heraldcourier.com Open in urlscan Pro
192.104.183.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bristolnews.com//
Effective URL:
https://heraldcourier.com/
Submission: On July 13 via api (July 13th 2024, 12:36:05 pm UTC) from US — Scanned from CA

Summary HTTP 225 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 61 IPs in 2 countries across 42 domains to perform 225 HTTP transactions. The main IP is 192.104.183.209, located in United States and belongs to LEE-ASN, US. The main domain is heraldcourier.com.
TLS certificate: Issued by GTS CA 1P5 on May 27th 2024. Valid for: 3 months.

This is the only time heraldcourier.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.104.182.109 192.104.182.109	10668 (LEE-ASN) (LEE-ASN)
1 11	192.104.183.209 192.104.183.209	10668 (LEE-ASN) (LEE-ASN)
39	104.16.132.24 104.16.132.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	108.138.85.31 108.138.85.31	16509 (AMAZON-02) (AMAZON-02)
3	18.160.51.31 18.160.51.31	16509 (AMAZON-02) (AMAZON-02)
2	64.233.180.94 64.233.180.94	15169 (GOOGLE) (GOOGLE)
6	18.238.49.115 18.238.49.115	16509 (AMAZON-02) (AMAZON-02)
6	142.251.163.97 142.251.163.97	15169 (GOOGLE) (GOOGLE)
14	209.85.144.157 209.85.144.157	15169 (GOOGLE) (GOOGLE)
2	108.138.85.55 108.138.85.55	16509 (AMAZON-02) (AMAZON-02)
2	99.86.229.88 99.86.229.88	16509 (AMAZON-02) (AMAZON-02)
1 1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	18.165.81.140 18.165.81.140	16509 (AMAZON-02) (AMAZON-02)
2	34.86.110.8 34.86.110.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	13.32.151.80 13.32.151.80	16509 (AMAZON-02) (AMAZON-02)
1	74.119.117.4 74.119.117.4	19750 (AS-CRITEO) (AS-CRITEO)
3	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	108.138.128.34 108.138.128.34	16509 (AMAZON-02) (AMAZON-02)
1	209.85.201.132 209.85.201.132	15169 (GOOGLE) (GOOGLE)
9	172.217.197.102 172.217.197.102	15169 (GOOGLE) (GOOGLE)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
13	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	142.251.179.132 142.251.179.132	15169 (GOOGLE) (GOOGLE)
1	23.9.164.171 23.9.164.171	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.138.85.76 108.138.85.76	16509 (AMAZON-02) (AMAZON-02)
1	18.160.10.80 18.160.10.80	16509 (AMAZON-02) (AMAZON-02)
1	18.238.58.231 18.238.58.231	16509 (AMAZON-02) (AMAZON-02)
1	18.206.4.140 18.206.4.140	14618 (AMAZON-AES) (AMAZON-AES)
1	209.85.201.101 209.85.201.101	15169 (GOOGLE) (GOOGLE)
1	23.204.206.35 23.204.206.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.22.53.173 104.22.53.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.22.52.86 104.22.52.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	99.86.191.237 99.86.191.237	16509 (AMAZON-02) (AMAZON-02)
1	74.119.117.17 74.119.117.17	19750 (AS-CRITEO) (AS-CRITEO)
2	157.240.229.1 157.240.229.1	32934 (FACEBOOK) (FACEBOOK)
4	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.36.224.135 52.36.224.135	16509 (AMAZON-02) (AMAZON-02)
1	52.85.131.58 52.85.131.58	16509 (AMAZON-02) (AMAZON-02)
1 2	44.210.250.205 44.210.250.205	14618 (AMAZON-AES) (AMAZON-AES)
5	108.138.85.19 108.138.85.19	16509 (AMAZON-02) (AMAZON-02)
2	172.67.23.234 172.67.23.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.152.53.162 54.152.53.162	14618 (AMAZON-AES) (AMAZON-AES)
1	34.194.161.83 34.194.161.83	14618 (AMAZON-AES) (AMAZON-AES)
1	108.139.29.24 108.139.29.24	16509 (AMAZON-02) (AMAZON-02)
1 2	52.85.132.4 52.85.132.4	16509 (AMAZON-02) (AMAZON-02)
1	13.32.208.13 13.32.208.13	16509 (AMAZON-02) (AMAZON-02)
4	157.240.229.35 157.240.229.35	32934 (FACEBOOK) (FACEBOOK)
1	173.194.66.95 173.194.66.95	15169 (GOOGLE) (GOOGLE)
1	172.64.144.78 172.64.144.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.232.93.132 34.232.93.132	14618 (AMAZON-AES) (AMAZON-AES)
1	23.205.106.84 23.205.106.84	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.69.251.6 54.69.251.6	16509 (AMAZON-02) (AMAZON-02)
3	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
1	172.217.197.147 172.217.197.147	15169 (GOOGLE) (GOOGLE)
1	34.231.175.99 34.231.175.99	14618 (AMAZON-AES) (AMAZON-AES)
1	209.85.144.113 209.85.144.113	15169 (GOOGLE) (GOOGLE)
1 2	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1 2	35.244.159.8 35.244.159.8	() ()
225	61

1 192.104.182.109 (United States) 1 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com

www.bristolnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.104.183.209 (United States) 1 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

www.heraldcourier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
heraldcourier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.newyork1.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.85.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-31.iad12.r.cloudfront.net

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.160.51.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-51-31.iad55.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.180.94 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.238.49.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-115.jfk52.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.163.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 209.85.144.157 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f157.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.85.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-55.iad12.r.cloudfront.net

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.229.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-229-88.iad79.r.cloudfront.net

consent.api.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.81.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-81-140.iad55.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.86.110.8 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.110.86.34.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.151.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-80.iad66.r.cloudfront.net

36c6879a-4526-4abb-8e9f-4ebc04002619.redfastlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.128.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-34.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.201.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f132.1e100.net

5e2aea41339c5faf8c52147b7ac78ac3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.197.102 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3006.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.179.132 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: pd-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.9.164.171 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-164-171.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.85.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-76.iad12.r.cloudfront.net

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.10.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-80.iad12.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.58.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-58-231.jfk52.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.206.4.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-4-140.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.201.101 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f101.1e100.net

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.204.206.35 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-206-35.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.53.173 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.191.237 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-191-237.iad79.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.17 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3006.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.36.224.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-224-135.us-west-2.compute.amazonaws.com

postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.131.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-131-58.iad50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.210.250.205 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-250-205.compute-1.amazonaws.com

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.138.85.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-19.iad12.r.cloudfront.net

conduit.redfast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.23.234 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.152.53.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-53-162.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-24.jfk50.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.132.4 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-4.iad50.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.208.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-208-13.iad66.r.cloudfront.net

d-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.66.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f95.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.144.78 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.93.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-93-132.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.106.84 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-106-84.deploy.static.akamaitechnologies.com

sli.heraldcourier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.251.6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-251-6.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.197.147 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.175.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-175-99.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.144.113 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f113.1e100.net

ampcid.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.128.147 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (None, ) 1 redirects

