare

GET
H2 200 user.js Show response
herald-review.com/shared-content/art/tncms/user/ 4 KB
2 KB 141ms
140ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://herald-review.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: 8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"67462159-ee3"
age: 8
accept-ranges: bytes
content-length: 1658
date: Fri, 29 Nov 2024 11:35:59 GMT
last-modified: Tue, 26 Nov 2024 19:28:25 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
13 KB 154ms
78ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5d726a23-9bd8"
age: 16544
expires: Thu, 13 Mar 2025 16:52:07 GMT
date: Fri, 29 Nov 2024 11:36:07 GMT
content-type: application/x-javascript
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c597a64e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12719
server: cloudflare

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 33 KB
14 KB 149ms
73ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66316805-841f"
age: 16544
expires: Fri, 16 May 2025 22:41:17 GMT
date: Fri, 29 Nov 2024 11:36:07 GMT
content-type: application/x-javascript
last-modified: Tue, 30 Apr 2024 21:52:05 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c597a62e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14189
server: cloudflare

GET
H2 200 tnt.ee95c0b6f1daceb31bf5ef84353968c6.js Show response
bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 11 KB
4 KB 148ms
73ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"654cfaf0-2d77"
age: 2934924
expires: Wed, 27 Nov 2024 07:36:23 GMT
date: Fri, 29 Nov 2024 11:36:07 GMT
content-type: application/x-javascript
last-modified: Thu, 09 Nov 2023 15:29:52 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c597a60e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4260
server: cloudflare

GET
H2 200 application.0758030105fdd3a70dff03f4da4530e2.js Show response
bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 153ms
78ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.0758030105fdd3a70dff03f4da4530e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f4049e8923ddb3b759697aebae3d69181b42fa677abba4d875f4a1ba7beff89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6707d183-1166"
age: 2934924
expires: Wed, 15 Oct 2025 19:01:12 GMT
date: Fri, 29 Nov 2024 11:36:07 GMT
content-type: application/x-javascript
last-modified: Thu, 10 Oct 2024 13:07:15 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c597a71e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1636
server: cloudflare

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
1 KB 152ms
77ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"667d97d2-9b8"
age: 2934924
expires: Mon, 30 Jun 2025 02:49:38 GMT
date: Fri, 29 Nov 2024 11:36:07 GMT
content-type: application/x-javascript
last-modified: Thu, 27 Jun 2024 16:48:18 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c597a6fe504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 910
server: cloudflare

GET
H2 200 bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
21 KB 118ms
45ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66920-1ac2e"
age: 16544
expires: Thu, 13 Mar 2025 19:25:44 GMT
date: Fri, 29 Nov 2024 11:36:07 GMT
content-type: text/css
last-modified: Wed, 21 Feb 2024 21:20:32 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5949bce504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21439
server: cloudflare

GET
H2 200 layout.4f2008879f13ddd758050a76c1e8672c.css
bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 155 KB
34 KB 118ms
44ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.4f2008879f13ddd758050a76c1e8672c.css

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

252904bb838e1fb52a44c23792b4f5395783fae0ce1e9fa1d02f307c7657d1b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f1b7c5-26de1"
age: 847441
expires: Wed, 01 Oct 2025 19:01:40 GMT
date: Fri, 29 Nov 2024 11:36:07 GMT
content-type: text/css
last-modified: Mon, 23 Sep 2024 18:47:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5959cce504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34470
server: cloudflare

GET
H2 200 lee.ds.css
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ 98 KB
20 KB 116ms
43ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1732694447

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

962f88b62b18780a0b6cf19d5d529db54986db8635f6db5d778a5f3b76a6e78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6746d1af-187ab"
age: 171047
expires: Thu, 27 Nov 2025 08:06:52 GMT
date: Fri, 29 Nov 2024 11:36:07 GMT
content-type: text/css
last-modified: Wed, 27 Nov 2024 08:00:47 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5959c8e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20739
server: cloudflare

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 115ms
42ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66925-183e"
age: 2934924
expires: Thu, 13 Mar 2025 18:00:17 GMT
date: Fri, 29 Nov 2024 11:36:07 GMT
content-type: text/css
last-modified: Wed, 21 Feb 2024 21:20:37 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5959c6e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1979
server: cloudflare

GET
H2 200 owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 5 KB
2 KB 215ms
142ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b93740066fadbde00a03ff560765bd25b8e9ca74f7774a4633f61ce44b332991

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66925-12c4"
expires: Thu, 13 Mar 2025 15:40:12 GMT
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: text/css
last-modified: Wed, 21 Feb 2024 21:20:37 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5949c2e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1376
server: cloudflare

GET
H2 200 osano.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 426 KB
91 KB 151ms
55ms Script
application/javascript 2600:9000:223c:3c00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:3c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

22df440276ff65997f69631be302f9a7f9385225b82a5b2ad1ae1818ba7cb019

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

content-encoding: br
etag: "0ca2090488ecdcb36890cce853a22c25"
age: 13630
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: atKgCBrWg9rlgz9Y6Qs8LZKlalsGe5sVvxJ9LTbeW53MA667z3fIaA==
date: Fri, 29 Nov 2024 07:48:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 11 Nov 2024 20:14:44 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
content-length: 92656
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P2
server: CloudFront

GET
H2 200 csrf.js Show response
herald-review.com/shared-content/art/tncms/api/ 940 B
762 B 141ms
134ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://herald-review.com/shared-content/art/tncms/api/csrf.js
Requested by: Host: herald-review.com
URL: https://herald-review.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: 9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://herald-review.com
Referer: https://herald-review.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"67462159-3ac"
age: 52
accept-ranges: bytes
content-length: 537
date: Fri, 29 Nov 2024 11:35:15 GMT
last-modified: Tue, 26 Nov 2024 19:28:25 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 access.3e0b8030b6000aa9a609.js Show response
herald-review.com/shared-content/art/tncms/api/ 71 KB
29 KB 152ms
145ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://herald-review.com/shared-content/art/tncms/api/access.3e0b8030b6000aa9a609.js
Requested by: Host: herald-review.com
URL: https://herald-review.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://herald-review.com
Referer: https://herald-review.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"67214290-11c3d"
age: 8
accept-ranges: bytes
content-length: 29787
date: Fri, 29 Nov 2024 11:35:59 GMT
last-modified: Tue, 29 Oct 2024 20:16:16 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 345 KB
85 KB 136ms
45ms Script
application/javascript 108.138.3.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: herald-review.com
URL: https://herald-review.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"f4218dbb17ff2c3421282ef9135e5375"
age: 2384
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront), 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: RQNO9f1XeO9iN7sIluEzxs4NpWoYMyn85swpBFHaaQ8sZYhWtBiSPQ==
date: Fri, 29 Nov 2024 10:56:24 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 22:51:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
x-amz-server-side-encryption: AES256

