heraldcourier.com Open in urlscan Pro
192.104.183.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.tri-citieslive.com/
Effective URL:
https://heraldcourier.com/
Submission: On August 10 via automatic, source certstream-suspicious (August 10th 2024, 7:19:12 pm UTC) — Scanned from DE

Summary HTTP 79 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 79 HTTP transactions. The main IP is 192.104.183.109, located in United States and belongs to LEE-ASN, US. The main domain is heraldcourier.com.
TLS certificate: Issued by WR1 on July 14th 2024. Valid for: 3 months.

This is the only time heraldcourier.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.104.182.109 192.104.182.109	10668 (LEE-ASN) (LEE-ASN)
10	192.104.183.109 192.104.183.109	10668 (LEE-ASN) (LEE-ASN)
43	104.16.133.24 104.16.133.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:266... 2600:9000:266e:ae00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
1	104.16.132.24 104.16.132.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	18.66.147.119 18.66.147.119	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2600:9000:266... 2600:9000:266e:4e00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.239.18.43 18.239.18.43	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
79	13

1 192.104.182.109 (United States) 1 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com

www.tri-citieslive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 192.104.183.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

heraldcourier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.newyork1.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:266e:ae00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-119.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266e:4e00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.18.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-43.ams58.r.cloudfront.net

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	townnews.com bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 27592 bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 39242	848 KB
10	heraldcourier.com heraldcourier.com	103 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	574 KB
5	osano.com cmp.osano.com — Cisco Umbrella Rank: 7730	126 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 4347	95 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280	180 KB
2	gstatic.com www.gstatic.com	13 KB
1	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 394	78 KB
1	tri-citieslive.com 1 redirects www.tri-citieslive.com	100 B
79	9

	Domain	Requested by
43	bloximages.newyork1.vip.townnews.com	heraldcourier.com bloximages.newyork1.vip.townnews.com
10	heraldcourier.com	heraldcourier.com
6	www.googletagmanager.com	heraldcourier.com cmp.osano.com
5	cmp.osano.com	heraldcourier.com cmp.osano.com
3	tagan.adlightning.com	heraldcourier.com cmp.osano.com
2	securepubads.g.doubleclick.net	cmp.osano.com
2	www.gstatic.com	heraldcourier.com
1	bloximages.chicago2.vip.townnews.com	heraldcourier.com
1	c.amazon-adsystem.com	heraldcourier.com
1	www.tri-citieslive.com	1 redirects
79	10

This site contains links to these domains. Also see Links.

Domain
subscriberservicesdsi.lee.net
heraldcourier.obituaries.com
www.stringr.com
heraldcourier.column.us
www.google.com
swvatoday.com
us59.dayforcehcm.com
lee.net
bloxcms.com
bloxdigital.com

Subject Issuer	Validity	Valid
heraldcourier.com WR1	`2024-07-14` - `2024-10-12`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1	`2024-03-12` - `2025-04-12`	a year	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M02	`2024-07-30` - `2025-08-27`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://heraldcourier.com/
Frame ID: 4B9F539D076E935A489C758B004C56B0
Requests: 79 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 4D7B31C4802D42465514C73264AEC86B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bristol Herald Courier | Breaking News | Read Bristol, VA and Virginia breaking news. Get latest news, events and information on Virginia sports, weather, entertainment and lifestyles

Page URL History Show full URLs

https://www.tri-citieslive.com/ HTTP 301
https://heraldcourier.com/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

79
Requests

92 %
HTTPS

31 %
IPv6

9
Domains

10
Subdomains

13
IPs

3
Countries

2016 kB
Transfer

5872 kB
Size

0
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://subscriberservicesdsi.lee.net/subscriberservices/Content/paymentpagesingle.aspx?Domain=heraldcourier.com&SubscriberLevel=DOP&Return=https%3A%2F%2Fheraldcourier.com%2F#tracking-source=header&ir=true
Title: Subscribe $1 for 6 months

Search URL Search Domain Scan URL

URL: https://heraldcourier.obituaries.com/?utm_campaign=consumerdirect&utm_source=lee&utm_medium=np_s&utm_content=heraldcourier
Title: Share a story

Search URL Search Domain Scan URL

URL: https://www.stringr.com/xlFFejdUIVF
Title: Share video

Search URL Search Domain Scan URL

URL: https://heraldcourier.column.us/search
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://subscriberservicesdsi.lee.net/subscriberservices/Content/AccountStatus.aspx?Domain=heraldcourier.com
Title: My Subscription

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//11842%20US%20HWY%2019%2BLEBANON%2BVA%2B24266
Title: 11842 US HWY 19, LEBANON, VA 24266

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//3528%20LEE%20HWY%2BBRISTOL%2BVA%2B24201
Title: 3528 LEE HWY, BRISTOL, VA 24201

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//PO%20BOX%201967%2BBRISTOL%2BTN%2B37621
Title: PO BOX 1967, BRISTOL, TN 37621

Search URL Search Domain Scan URL

URL: https://swvatoday.com/
Title: SWVA Today

Search URL Search Domain Scan URL

URL: https://us59.dayforcehcm.com/CandidatePortal/en-US/leeenterprises/SITE/CANDIDATEPORTAL
Title: Join Our Team

Search URL Search Domain Scan URL

URL: https://lee.net/advertise/tos/
Title: Advertising Terms of Use

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://bloxdigital.com/
Title: bloxdigital.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.tri-citieslive.com/ HTTP 301
https://heraldcourier.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
heraldcourier.com/
Redirect Chain

https://www.tri-citieslive.com/
https://heraldcourier.com/

552 KB
65 KB

694ms
88ms

Document
text/html

192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

fc22d9c12b1042e4937e07bc300e135f3a24825a246df5a3de9f98bbaab6cec3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 4410
cache-control: public, max-age=10
content-encoding: gzip
content-length: 64437
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 10 Aug 2024 18:05:35 GMT
etag: W/d3804e58184dd9fadb598cf5fb89b136
last-modified: Sat, 10 Aug 2024 18:05:35 GMT
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.79.3; app5; 0.54s; 5.5M
x-ua-compatible: IE=edge
x-vcache: HIT
x-xrds-location: https://heraldcourier.com/tncms/xrds/
x-xss-protection: 1; mode=block

Redirect headers

cache-control: public, max-age=86400
content-length: 0
date: Sat, 10 Aug 2024 19:19:05 GMT
location: https://heraldcourier.com/

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
38 KB 317ms
62ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 11864010
cross-origin-resource-policy: cross-origin
content-length: 38456
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e609f2-1882c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e8989d9962-FRA
expires: Thu, 13 Mar 2025 19:25:40 GMT