ASN- ()

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	townnews.com bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 17043 bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 22926	601 KB
17	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 6701 router.infolinks.com — Cisco Umbrella Rank: 2721 rt3006.infolinks.com — Cisco Umbrella Rank: 70080	267 KB
17	googlesyndication.com 1 redirects 5e2aea41339c5faf8c52147b7ac78ac3.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com — Cisco Umbrella Rank: 180	416 KB
17	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 234 googleads.g.doubleclick.net — Cisco Umbrella Rank: 69	219 KB
12	heraldcourier.com 1 redirects www.heraldcourier.com heraldcourier.com sli.heraldcourier.com	104 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 67	21 KB
8	osano.com cmp.osano.com — Cisco Umbrella Rank: 5092 consent.api.osano.com — Cisco Umbrella Rank: 9645	121 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 360 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 714 aax.amazon-adsystem.com — Cisco Umbrella Rank: 488 s.amazon-adsystem.com — Cisco Umbrella Rank: 348	82 KB
6	segment.com cdn.segment.com — Cisco Umbrella Rank: 1589	41 KB
6	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3684 rp.liadm.com — Cisco Umbrella Rank: 1059 d-code.liadm.com — Cisco Umbrella Rank: 4079 i.liadm.com — Cisco Umbrella Rank: 574 idx.liadm.com — Cisco Umbrella Rank: 1546	75 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 72	577 KB
6	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2866	89 KB
5	redfast.com conduit.redfast.com — Cisco Umbrella Rank: 21392	4 KB
5	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1568 lexicon.33across.com — Cisco Umbrella Rank: 1636	14 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	5 KB
4	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 12704 www.i.matheranalytics.com — Cisco Umbrella Rank: 12473	45 KB
3	intentiq.com 1 redirects api.intentiq.com — Cisco Umbrella Rank: 1869 sync.intentiq.com — Cisco Umbrella Rank: 1048	3 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1075 bcp.crwdcntrl.net — Cisco Umbrella Rank: 947	25 KB
2	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1745	295 B
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3340 p1.parsely.com — Cisco Umbrella Rank: 2335	25 KB
2	openx.net oajs.openx.net Failed google-bidout-d.openx.net	210 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	75 KB
2	google.com ampcid.google.com — Cisco Umbrella Rank: 3477 www.google.com — Cisco Umbrella Rank: 5	440 B
2	redfastlabs.com 36c6879a-4526-4abb-8e9f-4ebc04002619.redfastlabs.com — Cisco Umbrella Rank: 67122	126 KB
2	simpli.fi tag.simpli.fi — Cisco Umbrella Rank: 4701	3 KB
2	gstatic.com www.gstatic.com	13 KB
1	google.ca ampcid.google.ca — Cisco Umbrella Rank: 139702	369 B
1	segment.io api.segment.io — Cisco Umbrella Rank: 1147	175 B
1	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 570	143 KB
1	postrelease.com postrelease.com — Cisco Umbrella Rank: 928 jadserve.postrelease.com Failed
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 460
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 997	28 KB
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1913	12 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1240	17 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 4048	179 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 240	4 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2350	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 726	13 KB
1	the-ozone-project.com elb.the-ozone-project.com — Cisco Umbrella Rank: 5041 Failed	9 KB
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net
1	adsrvr.org 1 redirects insight.adsrvr.org — Cisco Umbrella Rank: 882	87 B
1	bristolnews.com 1 redirects www.bristolnews.com	104 B
225	42

	Domain	Requested by
37	bloximages.newyork1.vip.townnews.com	heraldcourier.com bloximages.newyork1.vip.townnews.com
14	securepubads.g.doubleclick.net	cmp.osano.com securepubads.g.doubleclick.net tagan.adlightning.com imasdk.googleapis.com
12	pagead2.googlesyndication.com	tagan.adlightning.com blank pagead2.googlesyndication.com heraldcourier.com
10	heraldcourier.com	heraldcourier.com
9	resources.infolinks.com	cmp.osano.com resources.infolinks.com
9	www.google-analytics.com	cmp.osano.com www.googletagmanager.com www.google-analytics.com
6	cdn.segment.com	cmp.osano.com cdn.segment.com
6	www.googletagmanager.com	heraldcourier.com cmp.osano.com
6	tagan.adlightning.com	heraldcourier.com cmp.osano.com tagan.adlightning.com
6	cmp.osano.com	heraldcourier.com cmp.osano.com
5	rt3006.infolinks.com	resources.infolinks.com cmp.osano.com
5	conduit.redfast.com	36c6879a-4526-4abb-8e9f-4ebc04002619.redfastlabs.com
4	www.facebook.com	heraldcourier.com
4	tpc.googlesyndication.com	1 redirects heraldcourier.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	router.infolinks.com	resources.infolinks.com cmp.osano.com
3	cdn-ima.33across.com	cmp.osano.com
3	c.amazon-adsystem.com	heraldcourier.com cmp.osano.com c.amazon-adsystem.com
2	google-bidout-d.openx.net	1 redirects cmp.osano.com
2	s.amazon-adsystem.com	1 redirects cmp.osano.com
2	sync.intentiq.com	1 redirects heraldcourier.com
2	www.i.matheranalytics.com	heraldcourier.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	rp.liadm.com	1 redirects heraldcourier.com
2	lexicon.33across.com	cdn-ima.33across.com
2	connect.facebook.net	cmp.osano.com
2	js.matheranalytics.com	1 redirects heraldcourier.com
2	tags.crwdcntrl.net	cmp.osano.com
2	36c6879a-4526-4abb-8e9f-4ebc04002619.redfastlabs.com	cmp.osano.com
2	tag.simpli.fi	cmp.osano.com
2	consent.api.osano.com	cmp.osano.com
2	www.gstatic.com	heraldcourier.com
2	bloximages.chicago2.vip.townnews.com	heraldcourier.com
1	ampcid.google.ca	www.google-analytics.com
1	idx.liadm.com	d-code.liadm.com
1	www.google.com	tpc.googlesyndication.com
1	api.segment.io	cdn.segment.com
1	sli.heraldcourier.com	heraldcourier.com
1	i.liadm.com	cmp.osano.com
1	imasdk.googleapis.com	cmp.osano.com
1	d-code.liadm.com	cmp.osano.com
1	api.intentiq.com	resources.infolinks.com
1	p1.parsely.com	heraldcourier.com
1	cdn.parsely.com	cmp.osano.com
1	postrelease.com	tagan.adlightning.com
1	gum.criteo.com	cmp.osano.com
1	cdn.id5-sync.com	cmp.osano.com
1	cdn.hadronid.net	cmp.osano.com
1	secure.cdn.fastclick.net	cmp.osano.com
1	ampcid.google.com	www.google-analytics.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	cmp.osano.com
1	b-code.liadm.com	cmp.osano.com
1	s.ntv.io	tagan.adlightning.com
1	cdnjs.cloudflare.com	cmp.osano.com
1	5e2aea41339c5faf8c52147b7ac78ac3.safeframe.googlesyndication.com	cmp.osano.com
1	oa.openxcdn.net	cmp.osano.com
1	static.criteo.net	cmp.osano.com
1	elb.the-ozone-project.com	bloximages.newyork1.vip.townnews.com
1	d1eoo1tco6rr5e.cloudfront.net	cmp.osano.com
1	insight.adsrvr.org	1 redirects
1	www.heraldcourier.com	1 redirects
1	www.bristolnews.com	1 redirects
0	oajs.openx.net Failed	oa.openxcdn.net
0	jadserve.postrelease.com Failed	tagan.adlightning.com
225	66