GET
H2 200 herald-review.com.v2.js Show response
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/ 1 KB
644 B 238ms
166ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/herald-review.com.v2.js?_dc=1732870167

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32edfb918f921761c1f10afd387a65a977d9550d494979588c6f28b60ebbdecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: MISS
etag: W/"674958af-471"
expires: Sat, 29 Nov 2025 11:36:07 GMT
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: application/x-javascript
last-modified: Fri, 29 Nov 2024 06:01:19 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5959d3e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 512
server: cloudflare

GET
H2 200 owl.carousel.50dc41fa734414148ce4b489fd904c5f.js Show response
bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 41 KB
13 KB 226ms
154ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/owl.carousel.50dc41fa734414148ce4b489fd904c5f.js

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3386bb5a79ff2284d6557313c0ddd06b0a64b9bfb6daf9631aaf6d2343d219cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66923-a55f"
expires: Thu, 13 Mar 2025 15:40:12 GMT
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:35 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5959d0e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12674
server: cloudflare

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
2 KB 41ms
41ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f1b7c1-dbe"
age: 16545
expires: Thu, 02 Oct 2025 04:38:51 GMT
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: application/x-javascript
last-modified: Mon, 23 Sep 2024 18:47:29 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5b29a6e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1322
server: cloudflare

GET
H2 200 tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js Show response
bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
2 KB 39ms
37ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66e19e2d-1baf"
age: 2934924
expires: Sat, 27 Sep 2025 00:05:55 GMT
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: application/x-javascript
last-modified: Wed, 11 Sep 2024 13:42:05 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5b5a87e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2388
server: cloudflare

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 93ms
40ms Script
text/javascript 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

content-encoding: gzip
age: 158011
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 15:42:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 15:42:37 GMT
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3945
x-xss-protection: 0
server: sffe

GET
H3 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
8 KB 96ms
44ms Script
text/javascript 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

content-encoding: gzip
age: 177233
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 10:22:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 10:22:15 GMT
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8653
x-xss-protection: 0
server: sffe

GET
H2 200 messaging662.js Show response
herald-review.com/shared-content/art/tncms/api/ 2 KB
1 KB 145ms
143ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://herald-review.com/shared-content/art/tncms/api/messaging662.js
Requested by: Host: herald-review.com
URL: https://herald-review.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: fe9d3c399cfab2beae377ccb7ebd0e90cc65bd98aa0172e82e21e4cdb57ef597

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"67462159-9ce"
age: 261
accept-ranges: bytes
content-length: 891
date: Fri, 29 Nov 2024 11:31:47 GMT
last-modified: Tue, 26 Nov 2024 19:28:25 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 207 B
322 B 144ms
73ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66924-cf"
age: 16544
expires: Thu, 13 Mar 2025 16:55:27 GMT
date: Fri, 29 Nov 2024 11:36:07 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:36 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5959cde504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 176
server: cloudflare

GET
H2 200 tracking.js Show response
herald-review.com/shared-content/art/tncms/ 3 KB
1 KB 152ms
146ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://herald-review.com/shared-content/art/tncms/tracking.js
Requested by: Host: herald-review.com
URL: https://herald-review.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"67462159-a3a"
age: 61
accept-ranges: bytes
content-length: 1157
date: Fri, 29 Nov 2024 11:35:06 GMT
last-modified: Tue, 26 Nov 2024 19:28:25 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 prebid9.18.0.js Show response
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 254 KB
98 KB 176ms
104ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/prebid9.18.0.js?_dc=1732608048

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f62065769ce7d8df88cc0d6357889ac8b8aef08d565d2773cfaf2a10e45c129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"67458030-3f75c"
age: 214929
expires: Wed, 26 Nov 2025 08:05:57 GMT
date: Fri, 29 Nov 2024 11:36:07 GMT
content-type: application/x-javascript
last-modified: Tue, 26 Nov 2024 08:00:48 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c597a6ce504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 100156
server: cloudflare

GET
H2 200 lee.common.js Show response
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ 11 KB
4 KB 148ms
76ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/lee.common.js?_dc=1732694447

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffead3e4f6561930d9686d5c69e2e146b59fedf602473117e42a80d3571ede95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6746d1af-2c45"
age: 171047
expires: Thu, 27 Nov 2025 09:16:53 GMT
date: Fri, 29 Nov 2024 11:36:07 GMT
content-type: application/x-javascript
last-modified: Wed, 27 Nov 2024 08:00:47 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c597a6ae504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3556
server: cloudflare

GET
H2 200 fontawesome.48f6e778a25162f5c4a6977fb556155b.js Show response
bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 277 KB
115 KB 44ms
43ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.48f6e778a25162f5c4a6977fb556155b.js

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66e19e2e-45518"
age: 2934924
expires: Wed, 17 Sep 2025 19:01:14 GMT
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: application/x-javascript
last-modified: Wed, 11 Sep 2024 13:42:06 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5b5a8ce504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 117608
server: cloudflare

GET
H2 200 tracker.js Show response
herald-review.com/shared-content/art/stats/common/ 9 KB
3 KB 181ms
175ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://herald-review.com/shared-content/art/stats/common/tracker.js
Requested by: Host: herald-review.com
URL: https://herald-review.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"66f6f794-2200"
age: 2
accept-ranges: bytes
content-length: 3224
date: Fri, 29 Nov 2024 11:36:05 GMT
last-modified: Fri, 27 Sep 2024 18:21:08 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 af541b54-adec-11eb-896b-5781f6341fff.png
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/custom/image/ 4 KB
4 KB 61ms
60ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/custom/image/af541b54-adec-11eb-896b-5781f6341fff.png