GET
H2 200 user.js Show response
heraldcourier.com/shared-content/art/tncms/user/ 4 KB
2 KB 164ms
163ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldcourier.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 573b0b4699e5c093c592f070caf70bf8c70ae57b27f3ca32197ff50c9ca77303

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:15:40 GMT
content-encoding: gzip
last-modified: Wed, 07 Aug 2024 17:59:14 GMT
x-vcache: HIT
age: 205
etag: W/"66b3b5f2-eaa"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1633
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
13 KB 319ms
65ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 12958851
cross-origin-resource-policy: cross-origin
content-length: 12719
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e8989b9962-FRA
expires: Thu, 13 Mar 2025 19:25:40 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 33 KB
14 KB 327ms
73ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 12964034
cross-origin-resource-policy: cross-origin
content-length: 14189
last-modified: Wed, 21 Feb 2024 21:20:34 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66922-841f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e8a8b39962-FRA
expires: Thu, 13 Mar 2025 15:35:30 GMT

GET
H2 200 tnt.ee95c0b6f1daceb31bf5ef84353968c6.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 11 KB
4 KB 327ms
73ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 12964033
cross-origin-resource-policy: cross-origin
content-length: 4260
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-2d77"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e8a8bf9962-FRA
expires: Thu, 13 Mar 2025 18:03:32 GMT

GET
H2 200 application.3c64d611e594b45dd35b935162e79d85.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 318ms
64ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 12967741
cross-origin-resource-policy: cross-origin
content-length: 1590
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-1102"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e8a8b99962-FRA
expires: Thu, 13 Mar 2025 16:50:23 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
1021 B 319ms
65ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 12970142
cross-origin-resource-policy: cross-origin
content-length: 910
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-9b8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e8a8b69962-FRA
expires: Thu, 13 Mar 2025 15:35:30 GMT

GET
H2 200 bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
21 KB 327ms
74ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 12967743
cross-origin-resource-policy: cross-origin
content-length: 21439
last-modified: Wed, 21 Feb 2024 21:20:32 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66920-1ac2e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e898959962-FRA
expires: Thu, 13 Mar 2025 16:50:22 GMT

GET
H2 200 layout.d9bf9fa5b377514df7224a864456e96d.css
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 154 KB
33 KB 324ms
71ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.d9bf9fa5b377514df7224a864456e96d.css

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f44f6526e35f8f2595a297c9e049e8efe9159f763c1d14832ada2d66931eebf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 6998298
cross-origin-resource-policy: cross-origin
content-length: 34092
last-modified: Thu, 16 May 2024 12:56:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"66460270-266b1"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e898979962-FRA
expires: Wed, 21 May 2025 19:01:41 GMT

GET
H2 200 lee.ds.css
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ 98 KB
20 KB 317ms
64ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1723096805

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a2e9aea8b17986ba1a3f447b9fbe6dfae755492b579e4f073f2a62fc0f31dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 210674
cross-origin-resource-policy: cross-origin
content-length: 20642
last-modified: Thu, 08 Aug 2024 06:00:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"66b45ee5-18651"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e898989962-FRA
expires: Fri, 08 Aug 2025 06:07:22 GMT

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 335ms
82ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 12958850
cross-origin-resource-policy: cross-origin
content-length: 1979
last-modified: Wed, 21 Feb 2024 21:20:37 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66925-183e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e898999962-FRA
expires: Thu, 13 Mar 2025 19:31:16 GMT

GET
H2 200 owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 5 KB
1 KB 335ms
82ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b93740066fadbde00a03ff560765bd25b8e9ca74f7774a4633f61ce44b332991

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 2747408
cross-origin-resource-policy: cross-origin
content-length: 1376
last-modified: Wed, 21 Feb 2024 21:20:37 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66925-12c4"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e8989a9962-FRA
expires: Thu, 13 Mar 2025 16:50:41 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 417 KB
89 KB 179ms
134ms Script
application/javascript 2600:9000:266e:ae00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:ae00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e83479d5f64e5a65f992def7650d945b783a280d837bffce8e1d8ada1efbd648

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: br
via: 1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 90484
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 06 Aug 2024 21:10:07 GMT
server: CloudFront
etag: "e6d2bcfe78b1a874a17881bf8be1b88a"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: 6NGaOUveqPt1DG_wSoYGLmhzUX1k6Xn-R3vM_6bPuiTLwcegFTiyDQ==

GET
H2 200 access.d7adebba498598b0ec2c.js Show response
heraldcourier.com/shared-content/art/tncms/api/ 70 KB
29 KB 161ms
161ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldcourier.com/shared-content/art/tncms/api/access.d7adebba498598b0ec2c.js
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365

Request headers

Referer: https://heraldcourier.com/
Origin: https://heraldcourier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:14:36 GMT
content-encoding: gzip
last-modified: Sun, 07 Jul 2024 17:49:04 GMT
x-vcache: HIT
age: 269
etag: W/"668ad510-1164b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 29242
service-worker-allowed: /

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 313 KB
78 KB 80ms
13ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a13aeafeab38f84feb42f65b922827fad3fd2d25bc32dcfd68709a4efddc51c4

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 18:32:50 GMT
content-encoding: gzip
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
last-modified: Tue, 06 Aug 2024 21:12:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2777
x-amz-server-side-encryption: AES256
etag: W/"d0fe3c381c37b3536c191a5a1e5ac9fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: YsEG5aWg_b1kAVV6sPj7vhHSekk0ll6XyZuyAxghxEQTzLet6kPquw==

GET
H2 200 heraldcourier.com.v2.js Show response
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/ 998 B
784 B 333ms
154ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/heraldcourier.com.v2.js?_dc=1723313135

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b5d817ffb68de98dc56f289bff8e576ef1025b628e3f8cf459195f363cc317

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-length: 469
last-modified: Sat, 10 Aug 2024 05:01:48 GMT
x-vcache: MISS
server: cloudflare
etag: W/"66b6f43c-3e6"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e89f2539be-FRA
expires: Sun, 10 Aug 2025 18:05:36 GMT

GET
H2 200 owl.carousel.50dc41fa734414148ce4b489fd904c5f.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 41 KB
13 KB 251ms
73ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/owl.carousel.50dc41fa734414148ce4b489fd904c5f.js

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3386bb5a79ff2284d6557313c0ddd06b0a64b9bfb6daf9631aaf6d2343d219cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 6178737
cross-origin-resource-policy: cross-origin
content-length: 12674
last-modified: Wed, 21 Feb 2024 21:20:35 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66923-a55f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e8a8bb9962-FRA
expires: Thu, 13 Mar 2025 16:50:43 GMT