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
subscriberservicesdsi.lee.net
heraldcourier.obituaries.com
www.stringr.com
heraldcourier.column.us
go.brandavestudios.com
www.google.com
swvatoday.com
us59.dayforcehcm.com
lee.net
bloxcms.com
bloxdigital.com

Subject Issuer	Validity	Valid
heraldcourier.com GTS CA 1P5	`2024-05-27` - `2024-08-25`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1	`2024-03-12` - `2025-04-12`	a year	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-07-08` - `2024-08-05`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.api.osano.com Amazon RSA 2048 M03	`2023-09-27` - `2024-10-25`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.redfastlabs.com Amazon RSA 2048 M03	`2024-07-06` - `2025-08-03`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-27` - `2024-09-24`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net WR3	`2024-05-19` - `2024-08-17`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
infolinks.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2023-08-28` - `2024-08-28`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
hadronid.net GTS CA 1P5	`2024-05-29` - `2024-08-27`	3 months	crt.sh
id5-sync.com E1	`2024-06-04` - `2024-09-02`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-21` - `2024-07-20`	3 months	crt.sh
lexicon.33across.com WR3	`2024-07-11` - `2024-10-09`	3 months	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh
redfast.com Amazon RSA 2048 M02	`2023-12-05` - `2025-01-02`	a year	crt.sh
id.hadron.ad.gt E1	`2024-05-25` - `2024-08-23`	3 months	crt.sh
www.i.matheranalytics.com Amazon RSA 2048 M03	`2023-11-15` - `2024-12-14`	a year	crt.sh
*.intentiq.com Amazon RSA 2048 M03	`2024-03-26` - `2025-04-24`	a year	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
the-ozone-project.com WE1	`2024-06-18` - `2024-09-16`	3 months	crt.sh
sli.leetemplates.com R3	`2024-05-07` - `2024-08-05`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.ca WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2024-04-24` - `2025-04-17`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://heraldcourier.com/
Frame ID: 66291E68F577CB1F4D15E3CB6D324970
Requests: 180 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: DF0FE584B06F897F1E60D1526F8226F8
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 7EB70E800C7A2399FCAD7B6498E8F6CC
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Frame ID: 160A771AE6C498D30099FA358B9F3FE5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: E38506EF8EB414164204C06C17CACF26
Requests: 1 HTTP requests in this frame

Frame: https://5e2aea41339c5faf8c52147b7ac78ac3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B30FE790B47FDD362B29CAE5D84F976A
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js
Frame ID: 8DCA52B00072746D8BED837AE3A0F010
Requests: 7 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js
Frame ID: C3D08F45869025D8975B20B14E5ED7F2
Requests: 5 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js
Frame ID: 448555FA91A1A2C194C6DDAD221980DA
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=heraldcourier.com&gdpr=0&gdpr_consent=&gpp=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_sid=5
Frame ID: D0D9ECCB2A6FAAEE4495CDB6AAC192D1
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2F
Frame ID: 5E6809B1809B78F894B52B173A9BDED6
Requests: 1 HTTP requests in this frame

Frame: https://postrelease.com/iframes/topics.html
Frame ID: D6548FC957D2FC4CF4C7AD4B87532744
Requests: 1 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-4.0.html
Frame ID: CFE2C4319594C01A7D7ECFC10354E09A
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-058n?duid=3f389ea64a07--01j2p1f2hyqdvn4fpnr6aqf0mf&euns=0&s=&us_privacy=1---&gpp_s=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_as=5&version=v2.14.3&cd=.heraldcourier.com
Frame ID: A09FE8830F59A27F3BD659D04FACF065
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 134609DA1B6CBBB142570F1B6F649751
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/zrt_lookup_fy2021.html
Frame ID: 1397DD3638D83CDCF9C83A7599A75C69
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gdpr_consent=tcunavailable&tcfe=3&gpp=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_sid=5&client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=2751417937&pi=t.ma~as.2794737922&w=728&abgtt=1&rdp=false&format=728x90&url=https%3A%2F%2Fheraldcourier.com%2F&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720874145593&bpp=5&bdt=177&idt=312&shv=r20240709&mjsv=m202407110101&ptt=9&saldr=aa&correlator=8184874838080&frm=23&ife=1&pv=2&ga_vid=351378721.1720874146&ga_sid=1720874146&ga_hid=547870303&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95334510%2C95334524%2C95334829%2C31085242%2C21065724%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3217362809498527&tmod=795319980&uas=0&nvt=1&loc=https%3A%2F%2Fheraldcourier.com%2F&fc=640&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.6fg7szvr32li&fsb=1&dtd=355
Frame ID: 2D46BA2BBD13C73A17AC0D4EDF9EB230
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gdpr_consent=tcunavailable&tcfe=3&gpp=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_sid=5&client=ca-pub-6373315980741255&output=html&adk=1812271804&adf=480832066&abgtt=1&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&rdp=false&format=0x0&url=https%3A%2F%2Fheraldcourier.com%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_18~29_11~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720874145593&bpp=2&bdt=178&idt=321&shv=r20240709&mjsv=m202407110101&ptt=9&saldr=aa&prev_fmts=728x90&nras=1&correlator=8184874838080&frm=23&ife=1&pv=1&ga_vid=351378721.1720874146&ga_sid=1720874146&ga_hid=547870303&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95334510%2C95334524%2C95334829%2C31085242%2C21065724%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3217362809498527&tmod=795319980&uas=0&nvt=1&fsapi=1&loc=https%3A%2F%2Fheraldcourier.com%2F&fc=640&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=2.vdest8x89yd3&fsb=1&dtd=358
Frame ID: 8AA966EA682557339A7B777E974FE09F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ED111C57B81FAF5952470D6815E7A920
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9056DCD3D4F8B64E361720CFECDF71FB
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-LoopMe_n-minuteMedia_bf_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift_n-Outbrain&dcc=t
Frame ID: 2CB53C2CBC3653B2050D8BA4ED4AB283
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Frame ID: 4730F1A478478B6684DDFAB47586B928
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bristol Herald Courier | Breaking News | Read Bristol, VA and Virginia breaking news. Get latest news, events and information on Virginia sports, weather, entertainment and lifestyles