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cfc765ed991babc7bb638e9a20071e4a5857eea307a03224d7916b3e3f0280d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "60931473-1157"
age: 2934923
cf-cache-status: HIT
expires: Wed, 22 Oct 2025 22:00:45 GMT
cf-polished: origFmt=png, origSize=4439
date: Fri, 29 Nov 2024 11:36:07 GMT
content-type: image/webp
content-disposition: inline; filename="af541b54-adec-11eb-896b-5781f6341fff.webp"
vary: Accept
last-modified: Wed, 05 May 2021 21:56:03 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c599adbe504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3946
server: cloudflare

GET
H2 200 user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ 978 B
1 KB 49ms
48ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "551dba72-e1a"
age: 2934922
cf-cache-status: HIT
expires: Thu, 23 Oct 2025 17:29:46 GMT
cf-polished: origFmt=png, origSize=3610
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: image/webp
content-disposition: inline; filename="user_no_avatar.webp"
vary: Accept
last-modified: Thu, 02 Apr 2015 21:53:54 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5b5a8fe504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 978
server: cloudflare

GET
H2 200 newsplus_white.png
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 4 KB
4 KB 59ms
58ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/newsplus_white.png?_dc=1732694447

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55c986d4797a19819c545e7ab2874ec5a1f68f19a54885b770a7344924fb7379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "6746d1af-2106"
age: 171043
cf-cache-status: HIT
expires: Thu, 27 Nov 2025 08:06:19 GMT
cf-polished: origFmt=png, origSize=8454
date: Fri, 29 Nov 2024 11:36:07 GMT
content-type: image/webp
content-disposition: inline; filename="newsplus_white.webp"
vary: Accept
last-modified: Wed, 27 Nov 2024 08:00:47 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c599ae0e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4248
server: cloudflare

GET
H2 200 logo-tagline.png
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 5 KB
5 KB 41ms
39ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/logo-tagline.png?_dc=1732694447

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "6746d1af-2ac5"
age: 16545
cf-cache-status: HIT
expires: Thu, 27 Nov 2025 18:35:12 GMT
cf-polished: origFmt=png, origSize=10949
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: image/webp
content-disposition: inline; filename="logo-tagline.webp"
vary: Accept
last-modified: Wed, 27 Nov 2024 08:00:47 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5a0cd3e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5302
server: cloudflare

GET
H2 200 op.js Show response
tagan.adlightning.com/leeenterprises/ 14 KB
7 KB 148ms
43ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/op.js
Requested by: Host: herald-review.com
URL: https://herald-review.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad20b4f7eaa1022aa64a533fc871f9331b3a19409f2171b0d1d8a17fc800dec0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

content-encoding: gzip
x-amz-version-id: TKX9nGoyT7JV2F5T0B6_fkTFbV5.JKON
etag: "9e3244ac1fa6904ba6ab7efe6e923bf8"
age: 3571
x-cache: Hit from cloudfront
x-amz-cf-id: _YOCexZRFSWt_LIzPG4MofIDDJWYMwTHWQMjnn1pQXQaIaY07t5FDg==
date: Fri, 29 Nov 2024 10:36:38 GMT
content-type: application/javascript
vary: accept-encoding
last-modified: Fri, 29 Nov 2024 06:32:12 GMT
cache-control: max-age=3600
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 6589
x-amz-meta-git_commit: bde0e05
x-amz-cf-pop: FRA60-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 herald-review.com.js Show response
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/ 3 KB
793 B 50ms
50ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/herald-review.com.js?_dc=1732608048

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06a9faa31bdcd1ab6350960d12a3fa342621a37e78b5e75442b8a60bfcec8311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"67458030-d34"
age: 214928
expires: Wed, 26 Nov 2025 08:05:57 GMT
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: application/x-javascript
last-modified: Tue, 26 Nov 2024 08:00:48 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5a5e2ee504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 704
server: cloudflare

GET
H2 200 dfp.lazy.ozone.js Show response
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 20 KB
6 KB 45ms
45ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/dfp.lazy.ozone.js?_dc=1732608048

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a270d213a735654c6d43d3fd0233118be60a0afef18ff34b965c075ecdbcf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"67458030-50a7"
age: 214928
expires: Wed, 26 Nov 2025 08:05:57 GMT
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: application/x-javascript
last-modified: Tue, 26 Nov 2024 08:00:48 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5b29a1e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5578
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 226 KB
78 KB 141ms
50ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5818fd4b5c718395b7f55d4a2729c698f4d9ae33d179d3e790a7c4d285101951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 29 Nov 2024 11:36:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 29 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 79642
x-xss-protection: 0
server: Google Tag Manager

GET 05cedbd4-6f19-40d9-80e8-f22fd6977f66
https://herald-review.com/ Frame 0
0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 109 KB
33 KB 148ms
57ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

c911441bbf7d25f2e02f97b08263a534966fe7f7ba3e4a3e864846abfabda70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

content-encoding: br
etag: 287 / 20056 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 11:36:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33812
x-xss-protection: 0
server: cafe

GET
H2 200 tracker.gif
herald-review.com/shared-content/art/stats/common/ 0
145 B 140ms
140ms Image
image/gif 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://herald-review.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1732880168229808016001200189485582023&tnms_dt=Herald%20%26%20Review%20%7C%20Breaking%20News%20%7C%20Read%20Decatur%2C%20IL%20and%20Illinois%20breaking%20news.%20Get%20latest%20news%2C%20events%20and%20information%20on%20Illinois%20sports%2C%20weather%2C%20entertainment%20and%20lifestyles.&tnms_upage=1&tnms_do=herald-review.com&tnms_uri=/&tnms_ref=&rt=1732880168230
Requested by: Host: herald-review.com
URL: https://herald-review.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-vcache: MISS
cache-control: no-cache, no-store
etag: "48f79fed-0"
age: 0
accept-ranges: bytes
content-length: 0
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: image/gif
last-modified: Thu, 16 Oct 2008 20:11:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 592 KB
154 KB 188ms
134ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d75ce141962487f9422ffac48c3e31323c46eaf1a3a337402f8229ce67409e7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 29 Nov 2024 11:36:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 29 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 157222
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 holiday-banner-2024.png
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 31 KB
31 KB 50ms
50ms Image
image/png 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/holiday-banner-2024.png?_dc=1