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 38ms
37ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 12970141
cross-origin-resource-policy: cross-origin
content-length: 1322
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-dbe"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255ea0a449962-FRA
expires: Thu, 13 Mar 2025 15:35:30 GMT

GET
H2 200 tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
2 KB 55ms
54ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 12958795
cross-origin-resource-policy: cross-origin
content-length: 2388
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-1baf"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255ea0a459962-FRA
expires: Thu, 13 Mar 2025 19:25:50 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 93ms
35ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 15:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3945
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Aug 2025 15:29:45 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
9 KB 95ms
37ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 21:06:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8653
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Aug 2025 21:06:59 GMT

GET
H2 200 messaging.js Show response
heraldcourier.com/shared-content/art/tncms/api/ 2 KB
1 KB 107ms
106ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldcourier.com/shared-content/art/tncms/api/messaging.js
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:16:34 GMT
content-encoding: gzip
last-modified: Wed, 07 Aug 2024 17:59:14 GMT
x-vcache: HIT
age: 151
etag: W/"66b3b5f2-9cb"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 885
service-worker-allowed: /

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 207 B
471 B 251ms
73ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 12964032
cross-origin-resource-policy: cross-origin
content-length: 176
last-modified: Wed, 21 Feb 2024 21:20:36 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66924-cf"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e8a8c29962-FRA
expires: Thu, 13 Mar 2025 18:01:33 GMT

GET
H2 200 tracking.js Show response
heraldcourier.com/shared-content/art/tncms/ 3 KB
1 KB 177ms
176ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldcourier.com/shared-content/art/tncms/tracking.js
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:14:36 GMT
content-encoding: gzip
last-modified: Wed, 07 Aug 2024 17:59:14 GMT
x-vcache: HIT
age: 269
etag: W/"66b3b5f2-a3a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1157
service-worker-allowed: /

GET
H2 200 prebid8.39.0.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 260 KB
92 KB 251ms
74ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/prebid8.39.0.js?_dc=1718863205

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c447506df9ed73c4d2bab46a1477c2858588c62ac4e81606b139e04b94e3ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 4428362
cross-origin-resource-policy: cross-origin
content-length: 94346
last-modified: Thu, 20 Jun 2024 06:00:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6673c565-40e18"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e8989e9962-FRA
expires: Fri, 20 Jun 2025 06:06:01 GMT

GET
H2 200 lee.common.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ 11 KB
4 KB 250ms
73ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/lee.common.js?_dc=1723096806

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffead3e4f6561930d9686d5c69e2e146b59fedf602473117e42a80d3571ede95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 213947
cross-origin-resource-policy: cross-origin
content-length: 3556
last-modified: Thu, 08 Aug 2024 06:00:06 GMT
x-vcache: MISS
server: cloudflare
etag: W/"66b45ee6-2c45"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e8a8bc9962-FRA
expires: Fri, 08 Aug 2025 06:06:42 GMT

GET
H2 200 fontawesome.568f3d1ab17b33ce05854081baadadac.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 268 KB
110 KB 39ms
38ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.568f3d1ab17b33ce05854081baadadac.js

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 12967736
cross-origin-resource-policy: cross-origin
content-length: 112383
last-modified: Wed, 21 Feb 2024 21:20:34 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66922-43130"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255ea0a479962-FRA
expires: Thu, 13 Mar 2025 16:50:23 GMT

GET
H2 200 tracker.js Show response
heraldcourier.com/shared-content/art/stats/common/ 9 KB
3 KB 177ms
177ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldcourier.com/shared-content/art/stats/common/tracker.js
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:18:37 GMT
content-encoding: gzip
last-modified: Tue, 09 Apr 2024 20:00:11 GMT
x-vcache: HIT
age: 29
etag: W/"66159e4b-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 e0d66240-6be2-11ec-a380-ff649233b50f.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/custom/image/ 4 KB
4 KB 72ms
71ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/custom/image/e0d66240-6be2-11ec-a380-ff649233b50f.png

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e88bc41dfc3e11b318a5a3eeeb403b70f98705db64962f4647a3ad2cb9083aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 12964032
cf-polished: origFmt=png, origSize=5857
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="e0d66240-6be2-11ec-a380-ff649233b50f.webp"
content-length: 4166
cf-bgj: imgq:85,h2pri
last-modified: Sun, 02 Jan 2022 15:44:32 GMT
server: cloudflare
x-vcache: MISS
etag: "61d1c860-16e1"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e8a8c39962-FRA
expires: Thu, 13 Mar 2025 18:05:39 GMT

GET
H2 200 user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ 978 B
1 KB 56ms
55ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 12970141
cf-polished: origFmt=png, origSize=3610
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="user_no_avatar.webp"
content-length: 978
cf-bgj: imgq:85,h2pri
last-modified: Thu, 02 Apr 2015 21:53:54 GMT
server: cloudflare
x-vcache: MISS
etag: "551dba72-e1a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255ea0a499962-FRA
expires: Thu, 13 Mar 2025 15:35:30 GMT

GET
H2 200 newsplus_white.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 4 KB
4 KB 73ms
72ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/newsplus_white.png?_dc=1723096806

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55c986d4797a19819c545e7ab2874ec5a1f68f19a54885b770a7344924fb7379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 210672
cf-polished: origFmt=png, origSize=8454
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="newsplus_white.webp"
content-length: 4248
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Aug 2024 06:00:06 GMT
server: cloudflare
x-vcache: MISS
etag: "66b45ee6-2106"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e8a8c49962-FRA
expires: Fri, 08 Aug 2025 06:07:22 GMT

GET
H2 200 logo-tagline.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 5 KB
5 KB 35ms
35ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/logo-tagline.png?_dc=1723096806

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 210671
cf-polished: origFmt=png, origSize=10949
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="logo-tagline.webp"
content-length: 5302
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Aug 2024 06:00:06 GMT
server: cloudflare
x-vcache: MISS
etag: "66b45ee6-2ac5"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e919379962-FRA
expires: Fri, 08 Aug 2025 06:07:22 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/leeenterprises/ 15 KB
7 KB 64ms
15ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/op.js
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62826dd4624b85584b8eff6843407c34a40c6d1210229f1b27028ceebe076bc8

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:04:01 GMT
content-encoding: gzip
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-version-id: q2XKKDoLkezn7B0Tk.p898181VhGA51_
x-amz-cf-pop: FRA60-P4
age: 906
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6666
x-amz-meta-git_commit: 904ac2d
last-modified: Sat, 10 Aug 2024 18:32:30 GMT
server: AmazonS3
etag: "0899b493ef3ca7ce54bf5178828ee51b"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: C0JakdbhDG4DqJaCkHSFfte4CZplpnB2b4CCxndzWAuyI37MdPm5rQ==