Page URL History Show full URLs

http://www.bristolnews.com// HTTP 307
https://www.bristolnews.com// HTTP 301
https://www.heraldcourier.com/ HTTP 301
https://heraldcourier.com/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

225
Requests

86 %
HTTPS

0 %
IPv6

42
Domains

66
Subdomains

61
IPs

2
Countries

3359 kB
Transfer

11526 kB
Size

166
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsts-gmZFBFJ1qrJ6wsTmOpXyZuGV8HZQuO2gGFjKIEbZwddFIDxPxFAeV-rGlEUU4vG9Mya_CozijsOUk9sjocjgC7CNim-KCPJ89b2L-ZR4oU6q8e5m9QGxL9Kyx0T5UF-b5i5OO_2KBe-5H4_Mogz9ShNiMkbElMAdbykoVej2aEe_M33xY_Nz5SR-HNtPIw2H3bOedZSIPLtxrYr_U8z5fuf4lFtdm5TcpujTaLPHl89d2FvZrTURv8_kNLGZJVbPHSHlyg04IEMbkObDUj6gkKYiZDGiBfaxMIQ5uFUtwuVm7ZtjvI3nFF6UEZoimPv02kGWJSJjdc0y1npVPUYlci2PBVutzXRDdvoV8adHYZedYCr%2526sai%253DAMfl-YQXPTqcBo59YysQ4zfcDXy0wIHR-VNHN47YCH5MLvuU2oUS7P678z8QGn9RwNewCHRtpKhllW_foqvYnjP0L-JBY8OxMi2vsjesHFH4Rqzb9cWMjwRlR4HOCDP5Efe6DGs6Jp_1RXYS0pI4i-1EgGra%2526sig%253DCg0ArKJSzE1wqO8-pDD5EAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps://www.firestonecompleteautocare.com/

Search URL Search Domain Scan URL

URL: https://subscriberservicesdsi.lee.net/subscriberservices/Content/paymentpagesingle.aspx?Domain=heraldcourier.com&SubscriberLevel=DOP&Return=https%3A%2F%2Fheraldcourier.com%2F#tracking-source=header&ir=true
Title: Subscribe $1 for 6 months

Search URL Search Domain Scan URL

URL: https://heraldcourier.obituaries.com/?utm_campaign=consumerdirect&utm_source=lee&utm_medium=np_s&utm_content=heraldcourier
Title: Share a story

Search URL Search Domain Scan URL

URL: https://www.stringr.com/xlFFejdUIVF
Title: Share video

Search URL Search Domain Scan URL

URL: https://heraldcourier.column.us/search
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://subscriberservicesdsi.lee.net/subscriberservices/Content/AccountStatus.aspx?Domain=heraldcourier.com
Title: My Subscription

Search URL Search Domain Scan URL

URL: https://go.brandavestudios.com/BAChecklist
Title: Big Auto Accident Attorneys

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//5162%20VALLEYPOINTE%20PARKWAY%2BROANOKE%2BVA%2B24019
Title: 5162 VALLEYPOINTE PARKWAY, ROANOKE, VA 24019

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//239%20FRANKLIN%20LN%2BELIZABETHTON%2BTN%2B37643
Title: 239 FRANKLIN LN, ELIZABETHTON, TN 37643

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//78%20ABBIE%20LANE%2BBRISTOL%2BTN%2B37620
Title: 78 ABBIE LANE, BRISTOL, TN 37620

Search URL Search Domain Scan URL

URL: https://swvatoday.com/
Title: SWVA Today

Search URL Search Domain Scan URL

URL: https://us59.dayforcehcm.com/CandidatePortal/en-US/leeenterprises/SITE/CANDIDATEPORTAL
Title: Join Our Team

Search URL Search Domain Scan URL

URL: https://lee.net/advertise/tos/
Title: Advertising Terms of Use

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://bloxdigital.com/
Title: bloxdigital.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bristolnews.com// HTTP 307
https://www.bristolnews.com// HTTP 301
https://www.heraldcourier.com/ HTTP 301
https://heraldcourier.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe HTTP 301
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

Request Chain 94

https://js.matheranalytics.com/s/ma1527/725149306/lee/ml.js?cb=1660 HTTP 301
https://js.matheranalytics.com/static/ltm/ma1527/lee/6/ml.br.js

Request Chain 105

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODrlLrJJxABGAEyCLk7K10w3IA- HTTP 301
https://tpc.googlesyndication.com/simgad/1468822993788261277