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca6656379867d22fd89b1ce0f37825452ad98e50ff3b0493ac94fa9aa8c76da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "6746d1af-fe9f"
age: 16545
cf-cache-status: HIT
expires: Thu, 27 Nov 2025 08:04:46 GMT
cf-polished: origSize=65183, status=webp_bigger
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: image/png
last-modified: Wed, 27 Nov 2024 08:00:47 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5b9b72e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31607
server: cloudflare

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 serif-ds.woff2
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 26 KB
26 KB 106ms
39ms Font
application/font-woff2 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/serif-ds.woff2

Requested by

Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1732694447

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://herald-review.com
Referer: https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1732694447

Response headers

x-robots-tag: noarchive
cf-cache-status: HIT
etag: "65fd2c9c-6634"
age: 2934923
expires: Mon, 24 Mar 2025 05:30:44 GMT
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: application/font-woff2
last-modified: Fri, 22 Mar 2024 07:00:44 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5c5adfe52b-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26164
server: cloudflare

GET
H2 200 b-bde0e05-a31c1d91.js Show response
tagan.adlightning.com/leeenterprises/ 73 KB
27 KB 48ms
47ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-bde0e05-a31c1d91.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cae430a258ffde47a171258a1656d9c05d184bb95be9a89e331c6e6a50276117

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

content-encoding: gzip
etag: "5c6b86c4d2321f349148adf02b0546d4"
x-amz-version-id: rbp0uFbJnECSpK.o.xqEX.XBrh5lX2ZH
age: 1971623
x-cache: Hit from cloudfront
x-amz-cf-id: W8wx-R4BTdaWDLji4qd7_MdbZAJcS21CjGnkJU9qu4V1o3FR4ohoDw==
date: Wed, 06 Nov 2024 15:55:46 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 15:55:09 GMT
cache-control: max-age=31536000
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 27274
x-amz-meta-git_commit: bde0e05
x-amz-cf-pop: FRA60-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 bl-d40ceed-f75d1ea5.js Show response
tagan.adlightning.com/leeenterprises/ 228 KB
82 KB 41ms
41ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/bl-d40ceed-f75d1ea5.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e45726f29afe3cf2fd206b1cf701091da4d5a6bd0452211df80bbfc0291d3887

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

content-encoding: gzip
etag: "3f175abdddb9668a4b303a9d2d93a96c"
x-amz-version-id: nHLVAKEi3fSmqYl4dlshtNWhotCFTnD1
age: 18030
x-cache: Hit from cloudfront
x-amz-cf-id: 7hOVMHryNmix537yvP6OFa177Iq6ehsWazQanfwBaav5Rd53gEZCXQ==
date: Fri, 29 Nov 2024 06:35:39 GMT
content-type: application/javascript
last-modified: Fri, 29 Nov 2024 06:32:00 GMT
cache-control: max-age=31536000
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 83605
x-amz-meta-git_commit: d40ceed
x-amz-cf-pop: FRA60-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 /
cmp.osano.com/ Frame 3A51 0
0 122ms
41ms Document
text/html 2600:9000:223c:ce00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:ce00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://herald-review.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 30114
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Fri, 29 Nov 2024 03:14:15 GMT
etag: W/"a0cbc82c3c7bce3b368e2118b3cb29d3"
last-modified: Mon, 19 Aug 2024 22:15:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: accept-encoding Origin
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-id: EcMJrTk8sJfrB55e6dQR1zJZM84skjm5qTsiU4ivdio4gZb89ooSmQ==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: IV.sz0dqhMjQD06H4vRdCjcmpoMDLZ8n
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H3 200 de.json
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ Frame 0
0 371ms
326ms Preflight 18.66.102.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.102.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-27.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://herald-review.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 29 Nov 2024 11:36:09 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
x-amz-cf-id: pTPkcmqFZJnALJQ0TincVe3rp42ZwW8hppVxTPgS2fahT_nYVNWWGQ==
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 osano-ui.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 101 KB
26 KB 43ms
42ms Script
application/javascript 2600:9000:223c:3c00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano-ui.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:3c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

48af5d9ed16d117848118b9945ee5383025d8c9d0e1437037267f54a5f8bb5c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

content-encoding: br
x-amz-version-id: IyWvuliR.6Rhu.7zxAgG9pUuvcL02h36
etag: W/"9e767e1f14dbe8559610a67f76ae4cd2"
age: 25323
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: dWGHwmg2W_1wkh_ZSmQTCctsRfsyNCev_Kvew4BV0yJzGbo9GjOqXw==
date: Fri, 29 Nov 2024 04:35:11 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Mon, 11 Nov 2024 20:14:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=86400, no-transform, public
referrer-policy: strict-origin-when-cross-origin
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 de.json Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 35 KB
11 KB 48ms
48ms XHR
application/json 18.66.102.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/de.json

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.102.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-27.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4c6f22d4825c1840fafaaaa15167e1cc2239f734ea73f60885b7b10635fbb598

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://herald-review.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

access-control-expose-headers: *
content-encoding: br
x-amz-version-id: mVYwpPsTzIiqf2FWin1SKEJXfGsRcTw.
etag: W/"fb63007425642594f63868fb87ab3810"
age: 20775
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ItFCj07arLp9xWR9CDsZtF9vJ6UySDCAhoG_F0mtpqWYxIZILd8-Wg==
date: Fri, 29 Nov 2024 05:49:54 GMT
content-type: application/json
vary: accept-encoding
last-modified: Mon, 11 Nov 2024 20:14:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=86400, no-transform, public
referrer-policy: strict-origin-when-cross-origin
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2

200

challenge Show response
herald-review.com/_services/v1/client_captcha/
Redirect Chain

https://herald-review.com/tncms/csrf/token/
https://herald-review.com/_services/v1/client_captcha/challenge?request=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE3MzI4ODA0NjgsImlhdCI6MTczMjg4MDE2OCwicmVkaXJlY3QiOiIvdG5jbXMvY3NyZi90b2tlbi8i...