GET
H2 200 heraldcourier.com.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/ 1 KB
562 B 57ms
57ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/heraldcourier.com.js?_dc=1718863205

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76460f1cd530a92dcb3d35468233b10d40dcb0ea7595aceb225104e63c3b78bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 4453080
cross-origin-resource-policy: cross-origin
content-length: 375
last-modified: Thu, 20 Jun 2024 06:00:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6673c565-5b9"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e9c9e69962-FRA
expires: Fri, 20 Jun 2025 06:06:01 GMT

GET
H2 200 dfp.lazy.ozone.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 19 KB
5 KB 53ms
52ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/dfp.lazy.ozone.js?_dc=1718863205

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b84963e11878bfa08c3870cefd95e4887eb4fa821b97ff1bb14f7a76a793d5c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 4444757
cross-origin-resource-policy: cross-origin
content-length: 5213
last-modified: Thu, 20 Jun 2024 06:00:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6673c565-4ab8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255e9c9ee9962-FRA
expires: Fri, 20 Jun 2025 06:06:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 229 KB
77 KB 103ms
45ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2e862819a537958f61b999b7f37978e5847a82a9eec616fba55e034862a67ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78950
x-xss-protection: 0
last-modified: Sat, 10 Aug 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Aug 2024 19:19:06 GMT

GET
BLOB 200
OK 3972ad18-b988-4f02-910c-9177fe27d7a1
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/3972ad18-b988-4f02-910c-9177fe27d7a1
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a8dbbb4d2df5781f48a9c71c64645a9ec26ee8b159d0daf0ec14630192a5469

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 103 KB
32 KB 100ms
47ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

5c2000ce3e16f591e5c61ab717f103ea57e884353ba0d19c47f1e0c8a1e1c748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32478
x-xss-protection: 0
server: cafe
etag: 14 / 19945 / m202408060101 / config-hash: 9072019561209455628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Aug 2024 19:19:06 GMT

GET
H2 200 tracker.gif
heraldcourier.com/shared-content/art/stats/common/ 0
145 B 100ms
100ms Image
image/gif 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldcourier.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1723317546552101016001200580748258697&tnms_dt=Bristol%20Herald%20Courier%20%7C%20Breaking%20News%20%7C%20Read%20Bristol%2C%20VA%20and%20Virginia%20breaking%20news.%20Get%20latest%20news%2C%20events%20and%20information%20on%20Virginia%20sports%2C%20weather%2C%20entertainment%20and%20lifestyles&tnms_upage=1&tnms_do=heraldcourier.com&tnms_uri=/&tnms_ref=&rt=1723317546552
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
x-vcache: MISS
age: 0
etag: "48f79fed-0"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 serif-ds.woff2
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 26 KB
26 KB 68ms
27ms Font
application/font-woff2 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/serif-ds.woff2

Requested by

Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1723096805

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1723096805
Origin: https://heraldcourier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 12963161
cross-origin-resource-policy: cross-origin
content-length: 26164
last-modified: Tue, 12 Mar 2024 18:40:49 GMT
x-vcache: MISS
server: cloudflare
etag: "65f0a1b1-6634"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255ea7fe29bc8-FRA
expires: Thu, 13 Mar 2025 18:01:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 546 KB
141 KB 93ms
86ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77969a4b03385297ef23d561e00352e3f2874a94e172da8fba583e62bf502432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144677
x-xss-protection: 0
last-modified: Sat, 10 Aug 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Aug 2024 19:19:06 GMT

GET
H2 200 6082f168e3759.preview.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/1/c6/1c6b2958-fe83-58b6-b350-ea4dc8b64337/ 22 KB
22 KB 390ms
390ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/1/c6/1c6b2958-fe83-58b6-b350-ea4dc8b64337/6082f168e3759.preview.jpg?crop=672%2C378%2C8%2C0&resize=672%2C378&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb9c098ecc228f4b07cc7fa4edf3d97a019789ea8d804b250e692ab6db57a90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=24950
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="6082f168e3759.webp"
content-length: 22404
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Apr 2021 16:10:16 GMT
server: cloudflare
x-vcache: MISS
etag: "c5db4c774552e35307538d45c0c677e1"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255ea4a989962-FRA
expires: Sun, 10 Aug 2025 16:34:47 GMT

GET
H2 200 5d0b85013e5f4.image.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/9/75/97577d1c-d665-11ee-a3b4-371a45b20682/ 3 KB
3 KB 46ms
46ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/9/75/97577d1c-d665-11ee-a3b4-371a45b20682/5d0b85013e5f4.image.png?crop=475%2C267%2C0%2C103&resize=300%2C169&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b2a7ea474bb545e729268b4086e221ac3d92bef399d0dcf5c57ae843378e314

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 150406
cf-polished: origFmt=png, origSize=6026
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="5d0b85013e5f4.webp"
content-length: 3082
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Feb 2024 18:17:11 GMT
server: cloudflare
x-vcache: MISS
etag: "7a751edc1c9c2349aab7a4db30f2978b"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255ea4a9d9962-FRA
expires: Fri, 08 Aug 2025 18:48:43 GMT

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 b-904ac2d-fa24dc02.js Show response
tagan.adlightning.com/leeenterprises/ 71 KB
26 KB 16ms
16ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e2538ddd14fe3225b3349e4c508da448b0ac8df11ebead50b55662b2f3df076

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 19:37:41 GMT
content-encoding: gzip
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-version-id: JpQLJZlJiYH0ImTqvWyHuV_7GTPKKRiJ
x-amz-cf-pop: FRA60-P4
age: 1467686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26202
x-amz-meta-git_commit: 904ac2d
last-modified: Tue, 20 Feb 2024 14:47:48 GMT
server: AmazonS3
etag: "7a41b7e2b9e4a0f06ee27698e5b7b752"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: RGGIKOxTooWmQTHvo9-kbWuujZEZdfaS3b_ojVbEAP_eWP6gpX00rA==

GET
H2 200 bl-9d3cfa4-bc0921ef.js Show response
tagan.adlightning.com/leeenterprises/ 159 KB
62 KB 18ms
18ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/bl-9d3cfa4-bc0921ef.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f518d5aa45a5c7d845a8331bc63bfdf05c084d60c32ac6ae6b5fd906e806980e