Request Chain 146

https://rp.liadm.com/j?dtstmp=1720874142866&aid=a-058n&se=e30&duid=3f389ea64a07--01j2p1f2hyqdvn4fpnr6aqf0mf&tv=v2.14.3&pu=https%3A%2F%2Fheraldcourier.com%2F&ext__pubcid=d1865ff5-c4f1-4314-9893-a37f93f94876&us_privacy=1---&wpn=lc-bundle&gdpr=0&gpp_s=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_as=5&cd=.heraldcourier.com&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlJlYWQgdGhlIGxhdGVzdCBCcmlzdG9sLCBWQSBuZXdzLiBHZXQgdGhlIGxhdGVzdCBvbiBldmVudHMsIHNwb3J0cywgd2VhdGhlciwgZW50ZXJ0YWlubWVudCwgbGlmZXN0eWxlcyBhbmQgbW9yZS4iPjx0aXRsZT5CcmlzdG9sIEhlcmFsZCBDb3VyaWVyIHwgQnJlYWtpbmcgTmV3cyB8IFJlYWQgQnJpc3RvbCwgVkEgYW5kIFZpcmdpbmlhIGJyZWFraW5nIG5ld3MuIEdldCBsYXRlc3QgbmV3cywgZXZlbnRzIGFuZCBpbmZvcm1hdGlvbiBvbiBWaXJnaW5pYSBzcG9ydHMsIHdlYXRoZXIsIGVudGVydGFpbm1lbnQgYW5kIGxpZmVzdHlsZXM8L3RpdGxlPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL2hlcmFsZGNvdXJpZXIuY29tLyI-PHRpdGxlIGlkPSJ0bnQtc3ZnLXRpdGxlLTEiPkNvbGxlY3Rpb248L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS0yIj5WaWRlbzwvdGl0bGU-PHRpdGxlIGlkPSJ0bnQtc3ZnLXRpdGxlLTMiPkNvbGxlY3Rpb248L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS00Ij5WaWRlbzwvdGl0bGU-PHRpdGxlIGlkPSJ0bnQtc3ZnLXRpdGxlLTUiPlZpZGVvPC90aXRsZT48dGl0bGUgaWQ9InRudC1zdmctdGl0bGUtNiI-VmlkZW88L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS03Ij5WaWRlbzwvdGl0bGU-PHRpdGxlIGlkPSJ0bnQtc3ZnLXRpdGxlLTgiPkF1ZGlvPC90aXRsZT48dGl0bGUgaWQ9InRudC1zdmctdGl0bGUtOSI-QXVkaW88L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS0xMCI-QXVkaW88L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS0xMSI-QXVkaW88L3RpdGxlPg HTTP 302
https://rp.liadm.com/j?dtstmp=1720874142866&aid=a-058n&se=e30&duid=3f389ea64a07--01j2p1f2hyqdvn4fpnr6aqf0mf&tv=v2.14.3&pu=https%3A%2F%2Fheraldcourier.com%2F&ext__pubcid=d1865ff5-c4f1-4314-9893-a37f93f94876&us_privacy=1---&wpn=lc-bundle&gdpr=0&gpp_s=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_as=5&cd=.heraldcourier.com&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlJlYWQgdGhlIGxhdGVzdCBCcmlzdG9sLCBWQSBuZXdzLiBHZXQgdGhlIGxhdGVzdCBvbiBldmVudHMsIHNwb3J0cywgd2VhdGhlciwgZW50ZXJ0YWlubWVudCwgbGlmZXN0eWxlcyBhbmQgbW9yZS4iPjx0aXRsZT5CcmlzdG9sIEhlcmFsZCBDb3VyaWVyIHwgQnJlYWtpbmcgTmV3cyB8IFJlYWQgQnJpc3RvbCwgVkEgYW5kIFZpcmdpbmlhIGJyZWFraW5nIG5ld3MuIEdldCBsYXRlc3QgbmV3cywgZXZlbnRzIGFuZCBpbmZvcm1hdGlvbiBvbiBWaXJnaW5pYSBzcG9ydHMsIHdlYXRoZXIsIGVudGVydGFpbm1lbnQgYW5kIGxpZmVzdHlsZXM8L3RpdGxlPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL2hlcmFsZGNvdXJpZXIuY29tLyI-PHRpdGxlIGlkPSJ0bnQtc3ZnLXRpdGxlLTEiPkNvbGxlY3Rpb248L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS0yIj5WaWRlbzwvdGl0bGU-PHRpdGxlIGlkPSJ0bnQtc3ZnLXRpdGxlLTMiPkNvbGxlY3Rpb248L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS00Ij5WaWRlbzwvdGl0bGU-PHRpdGxlIGlkPSJ0bnQtc3ZnLXRpdGxlLTUiPlZpZGVvPC90aXRsZT48dGl0bGUgaWQ9InRudC1zdmctdGl0bGUtNiI-VmlkZW88L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS03Ij5WaWRlbzwvdGl0bGU-PHRpdGxlIGlkPSJ0bnQtc3ZnLXRpdGxlLTgiPkF1ZGlvPC90aXRsZT48dGl0bGUgaWQ9InRudC1zdmctdGl0bGUtOSI-QXVkaW88L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS0xMCI-QXVkaW88L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS0xMSI-QXVkaW88L3RpdGxlPg&n3pc=true

Request Chain 167

https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=928940&iiqidtype=2&iiqpcid=c1b7042a-492a-446e-bb4e-bd24ed7d47c2&iiqpciddate=1720874143274&tsrnd=110_1720874143275&fbp=2505576691&jsver=5.36&abtp=100&abtg=A HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=928940&iiqidtype=2&iiqpcid=c1b7042a-492a-446e-bb4e-bd24ed7d47c2&iiqpciddate=1720874143274&tsrnd=110_1720874143275&fbp=2505576691&jsver=5.36&abtp=100&abtg=A&ckls=true&ci=fYzo5BLKrA&nc=false&trid=-1699695500

Request Chain 222

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-LoopMe_n-minuteMedia_bf_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift_n-Outbrain HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-LoopMe_n-minuteMedia_bf_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift_n-Outbrain&dcc=t

Request Chain 223

https://google-bidout-d.openx.net/w/1.0/pd?plm=5 HTTP 302
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

225 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
heraldcourier.com/
Redirect Chain

http://www.bristolnews.com//
https://www.bristolnews.com//
https://www.heraldcourier.com/
https://heraldcourier.com/

543 KB
65 KB

37ms
36ms

Document
text/html

192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

ffb4f98cfb15bbdb4c1b6412baa6a661a0d5ff356f52866f88870bf05850380d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 964
cache-control: public, max-age=10
content-encoding: gzip
content-length: 63920
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 13 Jul 2024 12:19:34 GMT
etag: W/373185e7713bf3fb1bc38345dc4349ba
last-modified: Sat, 13 Jul 2024 12:19:32 GMT
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.78.3; app6; 1.61s; 6M
x-ua-compatible: IE=edge
x-vcache: HIT
x-xrds-location: https://heraldcourier.com/tncms/xrds/
x-xss-protection: 1; mode=block

Redirect headers

age: 72
cache-control: public, max-age=300
content-encoding: gzip
content-length: 1465
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 13 Jul 2024 12:34:26 GMT
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
location: https://heraldcourier.com/
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.78.3; app15; 0.02s; 1.1M
x-vcache: HIT
x-xrds-location: https://heraldcourier.com/tncms/xrds/
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
38 KB 160ms
59ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 216270
cross-origin-resource-policy: cross-origin
content-length: 38456
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e609f2-1882c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a295068aba0ac39-YYZ
expires: Thu, 13 Mar 2025 19:25:40 GMT

GET
H2 200 user.js Show response
heraldcourier.com/shared-content/art/tncms/user/ 3 KB
2 KB 58ms
56ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldcourier.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:33:49 GMT
content-encoding: gzip
last-modified: Thu, 27 Jun 2024 13:35:23 GMT
x-vcache: HIT
age: 109
etag: W/"667d6a9b-c46"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1437
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
13 KB 157ms
57ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 5359029
cross-origin-resource-policy: cross-origin
content-length: 12719
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a295068aba3ac39-YYZ
expires: Thu, 13 Mar 2025 19:25:40 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 33 KB
14 KB 158ms
58ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 5359029
cross-origin-resource-policy: cross-origin
content-length: 14189
last-modified: Wed, 21 Feb 2024 21:20:34 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66922-841f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a295068ab9eac39-YYZ
expires: Thu, 13 Mar 2025 15:35:30 GMT

GET
H2 200 tnt.ee95c0b6f1daceb31bf5ef84353968c6.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 11 KB
4 KB 157ms
58ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 5246393
cross-origin-resource-policy: cross-origin
content-length: 4260
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-2d77"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a295068ab9dac39-YYZ
expires: Thu, 13 Mar 2025 18:03:32 GMT