3 KB
3 KB

141ms
141ms

Fetch
text/html

192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://herald-review.com/_services/v1/client_captcha/challenge?request=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE3MzI4ODA0NjgsImlhdCI6MTczMjg4MDE2OCwicmVkaXJlY3QiOiIvdG5jbXMvY3NyZi90b2tlbi8iLCJzZXJ2aWNlIjoiX2xiX3JhdGVfZm9yZWlnbiIsInNpdGUiOiJoZXJhbGQtcmV2aWV3LmNvbSJ9.ROYJdUhgLCFf1q4Ae5ZRn-S8zgZMMOImRtXVtrzw0qw
Requested by: Host: herald-review.com
URL: https://herald-review.com/
Protocol: H2
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: 20950ad7a08740975a61a92def1a42146143e61a8e957bb7c08013224999330d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

cache-control: no-cache
content-length: 3169
date: Fri, 29 Nov 2024 11:36:08 GMT
age: 0
content-type: text/html; charset=utf-8

Redirect headers

cache-control: no-cache, no-store
location: /_services/v1/client_captcha/challenge?request=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE3MzI4ODA0NjgsImlhdCI6MTczMjg4MDE2OCwicmVkaXJlY3QiOiIvdG5jbXMvY3NyZi90b2tlbi8iLCJzZXJ2aWNlIjoiX2xiX3JhdGVfZm9yZWlnbiIsInNpdGUiOiJoZXJhbGQtcmV2aWV3LmNvbSJ9.ROYJdUhgLCFf1q4Ae5ZRn-S8zgZMMOImRtXVtrzw0qw
content-length: 17
date: Fri, 29 Nov 2024 11:36:08 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 492 KB
152 KB 40ms
40ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 8305
x-content-type-options: nosniff
expires: Sat, 29 Nov 2025 09:17:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 29 Nov 2024 09:17:43 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H2 200 6748caafea945.preview.png
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/5/ca/5caf5d68-ace5-11ef-9a82-f370d1888d77/ 408 KB
409 KB 146ms
144ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/5/ca/5caf5d68-ace5-11ef-9a82-f370d1888d77/6748caafea945.preview.png?crop=910%2C512%2C9%2C35&resize=750%2C422&order=crop%2Cresize

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d19ce24e43dbc4da87d0053d134e94cabe14499bde737a772bd9114d08b6c7fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "12b985850731c2a145d0872a12ad6e56"
cf-cache-status: HIT
expires: Fri, 28 Nov 2025 20:02:59 GMT
cf-polished: origFmt=png, origSize=605740
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: image/webp
content-disposition: inline; filename="6748caafea945.webp"
vary: Accept
last-modified: Thu, 28 Nov 2024 19:55:32 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5cf935e504-TXL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 6748a106776c4.preview.jpg
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/4/e2/4e2fcac6-ada2-11ef-8b66-679558748dbf/ 16 KB
16 KB 155ms
153ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/4/e2/4e2fcac6-ada2-11ef-8b66-679558748dbf/6748a106776c4.preview.jpg?crop=1662%2C935%2C0%2C156&resize=300%2C169&order=crop%2Cresize

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79080e9534649e0ed69cc51aac65aae753255edc8453b990beccc21986e94557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "e307d0dc9543e8c8cbbdb577127f8b31"
cf-cache-status: HIT
expires: Fri, 28 Nov 2025 18:37:40 GMT
cf-polished: degrade=85, origSize=16354, status=webp_bigger
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 16:57:43 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5cf938e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16134
server: cloudflare

GET
H2 200 6748819bee9dc.preview.jpg
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/1/c3/1c3b7798-ad95-11ef-8148-5b47eca2673c/ 8 KB
8 KB 147ms
145ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/1/c3/1c3b7798-ad95-11ef-8148-5b47eca2673c/6748819bee9dc.preview.jpg?crop=1120%2C630%2C39%2C0&resize=300%2C169&order=crop%2Cresize

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da2fc5239ad006563bc50fc490316a72826b549000d0be2ae3c852e6ecbc9e26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "847b3842e9bc06f1a16d560fd7d1e9f8"
cf-cache-status: HIT
expires: Fri, 28 Nov 2025 15:03:51 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=8800
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: image/webp
content-disposition: inline; filename="6748819bee9dc.webp"
vary: Accept
last-modified: Thu, 28 Nov 2024 14:43:41 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5cf93ce504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8048
server: cloudflare

GET
H2 200 674603538f225.preview.jpg
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/2/51/251d1c64-ac18-11ef-b729-9f7c3d26f9e3/ 9 KB
9 KB 144ms
142ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/2/51/251d1c64-ac18-11ef-b729-9f7c3d26f9e3/674603538f225.preview.jpg?crop=300%2C169%2C0%2C65&resize=300%2C169&order=crop%2Cresize

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b95a2600cd05cde77a15cd3356017581d00d67d8ef4859b9e9201f70e80b66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "4e912a067ae88c4deede200b957c6ebf"
cf-cache-status: HIT
expires: Fri, 28 Nov 2025 15:03:50 GMT
cf-polished: origSize=10105, status=webp_bigger
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: image/jpeg
last-modified: Tue, 26 Nov 2024 17:20:22 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5cf93fe504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9277
server: cloudflare

GET
H2 200 674793295a691.preview.jpg
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/e/65/e65f8602-acf2-11ef-8bdd-4be4ff51e6b8/ 17 KB
17 KB 144ms
143ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/e/65/e65f8602-acf2-11ef-8bdd-4be4ff51e6b8/674793295a691.preview.jpg?crop=1821%2C1024%2C0%2C56&resize=300%2C169&order=crop%2Cresize