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:04:02 GMT
content-encoding: gzip
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-version-id: fFZQR1BP2lMCR_l5CwCfZ5y7rEbxXQ.p
x-amz-cf-pop: FRA60-P4
age: 905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 63054
x-amz-meta-git_commit: 9d3cfa4
last-modified: Sat, 10 Aug 2024 18:32:09 GMT
server: AmazonS3
etag: "8f2f9084dfe655c097068b9527d8b90c"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: s4YESGpglTSHnoDmhasnx30AB6JwzwfDuE3SOe7_GoaCDk1R2BdLpA==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/ 473 KB
148 KB 16ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ccee77f4b5d83cb6e274010848ee8baeefbb7d99199d78b22d798676591d36d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 15:36:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13379
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151286
x-xss-protection: 0
server: cafe
etag: 16318545838041958494
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 10 Aug 2025 15:36:07 GMT

GET
H2 200 /
cmp.osano.com/ Frame 4D7B 0
0 30ms
9ms Document
text/html 2600:9000:266e:4e00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:4e00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heraldcourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age: 34987
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Sat, 10 Aug 2024 09:36:00 GMT
etag: W/"48a0e738f84f45eb10ccd17ff6e09429"
last-modified: Tue, 06 Feb 2024 18:00:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 f36453eb82bc9ab0c6e360ac52cc5972.cloudfront.net (CloudFront)
x-amz-cf-id: dZaJCkN9HXsMJcPi0BQweZq2OvauGApLVz1P0q0ID986E6EUTmxHlg==
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256
x-amz-version-id: POJv8cLnvurN8PIkBGZX7_kfH6.eePMP
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H3 200 de.json
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ Frame 0
0 408ms
377ms Preflight 18.239.18.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

18.239.18.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-43.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://heraldcourier.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 10 Aug 2024 19:19:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 6c60742ba67aa10b881e511aba8e470a.cloudfront.net (CloudFront)
x-amz-cf-id: rtV-0BwmoGkVVGYVs3Qudgq67j7BYyKBgx1FuwEA24EiWRswRxgx1A==
x-amz-cf-pop: AMS58-P6
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 osano-ui.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 100 KB
26 KB 12ms
11ms Script
application/javascript 2600:9000:266e:ae00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano-ui.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:ae00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0202614987ac38b310ac2d2430f7cb3461913fafb307b49f89291e3b464408cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: O_05i9zXMW4youuSN03rz2lA.pdOBZgs
content-encoding: gzip
via: 1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
date: Sat, 10 Aug 2024 03:58:35 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P8
age: 55291
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 06 Aug 2024 21:10:03 GMT
server: AmazonS3
etag: W/"e9161b119859a9215cd2ba20680496ae"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=86400, no-transform, public
x-amz-cf-id: rg1o58dpp0KhNND5FI1y4yb_7NTzLBUNIYWVmSq95ryYZCjVfK16tw==

GET
H3 200 de.json Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 34 KB
11 KB 22ms
22ms XHR
application/json 18.239.18.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/de.json

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.239.18.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-43.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

49585109477ee74f472537d68e5b7b49ac3174b944de8848fdfc56a74fcbb793

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Sat, 10 Aug 2024 01:24:27 GMT
x-content-type-options: nosniff
x-amz-version-id: RPe80RgpkHFfP5mkqNIH7I7M6CYqd4pa
content-encoding: br
via: 1.1 6c60742ba67aa10b881e511aba8e470a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P6
x-amz-server-side-encryption: AES256
age: 64481
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 06 Aug 2024 21:10:03 GMT
server: AmazonS3
etag: W/"c9b7558058b713159f1d9cc60619de4e"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, no-transform, public
vary: Accept-Encoding
x-amz-cf-id: JBPSs2MTnBZSzN-eSV9THaHoY_r9TL-semm5wHu1qxxL9yTXtWfVVw==

GET
BLOB 200
OK c82fcefa-d979-4aa9-9aed-87718ed98172
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/c82fcefa-d979-4aa9-9aed-87718ed98172
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a8dbbb4d2df5781f48a9c71c64645a9ec26ee8b159d0daf0ec14630192a5469

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 66b66b0e57781.image.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/e/1f/e1f7301c-5683-11ef-8b33-9f96d8837c97/ 12 KB
12 KB 426ms
425ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/e/1f/e1f7301c-5683-11ef-8b33-9f96d8837c97/66b66b0e57781.image.jpg?crop=1763%2C992%2C0%2C91&resize=300%2C169&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f638c37971c2d8a7620a445b734f24ea209991bf8d244cb4e66bc8b575f5c27c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:07 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: degrade=85, origSize=15439, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Aug 2024 19:16:32 GMT
server: cloudflare
x-vcache: MISS
etag: "cfc42cc68bc3d3092981186031fd1f61"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8b1255ebbc3d9962-FRA
expires: Sun, 10 Aug 2025 10:49:18 GMT

GET
H2 200 66b64f4082a22.image.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/4/f6/4f69a9ba-5673-11ef-835e-bf8c05ad0a65/ 13 KB
13 KB 396ms
395ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/4/f6/4f69a9ba-5673-11ef-835e-bf8c05ad0a65/66b64f4082a22.image.jpg?crop=1763%2C992%2C0%2C91&resize=300%2C169&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfd147f2909d5c82c13064cef60186c268bfced600b549790228735f7ccd3fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:07 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: degrade=85, origSize=15722, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Aug 2024 17:17:55 GMT
server: cloudflare
x-vcache: MISS
etag: "ff52a5e72e443b62a98d8f6ccb7c8f2c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8b1255ebbc409962-FRA
expires: Sun, 10 Aug 2025 10:36:02 GMT

GET
H2 200 664e20cf00d28.image.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/7/cb/7cb222be-185a-11ef-8771-531c2c6f3344/ 10 KB
10 KB 443ms
442ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/7/cb/7cb222be-185a-11ef-8771-531c2c6f3344/664e20cf00d28.image.jpg?crop=1763%2C992%2C0%2C91&resize=300%2C169&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ee8ccb68866fe510c7de7c604447c7a333e773b3c0e9148a3c8400bb88b9fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:07 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=13719
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="664e20cf00d28.webp"
content-length: 10506
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 May 2024 16:44:01 GMT
server: cloudflare
x-vcache: MISS
etag: "3873ca8dd4ebccba35d6a1bc475bd705"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255ebbc429962-FRA
expires: Sun, 10 Aug 2025 10:36:02 GMT

GET
H2 200 64f7aba633a29.image.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/5/9d/59de50b4-4c3b-11ee-9d9d-87d78bba3266/ 11 KB
11 KB 160ms
160ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/5/9d/59de50b4-4c3b-11ee-9d9d-87d78bba3266/64f7aba633a29.image.png?crop=1611%2C906%2C338%2C0&resize=300%2C169&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d1eb98484c10065c2b01bc00d527e43643fab06aada7078eea2989d68c65816