GET
H2 200 application.3c64d611e594b45dd35b935162e79d85.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 155ms
56ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 5297648
cross-origin-resource-policy: cross-origin
content-length: 1590
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-1102"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a2950688b8eac39-YYZ
expires: Thu, 13 Mar 2025 16:50:23 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
1 KB 157ms
59ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 11729919
cross-origin-resource-policy: cross-origin
content-length: 910
last-modified: Tue, 28 Nov 2023 17:50:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6566284d-9b8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a295068aba2ac39-YYZ
expires: Sat, 30 Nov 2024 09:19:24 GMT

GET
H2 200 bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
21 KB 133ms
34ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 100076
cross-origin-resource-policy: cross-origin
content-length: 21439
last-modified: Wed, 21 Feb 2024 21:20:32 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66920-1ac2e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a2950688b8aac39-YYZ
expires: Thu, 13 Mar 2025 16:50:22 GMT

GET
H2 200 layout.d9bf9fa5b377514df7224a864456e96d.css
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 154 KB
33 KB 130ms
32ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.d9bf9fa5b377514df7224a864456e96d.css

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f44f6526e35f8f2595a297c9e049e8efe9159f763c1d14832ada2d66931eebf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 4550346
cross-origin-resource-policy: cross-origin
content-length: 34092
last-modified: Thu, 16 May 2024 12:56:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"66460270-266b1"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a2950688b88ac39-YYZ
expires: Wed, 21 May 2025 19:01:41 GMT

GET
H2 200 lee.ds.css
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ 98 KB
20 KB 133ms
35ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1719900005

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a2e9aea8b17986ba1a3f447b9fbe6dfae755492b579e4f073f2a62fc0f31dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 973624
cross-origin-resource-policy: cross-origin
content-length: 20642
last-modified: Tue, 02 Jul 2024 06:00:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"66839765-18651"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a2950688b87ac39-YYZ
expires: Wed, 02 Jul 2025 06:05:17 GMT

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 129ms
31ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 11717560
cross-origin-resource-policy: cross-origin
content-length: 1979
last-modified: Tue, 28 Nov 2023 17:50:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65662850-183e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a2950688b86ac39-YYZ
expires: Sat, 30 Nov 2024 08:37:43 GMT

GET
H2 200 owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 5 KB
1 KB 75ms
60ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b93740066fadbde00a03ff560765bd25b8e9ca74f7774a4633f61ce44b332991

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 216181
cross-origin-resource-policy: cross-origin
content-length: 1376
last-modified: Wed, 21 Feb 2024 21:20:37 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66925-12c4"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a2950688b89ac39-YYZ
expires: Thu, 13 Mar 2025 16:50:41 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 408 KB
87 KB 775ms
365ms Script
application/javascript 108.138.85.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.85.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-85-31.iad12.r.cloudfront.net

Software

CloudFront /

Resource Hash

e1516994e225310f58d83644b803fe98b3f5e085c86f746dc70b89db11bfabf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:39 GMT
content-encoding: br
via: 1.1 0cba74644cedf83bb6fb7dc90d8b0980.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P2
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88524
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Jul 2024 21:47:38 GMT
server: CloudFront
etag: "aa4081ec505c7c54e71639a1df60af1c"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: T3lPIhIAuIQueu9LQZtn-vgFoTuq4n0q_oBWxe8PX5EMG-x_NG5rVw==

GET
H2 200 access.d7adebba498598b0ec2c.js Show response
heraldcourier.com/shared-content/art/tncms/api/ 70 KB
29 KB 42ms
36ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldcourier.com/shared-content/art/tncms/api/access.d7adebba498598b0ec2c.js
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365

Request headers

Referer: https://heraldcourier.com/
Origin: https://heraldcourier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:31:55 GMT
content-encoding: gzip
last-modified: Sun, 07 Jul 2024 17:49:04 GMT
x-vcache: HIT
age: 223
etag: W/"668ad510-1164b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 29242
service-worker-allowed: /

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 310 KB
77 KB 142ms
48ms Script
application/javascript 18.160.51.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.51.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-51-31.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e03f31f070cdf96deb44c8a8760578f65f041cdfc2f69a1b449da43ee298c326

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:49:19 GMT
content-encoding: gzip
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront), 1.1 fbc610cefe909c4febc0d681ddbb9a44.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 23:08:14 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, IAD55-P2
age: 2781
x-amz-server-side-encryption: AES256
etag: W/"ba6b386e5d42265c831a1ba06f75f187"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: _edkrMpBIx4Mw6KwXjrK3TQ5F1dPZSEQagWlBzLNkezLi0YkAvWExw==

GET
H2 200 heraldcourier.com.v2.js Show response
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/ 998 B
614 B 113ms
58ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/heraldcourier.com.v2.js?_dc=1720873172

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2da05efa253df31f6689aae783a930ddcdd96286a96cc6aea528f6e3b9365cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-length: 469
last-modified: Sat, 13 Jul 2024 05:01:44 GMT
x-vcache: MISS
server: cloudflare
etag: W/"66920a38-3e6"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a295068dbbdac39-YYZ
expires: Sun, 13 Jul 2025 12:22:15 GMT

GET
H2 200 owl.carousel.50dc41fa734414148ce4b489fd904c5f.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 41 KB
13 KB 61ms
54ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/owl.carousel.50dc41fa734414148ce4b489fd904c5f.js

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3386bb5a79ff2284d6557313c0ddd06b0a64b9bfb6daf9631aaf6d2343d219cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 1936442
cross-origin-resource-policy: cross-origin
content-length: 12674
last-modified: Wed, 21 Feb 2024 21:20:35 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66923-a55f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a2950688b8cac39-YYZ
expires: Thu, 13 Mar 2025 16:50:43 GMT

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
2 KB 32ms
32ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:39 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 5246381
cross-origin-resource-policy: cross-origin
content-length: 1322
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-dbe"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a29506a4cc3ac39-YYZ
expires: Thu, 13 Mar 2025 15:35:30 GMT

GET
H2 200 tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
2 KB 32ms
31ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:39 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 5297649
cross-origin-resource-policy: cross-origin
content-length: 2388
last-modified: Wed, 13 Mar 2024 21:59:54 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65f221da-1baf"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a29506a8cdeac39-YYZ
expires: Mon, 24 Mar 2025 05:29:58 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 378ms
43ms Script
text/javascript 64.233.180.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.180.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f94.1e100.net

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 20:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3945
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Jul 2025 20:51:02 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
9 KB 44ms
44ms Script
text/javascript 64.233.180.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.180.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f94.1e100.net

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 06:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 368552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8653
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Jul 2025 06:13:07 GMT