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d10065df5d2ccccede7da78e1ce0506fd927435ed9c47dc8259a13240854f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "5216b43cd2f325bb665b538285bbf76b"
cf-cache-status: HIT
expires: Fri, 28 Nov 2025 14:02:12 GMT
cf-polished: degrade=85, origSize=20425, status=webp_bigger
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 21:46:20 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5cf942e504-TXL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 6748784d6b3fb.preview.jpg
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/7/ea/7ea20c88-4c47-5b3b-b878-36c1a9e114ad/ 4 KB
4 KB 162ms
161ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/7/ea/7ea20c88-4c47-5b3b-b878-36c1a9e114ad/6748784d6b3fb.preview.jpg?crop=1069%2C601%2C7%2C174&resize=300%2C169&order=crop%2Cresize

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35aa59a38a522a657bb0c9cae201d694f799615b3c073ff93c302dacc6d46d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "8eb483e9b52417815cd4fd4c6e92f320"
cf-cache-status: HIT
expires: Fri, 28 Nov 2025 14:08:27 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=5424
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: image/webp
content-disposition: inline; filename="6748784d6b3fb.webp"
vary: Accept
last-modified: Thu, 28 Nov 2024 14:04:01 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5cf943e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3994
server: cloudflare

GET
H2 200 67476410ddbdc.preview.jpg
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/a/24/a24d80b0-aceb-11ef-99bf-03f181f99b66/ 9 KB
9 KB 147ms
147ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/a/24/a24d80b0-aceb-11ef-99bf-03f181f99b66/67476410ddbdc.preview.jpg?crop=1906%2C1072%2C13%2C0&resize=300%2C169&order=crop%2Cresize

Requested by

Host: herald-review.com
URL: https://herald-review.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f0552840fe49bb7db23266c2c192ffcb6be83ee974e64cd82980475c42b741f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "0893207fa747602bef5548389246f37e"
cf-cache-status: HIT
expires: Thu, 27 Nov 2025 19:03:21 GMT
cf-polished: origSize=10072, status=webp_bigger
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 18:25:21 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5cf945e504-TXL
access-control-allow-origin: *
server: cloudflare

GET e3009c73-9c5d-49a6-bbf7-c22449708a25
https://herald-review.com/ Frame 0
0

GET 25e41d08-70c5-4e00-bc60-3c19d42d51ce
https://herald-review.com/ Frame 0
0

GET 76d1a371-d819-4cc6-b981-fa46440c7129
https://herald-review.com/ Frame 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 219 KB
77 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer&gtm=45He4bk0v72758733za200

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ca6a56832b65437119b7d7b9548ff4c73f3cf3386e26493bbee6b6a3346cfd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 29 Nov 2024 11:36:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 29 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 78363
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 305 KB
86 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer&gtm=45He4bk0v72758733za200

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca3e498177bac3ba0d8b298c45b79ec7d32a984e7065425c2dc22970f1bc53e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 29 Nov 2024 11:36:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 29 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 88055
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 icon.ico
herald-review.com/content/tncms/site/ 1 KB
2 KB 141ms
141ms Other
image/x-icon 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://herald-review.com/content/tncms/site/icon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: 132763f9451bd1c660b1cba3a1eacde97a4909f7b83098ff1fceee39346aa2c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=43200
etag: "59418b57-57e"
age: 42340
accept-ranges: bytes
content-length: 1406
date: Thu, 28 Nov 2024 23:50:28 GMT
last-modified: Wed, 14 Jun 2017 19:15:35 GMT
content-type: image/x-icon

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 402 KB
130 KB 63ms
63ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EPWXBW8EKF&l=dataLayer&cx=c&gtm=45He4bk0v6749731za200

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e96897e862316ee4bcdeed0e99ee2c915579d8078c92d75af0146e76d21f5e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 29 Nov 2024 11:36:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 132713
x-xss-protection: 0
server: Google Tag Manager

GET 4bf995d7-0176-4331-a020-a9a2d6c525dc
https://herald-review.com/ Frame 0
0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
104 KB 50ms
50ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He4bk0v861227858za200zb72758733

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

025a3596197f8fb7a727c6d0aeb584b78df1976e4befbd1b99b55083f2c15b09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 29 Nov 2024 11:36:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106511
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 67487ea6082b2.image.jpg
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/f/e5/fe55ecce-3e93-5141-a630-e95920055dfb/ 21 KB
21 KB 134ms
133ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/f/e5/fe55ecce-3e93-5141-a630-e95920055dfb/67487ea6082b2.image.jpg?resize=400%2C225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3de5a956c69172417efe4b6db0b5238f993eca55774ba314c6c36e4beb3b62af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "64898e2c00073aaca0affccd518ec898"
cf-cache-status: HIT
expires: Fri, 28 Nov 2025 14:37:31 GMT
cf-polished: origSize=22173, status=webp_bigger
date: Fri, 29 Nov 2024 11:36:09 GMT
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 14:31:02 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5fbce4e504-TXL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 67480b357eb85.preview.png
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/9/b4/9b4ce92b-ebd6-57e3-87c4-ad21876f6e58/ 43 KB
43 KB 154ms
153ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/9/b4/9b4ce92b-ebd6-57e3-87c4-ad21876f6e58/67480b357eb85.preview.png?crop=620%2C349%2C0%2C0&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e261ff61b0624a4783206506ab40da86438cb9f8ed09877a4420ddbe590e18f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "9652281cbd9d7ba2a5ef5167e0e1b933"
cf-cache-status: HIT
expires: Sat, 29 Nov 2025 06:36:54 GMT
cf-polished: origFmt=png, origSize=76405
date: Fri, 29 Nov 2024 11:36:09 GMT
content-type: image/webp
content-disposition: inline; filename="67480b357eb85.webp"
vary: Accept
last-modified: Thu, 28 Nov 2024 06:18:29 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5fbcece504-TXL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 6748078a0dc75.preview.jpg
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/d/92/d9261e59-4bb2-5a98-80b0-ee721af4dad0/ 15 KB
16 KB 150ms
149ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/d/92/d9261e59-4bb2-5a98-80b0-ee721af4dad0/6748078a0dc75.preview.jpg?crop=1810%2C1018%2C0%2C63&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68d0edbcc9baefe699f18679a3a702457852078534611fe0924d4011aca6fd91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "1c354444f3071b1083bdc66b27a2373e"
cf-cache-status: HIT
expires: Fri, 28 Nov 2025 09:46:58 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=18793
date: Fri, 29 Nov 2024 11:36:09 GMT
content-type: image/webp
content-disposition: inline; filename="6748078a0dc75.webp"
vary: Accept
last-modified: Thu, 28 Nov 2024 06:02:50 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5fbceee504-TXL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 64c0a91919688.image.png
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/4/06/406c61ac-c1b1-5dc0-8a9d-da7056ec8567/ 15 KB
15 KB 46ms
45ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/4/06/406c61ac-c1b1-5dc0-8a9d-da7056ec8567/64c0a91919688.image.png?crop=600%2C338%2C0%2C31&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f65079c7844584bf156ebb99949a883280f65cc817eab327c170d766c2a4fa5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "fa9b0bf9d4ca459d33e7ca3323aa3a96"
age: 159245
cf-cache-status: HIT
expires: Tue, 25 Nov 2025 22:14:31 GMT
cf-polished: origFmt=png, origSize=18483
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: image/webp
content-disposition: inline; filename="64c0a91919688.webp"
vary: Accept
last-modified: Wed, 26 Jul 2023 05:03:21 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5fbcf1e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15462
server: cloudflare