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=22014
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="64f7aba633a29.webp"
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Sep 2023 22:28:55 GMT
server: cloudflare
x-vcache: MISS
etag: "87d79c5c3dd8772beb3d96546812affb"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8b1255ebbc449962-FRA
expires: Sun, 10 Aug 2025 10:22:28 GMT

GET
H2 200 57c752033a6ce.image.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/6/1e/61ea2e36-6fc5-11e6-a9ea-0f22fefcb1bf/ 3 KB
3 KB 151ms
150ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/6/1e/61ea2e36-6fc5-11e6-a9ea-0f22fefcb1bf/57c752033a6ce.image.jpg?resize=300%2C169

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd82d09be01ca78c11ab2a3cf07a5da6896957dc12afa4a516746d866c72eef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=6768
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="57c752033a6ce.webp"
content-length: 3226
cf-bgj: imgq:85,h2pri
last-modified: Wed, 31 Aug 2016 21:54:11 GMT
server: cloudflare
x-vcache: MISS
etag: "3ee03fb158f82a389a0caa95ecf4588e"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255ebbc499962-FRA
expires: Sat, 09 Aug 2025 19:52:25 GMT

GET
H2 200 6082f168e3759.preview.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/1/c6/1c6b2958-fe83-58b6-b350-ea4dc8b64337/ 10 KB
10 KB 403ms
403ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4571af8e78678d481ab71f9082c3f741897740c13e490811529b9a22c16472a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:07 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=10947
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="6082f168e3759.webp"
content-length: 10284
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Apr 2021 16:10:16 GMT
server: cloudflare
x-vcache: HIT
etag: "3a8f1a3ac54e5c93e6778945bec99f3b"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255ebbc4a9962-FRA
expires: Sun, 10 Aug 2025 16:36:30 GMT

GET
H2 200 66b68d7fb863b.preview.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/d/70/d70f1af6-55e4-11ef-86f8-27fb90358541/ 9 KB
9 KB 390ms
390ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/d/70/d70f1af6-55e4-11ef-86f8-27fb90358541/66b68d7fb863b.preview.jpg?crop=800%2C450%2C0%2C41&resize=400%2C225&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

323d27ffd4f5b884a988e771f3bf1defc8bd911630af9f0789b5bd7c6a16afbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:07 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=11104
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="66b68d7fb863b.webp"
content-length: 9022
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Aug 2024 21:43:28 GMT
server: cloudflare
x-vcache: MISS
etag: "423c5bb7845fa5beeb9d17d739533536"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255ebbc4c9962-FRA
expires: Sat, 09 Aug 2025 21:51:57 GMT

GET
H2 200 66b5a9f248796.image.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/b/01/b018cb96-5610-11ef-b229-4b5d16e4ca3b/ 7 KB
7 KB 383ms
383ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/b/01/b018cb96-5610-11ef-b229-4b5d16e4ca3b/66b5a9f248796.image.jpg?crop=1637%2C921%2C0%2C172&resize=400%2C225&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9eac62eef181b3e50afebc349f247b14f9033e15f0332195fd6993483b2ff901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:07 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=8947
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="66b5a9f248796.webp"
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Aug 2024 05:32:35 GMT
server: cloudflare
x-vcache: MISS
etag: "b0f4427bda3345726775c5cdf1ed87ce"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8b1255ebbc4e9962-FRA
expires: Sat, 09 Aug 2025 05:33:33 GMT

GET
BLOB 200
OK dc19185a-232d-489b-8642-23f1995da913
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/dc19185a-232d-489b-8642-23f1995da913
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a8dbbb4d2df5781f48a9c71c64645a9ec26ee8b159d0daf0ec14630192a5469

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK a63b0d85-73cb-49dc-87b2-21c4a9ea1d30
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/a63b0d85-73cb-49dc-87b2-21c4a9ea1d30
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a8dbbb4d2df5781f48a9c71c64645a9ec26ee8b159d0daf0ec14630192a5469

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK c5a153f1-20f3-401b-b152-e63c63beea12
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/c5a153f1-20f3-401b-b152-e63c63beea12
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a8dbbb4d2df5781f48a9c71c64645a9ec26ee8b159d0daf0ec14630192a5469

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 206 KB
72 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a8839f597b5921babceab241315857cdcfd97533f65db07881084b56e4391ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73702
x-xss-protection: 0
last-modified: Sat, 10 Aug 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Aug 2024 19:19:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 285 KB
81 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dceee419f32b10e6aad161ed2b603b5e5a892e73539d22c56a6750917450d3de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83032
x-xss-protection: 0
last-modified: Sat, 10 Aug 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Aug 2024 19:19:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 311 KB
103 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S5LKEZJN96&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

75291232f6dab2e76efb0f377940f040a4966a6cf0b83d29cc009bf596c56965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105578
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 10 Aug 2024 19:19:06 GMT

GET
BLOB 200
OK ca7ca429-de77-4fe3-aaf7-37a7a060822b
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/ca7ca429-de77-4fe3-aaf7-37a7a060822b
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a8dbbb4d2df5781f48a9c71c64645a9ec26ee8b159d0daf0ec14630192a5469

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
99 KB 46ms
45ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

82673705ba73c9458092531fac3661be19c004c11c2a1bc40f2831585e5d5bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100944
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 10 Aug 2024 19:19:07 GMT

GET
H2 200 66b6f7ce6446a.preview.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/3/c6/3c62a23a-9366-5255-bc38-455b259f34fc/ 16 KB
16 KB 139ms
138ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/3/c6/3c62a23a-9366-5255-bc38-455b259f34fc/66b6f7ce6446a.preview.jpg?crop=640%2C360%2C0%2C33&resize=400%2C225&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca5787e990b7e62b8de95f3888cf2d3d644d606d564ae54fba9c01caf5dd2636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:07 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origSize=17391, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 16556
cf-bgj: imgq:85,h2pri
last-modified: Sat, 10 Aug 2024 05:17:02 GMT
server: cloudflare
x-vcache: MISS
etag: "ed80071ae71461a20f5733827e7d8682"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255ee4f3b9962-FRA
expires: Sun, 10 Aug 2025 14:31:41 GMT

GET
H2 200 66b5a5f72d900.preview.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/2/65/2650db8d-b84b-5f4c-80d8-2b48a1f961e0/ 21 KB
21 KB 401ms
401ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/2/65/2650db8d-b84b-5f4c-80d8-2b48a1f961e0/66b5a5f72d900.preview.jpg?crop=1764%2C992%2C0%2C90&resize=400%2C225&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c78e90d7fbf3de45ee943559d21b59198773675a0a1bfaaefac4baf833ef05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:07 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origSize=22654, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 21432
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Aug 2024 05:15:35 GMT
server: cloudflare
x-vcache: MISS
etag: "fc34eb5be86a509ab8f8c2c99fc92b65"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255ee4f3d9962-FRA
expires: Sat, 09 Aug 2025 15:30:57 GMT