GET
H2 200 messaging.js Show response
heraldcourier.com/shared-content/art/tncms/api/ 2 KB
1 KB 36ms
36ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldcourier.com/shared-content/art/tncms/api/messaging.js
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:34:02 GMT
content-encoding: gzip
last-modified: Thu, 27 Jun 2024 13:35:23 GMT
x-vcache: HIT
age: 96
etag: W/"667d6a9b-9cb"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 885
service-worker-allowed: /

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 207 B
287 B 63ms
56ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 11720076
cross-origin-resource-policy: cross-origin
content-length: 176
last-modified: Tue, 28 Nov 2023 17:50:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65662850-cf"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a2950688b8dac39-YYZ
expires: Fri, 29 Nov 2024 11:24:49 GMT

GET
H2 200 tracking.js Show response
heraldcourier.com/shared-content/art/tncms/ 3 KB
1 KB 41ms
37ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldcourier.com/shared-content/art/tncms/tracking.js
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:32:43 GMT
content-encoding: gzip
last-modified: Thu, 27 Jun 2024 13:35:23 GMT
x-vcache: HIT
age: 175
etag: W/"667d6a9b-a3a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1157
service-worker-allowed: /

GET
H2 200 prebid8.39.0.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 260 KB
92 KB 64ms
58ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/prebid8.39.0.js?_dc=1718863205

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c447506df9ed73c4d2bab46a1477c2858588c62ac4e81606b139e04b94e3ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2007901
cross-origin-resource-policy: cross-origin
content-length: 94346
last-modified: Thu, 20 Jun 2024 06:00:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6673c565-40e18"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a295068aba1ac39-YYZ
expires: Fri, 20 Jun 2025 06:06:01 GMT

GET
H2 200 lee.common.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ 11 KB
4 KB 66ms
60ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/lee.common.js?_dc=1719900005

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffead3e4f6561930d9686d5c69e2e146b59fedf602473117e42a80d3571ede95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 216267
cross-origin-resource-policy: cross-origin
content-length: 3556
last-modified: Tue, 02 Jul 2024 06:00:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"66839765-2c45"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a295068ab9cac39-YYZ
expires: Thu, 03 Jul 2025 11:52:16 GMT

GET
H2 200 fontawesome.568f3d1ab17b33ce05854081baadadac.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 268 KB
110 KB 31ms
30ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.568f3d1ab17b33ce05854081baadadac.js

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:39 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 9867914
cross-origin-resource-policy: cross-origin
content-length: 112383
last-modified: Wed, 21 Feb 2024 21:20:34 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66922-43130"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a29506daeccac39-YYZ
expires: Thu, 13 Mar 2025 16:50:23 GMT

GET
H2 200 tracker.js Show response
heraldcourier.com/shared-content/art/stats/common/ 9 KB
3 KB 42ms
39ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldcourier.com/shared-content/art/stats/common/tracker.js
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:32:43 GMT
content-encoding: gzip
last-modified: Tue, 09 Apr 2024 20:00:11 GMT
x-vcache: HIT
age: 175
etag: W/"66159e4b-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 e0d66240-6be2-11ec-a380-ff649233b50f.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/custom/image/ 4 KB
4 KB 68ms
65ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/custom/image/e0d66240-6be2-11ec-a380-ff649233b50f.png

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e88bc41dfc3e11b318a5a3eeeb403b70f98705db64962f4647a3ad2cb9083aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:39 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 11720808
cf-polished: origFmt=png, origSize=5857
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="e0d66240-6be2-11ec-a380-ff649233b50f.webp"
content-length: 4166
cf-bgj: imgq:85,h2pri
last-modified: Sun, 02 Jan 2022 15:44:32 GMT
server: cloudflare
x-vcache: MISS
etag: "61d1c860-16e1"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a295068cbb6ac39-YYZ
expires: Thu, 09 Jan 2025 18:33:56 GMT

GET
H2 200 user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ 978 B
1 KB 31ms
30ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:39 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 5229584
cf-polished: origFmt=png, origSize=3610
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="user_no_avatar.webp"
content-length: 978
cf-bgj: imgq:85,h2pri
last-modified: Thu, 02 Apr 2015 21:53:54 GMT
server: cloudflare
x-vcache: MISS
etag: "551dba72-e1a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a29506dbed6ac39-YYZ
expires: Fri, 02 May 2025 20:36:13 GMT

GET
H2 200 newsplus_white.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 4 KB
4 KB 67ms
65ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/newsplus_white.png?_dc=1719900005

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55c986d4797a19819c545e7ab2874ec5a1f68f19a54885b770a7344924fb7379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:39 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 959620
cf-polished: origFmt=png, origSize=8454
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="newsplus_white.webp"
content-length: 4248
cf-bgj: imgq:85,h2pri
last-modified: Tue, 02 Jul 2024 06:00:05 GMT
server: cloudflare
x-vcache: MISS
etag: "66839765-2106"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a295068cbb7ac39-YYZ
expires: Wed, 02 Jul 2025 06:05:18 GMT

GET
H2 200 logo-tagline.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 5 KB
5 KB 33ms
32ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/logo-tagline.png?_dc=1719900005

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:39 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 959620
cf-polished: origFmt=png, origSize=10949
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="logo-tagline.webp"
content-length: 5302
cf-bgj: imgq:85,h2pri
last-modified: Tue, 02 Jul 2024 06:00:05 GMT
server: cloudflare
x-vcache: MISS
etag: "66839765-2ac5"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a2950693c07ac39-YYZ
expires: Wed, 02 Jul 2025 06:05:18 GMT

GET
H2 200 syd-logo.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/deal-widget/ 3 KB
3 KB 32ms
32ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/deal-widget/syd-logo.png?_dc=24.07.13.08

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45782508a28c1f03ebbfd53a3f172c85e77877a18b612b6dd23819cdc35dc54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:39 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1951
cf-polished: origFmt=png, origSize=5232
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="syd-logo.webp"
content-length: 2988
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Sep 2020 18:46:10 GMT
server: cloudflare
x-vcache: MISS
etag: "5f7380f2-1470"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a29506e7f9bac39-YYZ
expires: Sun, 13 Jul 2025 12:00:05 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/leeenterprises/ 15 KB
7 KB 166ms
37ms Script
application/javascript 18.238.49.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/op.js
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-115.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 092bbd7d5b73049f15027917d9c91c79784d4c47257a868b9fba05d7ea0ede20

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:29:44 GMT
content-encoding: gzip
via: 1.1 2260f0d6b734b81aaef20a0b1c178318.cloudfront.net (CloudFront)
x-amz-version-id: V.e_czR8IDZbVYb.bSd1lhKFMaRta8DL
x-amz-cf-pop: JFK52-P3
age: 356
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6682
x-amz-meta-git_commit: 904ac2d
last-modified: Fri, 12 Jul 2024 12:32:23 GMT
server: AmazonS3
etag: "953161988ba597a5eda2236a8326c9bf"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: B8PD-s04ZLEq4Xsp_qXzmGn0i1LKEYB2dsgC52nXrrM1_2hDy5iVpQ==