GET
H2 200 6581351874fcc.image.png
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/2/47/24783a7b-9424-525b-9077-2f61bed74326/ 82 KB
82 KB 41ms
41ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/2/47/24783a7b-9424-525b-9077-2f61bed74326/6581351874fcc.image.png?crop=600%2C338%2C0%2C31&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a99245df61a2a7eb3b0e69dee8ec6c5f1f33d51f2e58b24ec67ffff2929b4a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "9154cb961b9b278bec71116edf9bdd18"
age: 159245
cf-cache-status: HIT
expires: Tue, 25 Nov 2025 21:52:52 GMT
cf-polished: origFmt=png, origSize=109875
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: image/webp
content-disposition: inline; filename="6581351874fcc.webp"
vary: Accept
last-modified: Tue, 19 Dec 2023 06:15:53 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5fbcf4e504-TXL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 63d8b26014b09.image.png
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/8/74/8744f51e-e66f-5cfb-be83-27e234e17bd8/ 59 KB
59 KB 39ms
38ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/8/74/8744f51e-e66f-5cfb-be83-27e234e17bd8/63d8b26014b09.image.png?crop=600%2C338%2C0%2C13&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cb9ec628a3a88428ab0dd29413e716c930932b4175133aaaf33a9a69d6332da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "b7027a00cf5a4ea0b4e8314125e2b0e7"
age: 159245
cf-cache-status: HIT
expires: Thu, 27 Nov 2025 07:10:43 GMT
cf-polished: origFmt=png, origSize=119630
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: image/webp
content-disposition: inline; filename="63d8b26014b09.webp"
vary: Accept
last-modified: Tue, 31 Jan 2023 06:17:04 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5fbcf6e504-TXL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 6487ff24edf59.image.png
bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/2/ef/2ef2acfd-b6e4-59ab-ac1f-425ee1d13e2e/ 19 KB
20 KB 43ms
43ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/herald-review.com/content/tncms/assets/v3/editorial/2/ef/2ef2acfd-b6e4-59ab-ac1f-425ee1d13e2e/6487ff24edf59.image.png?crop=600%2C338%2C0%2C31&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90f12440261787faf6d33c267b1a572654b50f6017a844b0173947dba2bad8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "46be10c7d2558b8b95e8a66cb4542348"
age: 159245
cf-cache-status: HIT
expires: Mon, 10 Nov 2025 06:11:27 GMT
cf-polished: origFmt=png, origSize=23331
date: Fri, 29 Nov 2024 11:36:08 GMT
content-type: image/webp
content-disposition: inline; filename="6487ff24edf59.webp"
vary: Accept
last-modified: Tue, 13 Jun 2023 05:31:17 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ea24c5fbcf8e504-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19912
server: cloudflare

POST
H2 200 /
herald-review.com/tncms/tracking/classifieds/featured/ 0
152 B 144ms
143ms Ping
application/octet-stream 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://herald-review.com/tncms/tracking/classifieds/featured/?i=75dfbbc8-9268-5580-a555-16d13657e52d,
Requested by: Host: herald-review.com
URL: https://herald-review.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-vcache: MISS
cache-control: s-maxage=0, private, no-cache
content-length: 0
real-hostname: herald-review.com
date: Fri, 29 Nov 2024 11:36:09 GMT
age: 0
content-type: application/octet-stream

POST
H2 200 /
herald-review.com/tncms/tracking/business/block/ 0
152 B 142ms
142ms Ping
application/octet-stream 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://herald-review.com/tncms/tracking/business/block/?i=b11b7721-b97b-59b9-a22c-22a7ecd8f125,803a8b14-ae59-59b6-ad4d-64889a3fc0c1,2ac998ad-730e-5d32-9725-2e39252461be,
Requested by: Host: herald-review.com
URL: https://herald-review.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://herald-review.com/

Response headers

x-vcache: MISS
cache-control: s-maxage=0, private, no-cache
content-length: 0
real-hostname: herald-review.com
date: Fri, 29 Nov 2024 11:36:09 GMT
age: 0
content-type: application/octet-stream

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: herald-review.com
URL: blob:https://herald-review.com/05cedbd4-6f19-40d9-80e8-f22fd6977f66

Domain: herald-review.com
URL: blob:https://herald-review.com/e3009c73-9c5d-49a6-bbf7-c22449708a25

Domain: herald-review.com
URL: blob:https://herald-review.com/25e41d08-70c5-4e00-bc60-3c19d42d51ce

Domain: herald-review.com
URL: blob:https://herald-review.com/76d1a371-d819-4cc6-b981-fa46440c7129