GET
H2 200 66b5a5fb6fa9f.preview.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/6/8f/68f95cfe-e6d4-524e-8f86-0ab0ac6d61a5/ 43 KB
43 KB 449ms
449ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/6/8f/68f95cfe-e6d4-524e-8f86-0ab0ac6d61a5/66b5a5fb6fa9f.preview.png?crop=620%2C349%2C0%2C0&resize=400%2C225&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e261ff61b0624a4783206506ab40da86438cb9f8ed09877a4420ddbe590e18f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:07 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=76405
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="66b5a5fb6fa9f.webp"
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Aug 2024 05:15:39 GMT
server: cloudflare
x-vcache: MISS
etag: "25fc44550c9570b58cc13e4a078212ab"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8b1255ee4f3f9962-FRA
expires: Sat, 09 Aug 2025 08:52:42 GMT

GET
H2 200 66b48ce817874.preview.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/8/3d/83d59822-fadd-5c74-a198-7bbbb61baea9/ 43 KB
43 KB 463ms
463ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/8/3d/83d59822-fadd-5c74-a198-7bbbb61baea9/66b48ce817874.preview.png?crop=620%2C349%2C0%2C0&resize=400%2C225&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e261ff61b0624a4783206506ab40da86438cb9f8ed09877a4420ddbe590e18f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:07 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=76405
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="66b48ce817874.webp"
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Aug 2024 09:16:24 GMT
server: cloudflare
x-vcache: MISS
etag: "e6b37ce641fec5f62ef3b182d63bbad5"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8b1255ee4f419962-FRA
expires: Fri, 08 Aug 2025 09:20:10 GMT

GET
H2 200 icon.ico
heraldcourier.com/content/tncms/site/ 1 KB
1 KB 88ms
88ms Other
image/x-icon 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldcourier.com/content/tncms/site/icon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: ab76576e12c26582170710e16a74b1216b6d5e5fb191630d6f70c4bbc2d5bb90

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 10:09:09 GMT
last-modified: Mon, 19 Dec 2016 13:25:27 GMT
x-vcache: HIT
age: 32997
etag: "5857dfc7-47e"
content-type: image/x-icon
cache-control: public, max-age=43200
accept-ranges: bytes
content-length: 1150

GET
H2 200 64c0a8cc3291c.image.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/0/7d/07d01b4d-4b4b-527b-aebd-c89b3b0c0167/ 15 KB
15 KB 389ms
388ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/0/7d/07d01b4d-4b4b-527b-aebd-c89b3b0c0167/64c0a8cc3291c.image.png?crop=600%2C338%2C0%2C31&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f65079c7844584bf156ebb99949a883280f65cc817eab327c170d766c2a4fa5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:08 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=18483
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="64c0a8cc3291c.webp"
content-length: 15462
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Jul 2023 05:02:04 GMT
server: cloudflare
x-vcache: MISS
etag: "9035ad7cba3e6f502040cf01647323a9"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255f1cb089962-FRA
expires: Sun, 13 Jul 2025 10:49:25 GMT

GET
H2 200 658134ee045c2.image.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/d/6c/d6c91e2f-099d-558b-ad0b-0aed38832a22/ 82 KB
82 KB 388ms
387ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/d/6c/d6c91e2f-099d-558b-ad0b-0aed38832a22/658134ee045c2.image.png?crop=600%2C338%2C0%2C31&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a99245df61a2a7eb3b0e69dee8ec6c5f1f33d51f2e58b24ec67ffff2929b4a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:08 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=109875
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="658134ee045c2.webp"
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Dec 2023 06:15:11 GMT
server: cloudflare
x-vcache: MISS
etag: "7e88f0519bfc8a02a066f2bad51f2ff7"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8b1255f1cb0a9962-FRA
expires: Sat, 14 Jun 2025 05:44:22 GMT

GET
H2 200 65dd7e15b90a0.image.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/a/ba/aba13f18-a6c4-5a92-8146-b65244ea1764/ 85 KB
85 KB 152ms
152ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/a/ba/aba13f18-a6c4-5a92-8146-b65244ea1764/65dd7e15b90a0.image.png?crop=600%2C338%2C0%2C31&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c36f795e3725cc63308f0ccdd6cbe4472f1ddec1ad5c8acfb3c1dc0257896ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:07 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=110407
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="65dd7e15b90a0.webp"
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Feb 2024 06:15:50 GMT
server: cloudflare
x-vcache: MISS
etag: "fd6b6bc81e291d19b4f112e1ad2c5b52"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8b1255f1cb0b9962-FRA
expires: Thu, 24 Jul 2025 05:32:46 GMT

GET
H2 200 6487feda3a36f.image.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/a/0b/a0bd40dd-3609-5fbe-85fa-d20a6b415bd9/ 19 KB
20 KB 462ms
462ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/a/0b/a0bd40dd-3609-5fbe-85fa-d20a6b415bd9/6487feda3a36f.image.png?crop=600%2C338%2C0%2C31&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90f12440261787faf6d33c267b1a572654b50f6017a844b0173947dba2bad8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:08 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=23331
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="6487feda3a36f.webp"
content-length: 19912
cf-bgj: imgq:85,h2pri
last-modified: Tue, 13 Jun 2023 05:30:02 GMT
server: cloudflare
x-vcache: MISS
etag: "206ea7cab3e6670dac1c61fbbae6e90a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8b1255f1cb0c9962-FRA
expires: Thu, 07 Aug 2025 05:33:43 GMT

POST
H2 200 /
heraldcourier.com/tncms/tracking/classifieds/featured/ 0
152 B 97ms
97ms Ping
application/octet-stream 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldcourier.com/tncms/tracking/classifieds/featured/?i=3bce9afd-a2a5-56f5-90ae-2100177b8e84,
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:07 GMT
real-hostname: heraldcourier.com
cache-control: s-maxage=0, private, no-cache
x-vcache: MISS
age: 0
content-length: 0
content-type: application/octet-stream

POST
H2 200 /
heraldcourier.com/tncms/tracking/business/block/ 0
152 B 98ms
97ms Ping
application/octet-stream 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldcourier.com/tncms/tracking/business/block/?i=6eb1578c-589b-5e6a-a930-e553ed1c5073,5a877a7d-bad9-58cf-86f5-195db484442f,53121636-979a-53f6-b173-5a2ac2dc09e3,
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:19:07 GMT
real-hostname: heraldcourier.com
cache-control: s-maxage=0, private, no-cache
x-vcache: MISS
age: 0
content-length: 0
content-type: application/octet-stream

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bloximages.chicago2.vip.townnews.com
bloximages.newyork1.vip.townnews.com
c.amazon-adsystem.com
cmp.osano.com
heraldcourier.com
securepubads.g.doubleclick.net
tagan.adlightning.com
www.googletagmanager.com
www.gstatic.com
www.tri-citieslive.com
104.16.132.24
104.16.133.24
108.138.6.136
142.250.185.130
142.250.186.104
18.239.18.43
18.66.147.119
192.104.182.109
192.104.183.109
2600:9000:266e:4e00:3:b7e:8940:93a1
2600:9000:266e:ae00:3:b7e:8940:93a1
2a00:1450:4001:806::2008
2a00:1450:4001:831::2003
0202614987ac38b310ac2d2430f7cb3461913fafb307b49f89291e3b464408cb
0ee8ccb68866fe510c7de7c604447c7a333e773b3c0e9148a3c8400bb88b9fcc
1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec
1d1eb98484c10065c2b01bc00d527e43643fab06aada7078eea2989d68c65816
1e2538ddd14fe3225b3349e4c508da448b0ac8df11ebead50b55662b2f3df076
1e261ff61b0624a4783206506ab40da86438cb9f8ed09877a4420ddbe590e18f
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
323d27ffd4f5b884a988e771f3bf1defc8bd911630af9f0789b5bd7c6a16afbf
3386bb5a79ff2284d6557313c0ddd06b0a64b9bfb6daf9631aaf6d2343d219cd
3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc
4571af8e78678d481ab71f9082c3f741897740c13e490811529b9a22c16472a6
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
49585109477ee74f472537d68e5b7b49ac3174b944de8848fdfc56a74fcbb793
4a2e9aea8b17986ba1a3f447b9fbe6dfae755492b579e4f073f2a62fc0f31dbb
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09
55c986d4797a19819c545e7ab2874ec5a1f68f19a54885b770a7344924fb7379
573b0b4699e5c093c592f070caf70bf8c70ae57b27f3ca32197ff50c9ca77303
5c2000ce3e16f591e5c61ab717f103ea57e884353ba0d19c47f1e0c8a1e1c748
62826dd4624b85584b8eff6843407c34a40c6d1210229f1b27028ceebe076bc8
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938
6a8dbbb4d2df5781f48a9c71c64645a9ec26ee8b159d0daf0ec14630192a5469
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
75291232f6dab2e76efb0f377940f040a4966a6cf0b83d29cc009bf596c56965
76460f1cd530a92dcb3d35468233b10d40dcb0ea7595aceb225104e63c3b78bc
77969a4b03385297ef23d561e00352e3f2874a94e172da8fba583e62bf502432
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
7b2a7ea474bb545e729268b4086e221ac3d92bef399d0dcf5c57ae843378e314
7c36f795e3725cc63308f0ccdd6cbe4472f1ddec1ad5c8acfb3c1dc0257896ba
82673705ba73c9458092531fac3661be19c004c11c2a1bc40f2831585e5d5bce
8a8839f597b5921babceab241315857cdcfd97533f65db07881084b56e4391ba
8c78e90d7fbf3de45ee943559d21b59198773675a0a1bfaaefac4baf833ef05d
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365
90f12440261787faf6d33c267b1a572654b50f6017a844b0173947dba2bad8c9
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
9c447506df9ed73c4d2bab46a1477c2858588c62ac4e81606b139e04b94e3ef3
9eac62eef181b3e50afebc349f247b14f9033e15f0332195fd6993483b2ff901
a13aeafeab38f84feb42f65b922827fad3fd2d25bc32dcfd68709a4efddc51c4
a99245df61a2a7eb3b0e69dee8ec6c5f1f33d51f2e58b24ec67ffff2929b4a3a
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
ab76576e12c26582170710e16a74b1216b6d5e5fb191630d6f70c4bbc2d5bb90
adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b84963e11878bfa08c3870cefd95e4887eb4fa821b97ff1bb14f7a76a793d5c4
b93740066fadbde00a03ff560765bd25b8e9ca74f7774a4633f61ce44b332991
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
c3b5d817ffb68de98dc56f289bff8e576ef1025b628e3f8cf459195f363cc317
ca5787e990b7e62b8de95f3888cf2d3d644d606d564ae54fba9c01caf5dd2636
cb9c098ecc228f4b07cc7fa4edf3d97a019789ea8d804b250e692ab6db57a90b
ccee77f4b5d83cb6e274010848ee8baeefbb7d99199d78b22d798676591d36d5
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
cfd147f2909d5c82c13064cef60186c268bfced600b549790228735f7ccd3fb3
d2e862819a537958f61b999b7f37978e5847a82a9eec616fba55e034862a67ac
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
dceee419f32b10e6aad161ed2b603b5e5a892e73539d22c56a6750917450d3de
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83479d5f64e5a65f992def7650d945b783a280d837bffce8e1d8ada1efbd648
e88bc41dfc3e11b318a5a3eeeb403b70f98705db64962f4647a3ad2cb9083aa6
f44f6526e35f8f2595a297c9e049e8efe9159f763c1d14832ada2d66931eebf8
f518d5aa45a5c7d845a8331bc63bfdf05c084d60c32ac6ae6b5fd906e806980e
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f638c37971c2d8a7620a445b734f24ea209991bf8d244cb4e66bc8b575f5c27c
f65079c7844584bf156ebb99949a883280f65cc817eab327c170d766c2a4fa5f
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
fc22d9c12b1042e4937e07bc300e135f3a24825a246df5a3de9f98bbaab6cec3
fd82d09be01ca78c11ab2a3cf07a5da6896957dc12afa4a516746d866c72eef8
ffead3e4f6561930d9686d5c69e2e146b59fedf602473117e42a80d3571ede95

heraldcourier.com Open in urlscan Pro 192.104.183.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

92 %HTTPS

31 %IPv6

9 Domains

10 Subdomains

13 IPs

3 Countries

2016 kBTransfer

5872 kBSize

0 Cookies

13 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

heraldcourier.com Open in urlscan Pro
192.104.183.109 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

92 %
HTTPS

31 %
IPv6

9
Domains

10
Subdomains

13
IPs

3
Countries

2016 kB
Transfer

5872 kB
Size

0
Cookies

79 HTTP transactions
2 data transactions