Domain: herald-review.com
URL: blob:https://herald-review.com/4bf995d7-0176-4331-a020-a9a2d6c525dc

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			herald-review.com/	1970-01-21 01:22:01	Name: lee-holiday-banner Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bloximages.chicago2.vip.townnews.com
c.amazon-adsystem.com
cmp.osano.com
herald-review.com
securepubads.g.doubleclick.net
tagan.adlightning.com
www.googletagmanager.com
www.gstatic.com
herald-review.com
104.16.132.24
108.138.3.93
142.250.185.136
142.250.185.66
142.250.185.67
18.66.102.27
18.66.147.119
192.104.182.209
2600:9000:223c:3c00:3:b7e:8940:93a1
2600:9000:223c:ce00:3:b7e:8940:93a1
2a00:1450:4001:82b::2008
025a3596197f8fb7a727c6d0aeb584b78df1976e4befbd1b99b55083f2c15b09
06a9faa31bdcd1ab6350960d12a3fa342621a37e78b5e75442b8a60bfcec8311
0f62065769ce7d8df88cc0d6357889ac8b8aef08d565d2773cfaf2a10e45c129
132763f9451bd1c660b1cba3a1eacde97a4909f7b83098ff1fceee39346aa2c4
1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec
1e261ff61b0624a4783206506ab40da86438cb9f8ed09877a4420ddbe590e18f
1f0552840fe49bb7db23266c2c192ffcb6be83ee974e64cd82980475c42b741f
20950ad7a08740975a61a92def1a42146143e61a8e957bb7c08013224999330d
22df440276ff65997f69631be302f9a7f9385225b82a5b2ad1ae1818ba7cb019
24a270d213a735654c6d43d3fd0233118be60a0afef18ff34b965c075ecdbcf7
252904bb838e1fb52a44c23792b4f5395783fae0ce1e9fa1d02f307c7657d1b6
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
2ca6a56832b65437119b7d7b9548ff4c73f3cf3386e26493bbee6b6a3346cfd5
32edfb918f921761c1f10afd387a65a977d9550d494979588c6f28b60ebbdecf
3386bb5a79ff2284d6557313c0ddd06b0a64b9bfb6daf9631aaf6d2343d219cd
35aa59a38a522a657bb0c9cae201d694f799615b3c073ff93c302dacc6d46d2e
3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc
3de5a956c69172417efe4b6db0b5238f993eca55774ba314c6c36e4beb3b62af
3e96897e862316ee4bcdeed0e99ee2c915579d8078c92d75af0146e76d21f5e6
48af5d9ed16d117848118b9945ee5383025d8c9d0e1437037267f54a5f8bb5c8
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4b95a2600cd05cde77a15cd3356017581d00d67d8ef4859b9e9201f70e80b66f
4c6f22d4825c1840fafaaaa15167e1cc2239f734ea73f60885b7b10635fbb598
4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09
55c986d4797a19819c545e7ab2874ec5a1f68f19a54885b770a7344924fb7379
5818fd4b5c718395b7f55d4a2729c698f4d9ae33d179d3e790a7c4d285101951
5cb9ec628a3a88428ab0dd29413e716c930932b4175133aaaf33a9a69d6332da
5cfc765ed991babc7bb638e9a20071e4a5857eea307a03224d7916b3e3f0280d
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
68d0edbcc9baefe699f18679a3a702457852078534611fe0924d4011aca6fd91
69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
79080e9534649e0ed69cc51aac65aae753255edc8453b990beccc21986e94557
7f4049e8923ddb3b759697aebae3d69181b42fa677abba4d875f4a1ba7beff89
8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a
90f12440261787faf6d33c267b1a572654b50f6017a844b0173947dba2bad8c9
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
962f88b62b18780a0b6cf19d5d529db54986db8635f6db5d778a5f3b76a6e78f
9d10065df5d2ccccede7da78e1ce0506fd927435ed9c47dc8259a13240854f00
9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4
a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f
a99245df61a2a7eb3b0e69dee8ec6c5f1f33d51f2e58b24ec67ffff2929b4a3a
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
ad20b4f7eaa1022aa64a533fc871f9331b3a19409f2171b0d1d8a17fc800dec0
b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07
b93740066fadbde00a03ff560765bd25b8e9ca74f7774a4633f61ce44b332991
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
c911441bbf7d25f2e02f97b08263a534966fe7f7ba3e4a3e864846abfabda70b
ca3e498177bac3ba0d8b298c45b79ec7d32a984e7065425c2dc22970f1bc53e1
ca6656379867d22fd89b1ce0f37825452ad98e50ff3b0493ac94fa9aa8c76da3
cae430a258ffde47a171258a1656d9c05d184bb95be9a89e331c6e6a50276117
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
d19ce24e43dbc4da87d0053d134e94cabe14499bde737a772bd9114d08b6c7fe
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d75ce141962487f9422ffac48c3e31323c46eaf1a3a337402f8229ce67409e7f
da2fc5239ad006563bc50fc490316a72826b549000d0be2ae3c852e6ecbc9e26
da9979426639576f9c4b85f3852dda82906618676ce654d33ce2dd8c25f3b774
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45726f29afe3cf2fd206b1cf701091da4d5a6bd0452211df80bbfc0291d3887
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f65079c7844584bf156ebb99949a883280f65cc817eab327c170d766c2a4fa5f
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
fe9d3c399cfab2beae377ccb7ebd0e90cc65bd98aa0172e82e21e4cdb57ef597
ffead3e4f6561930d9686d5c69e2e146b59fedf602473117e42a80d3571ede95

herald-review.com Open in urlscan Pro 192.104.182.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

92 %HTTPS

27 %IPv6

8 Domains

8 Subdomains

12 IPs

3 Countries

2447 kBTransfer

6419 kBSize

1 Cookies

13 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

herald-review.com Open in urlscan Pro
192.104.182.209 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

92 %
HTTPS

27 %
IPv6

8
Domains

8
Subdomains

12
IPs

3
Countries

2447 kB
Transfer

6419 kB
Size

1
Cookies

77 HTTP transactions
1 data transactions