GET
H2 200 heraldcourier.com.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/ 1 KB
463 B 33ms
32ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/heraldcourier.com.js?_dc=1718863205

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76460f1cd530a92dcb3d35468233b10d40dcb0ea7595aceb225104e63c3b78bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2007900
cross-origin-resource-policy: cross-origin
content-length: 375
last-modified: Thu, 20 Jun 2024 06:00:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6673c565-5b9"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a2950697c3cac39-YYZ
expires: Fri, 20 Jun 2025 06:06:01 GMT

GET
H2 200 dfp.lazy.ozone.js Show response
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 19 KB
5 KB 34ms
33ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/dfp.lazy.ozone.js?_dc=1718863205

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b84963e11878bfa08c3870cefd95e4887eb4fa821b97ff1bb14f7a76a793d5c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2007901
cross-origin-resource-policy: cross-origin
content-length: 5213
last-modified: Thu, 20 Jun 2024 06:00:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6673c565-4ab8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a295069ac5bac39-YYZ
expires: Fri, 20 Jun 2025 06:06:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 255 KB
86 KB 553ms
56ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

23b818c0a04ba607bda3fd289f22edc2079cb8166010be3e90c52f39ae51bfdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87552
x-xss-protection: 0
last-modified: Sat, 13 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jul 2024 12:35:40 GMT

GET
BLOB 200
OK 36952ab8-1c1d-460a-b133-8d0a135105bc
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/36952ab8-1c1d-460a-b133-8d0a135105bc
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
31 KB 526ms
429ms Script
text/javascript 209.85.144.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f157.1e100.net

Software

cafe /

Resource Hash

9f68267a658666b4d4376e5849b57229314e917fb9c266ccea0852fcf333e265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32110
x-xss-protection: 0
server: cafe
etag: 610 / 19917 / m202407090101 / config-hash: 1273856019300616712
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 12:35:40 GMT

GET
H2 200 tracker.gif
heraldcourier.com/shared-content/art/stats/common/ 0
145 B 36ms
36ms Image
image/gif 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldcourier.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=17208741400708080160012001238729662923&tnms_dt=Bristol%20Herald%20Courier%20%7C%20Breaking%20News%20%7C%20Read%20Bristol%2C%20VA%20and%20Virginia%20breaking%20news.%20Get%20latest%20news%2C%20events%20and%20information%20on%20Virginia%20sports%2C%20weather%2C%20entertainment%20and%20lifestyles&tnms_upage=1&tnms_do=heraldcourier.com&tnms_uri=/&tnms_ref=&rt=1720874140071
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:40 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
x-vcache: MISS
age: 0
etag: "48f79fed-0"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 556 KB
140 KB 548ms
99ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

6c99489b319b437a61fc68c8239e83a67515a7f3e86929bd3253ca29bbd31732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143564
x-xss-protection: 0
last-modified: Sat, 13 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jul 2024 12:35:40 GMT

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 serif-ds.woff2
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 26 KB
26 KB 343ms
35ms Font
application/font-woff2 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/serif-ds.woff2

Requested by

Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1719900005

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1719900005
Origin: https://heraldcourier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:40 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 5683289
cross-origin-resource-policy: cross-origin
content-length: 26164
last-modified: Tue, 12 Mar 2024 18:40:49 GMT
x-vcache: MISS
server: cloudflare
etag: "65f0a1b1-6634"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a295071da91aa9c-YYZ
expires: Thu, 13 Mar 2025 18:01:49 GMT

GET
H2 200 66917b4bcb82b.image.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/6/1b/61be7ad2-407f-11ef-be5a-bfa137628ac8/ 13 KB
13 KB 79ms
76ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/6/1b/61be7ad2-407f-11ef-be5a-bfa137628ac8/66917b4bcb82b.image.jpg?crop=858%2C483%2C0%2C298&resize=750%2C422&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4ac3340e2709533e067e362cc21cbe323f9e77905a4377b6ec67ea7711db6b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:40 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=21111
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="66917b4bcb82b.webp"
content-length: 13446
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Jul 2024 18:51:55 GMT
server: cloudflare
x-vcache: MISS
etag: "62824620c2c6f38ac4151e0ee9d30cf2"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a29506fe8b0ac39-YYZ
expires: Sun, 13 Jul 2025 08:21:01 GMT

GET
H2 200 65134ea658089.image.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/a/00/a004cabc-5cb4-11ee-aaaf-53097b87f5e5/ 3 KB
3 KB 75ms
73ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/a/00/a004cabc-5cb4-11ee-aaaf-53097b87f5e5/65134ea658089.image.png?crop=475%2C267%2C0%2C103&resize=300%2C169&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b2a7ea474bb545e729268b4086e221ac3d92bef399d0dcf5c57ae843378e314

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:40 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=6026
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="65134ea658089.webp"
content-length: 3082
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Sep 2023 21:35:34 GMT
server: cloudflare
x-vcache: MISS
etag: "e7d17f24b6058a028fbfe32e14d685af"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a29506fe8b1ac39-YYZ
expires: Fri, 11 Jul 2025 14:42:53 GMT

GET
H2 200 63e800ca9a281.image.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/7/e9/7e911ea4-3a39-11ef-9189-2f147f0bcabc/ 9 KB
9 KB 49ms
47ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/7/e9/7e911ea4-3a39-11ef-9189-2f147f0bcabc/63e800ca9a281.image.jpg?crop=475%2C267%2C0%2C201&resize=300%2C169&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eacc85b8852ba94518a0ae128c6b1fb5d67ebb058eb405ab051465ea3bc0081a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:40 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origSize=9440, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 8902
cf-bgj: imgq:85,h2pri
last-modified: Thu, 04 Jul 2024 19:13:28 GMT
server: cloudflare
x-vcache: MISS
etag: "9d73cc2f2e28ca81b0a48781386ca74e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a29506ff8b2ac39-YYZ
expires: Sun, 06 Jul 2025 11:44:53 GMT

GET
H2 200 50d4712be21df.image.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/c/34/c3413b8d-b9f3-5c8b-8aa4-2cdac4ff5ecb/ 3 KB
3 KB 77ms
75ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/c/34/c3413b8d-b9f3-5c8b-8aa4-2cdac4ff5ecb/50d4712be21df.image.jpg?crop=133%2C75%2C0%2C62&resize=133%2C75&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56e123c58ef432205f90e32680de69bf58545e1c2e4c52adafe3840ab56468d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:40 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=3448
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="50d4712be21df.webp"
content-length: 2598
cf-bgj: imgq:85,h2pri
last-modified: Fri, 21 Dec 2012 14:24:44 GMT
server: cloudflare
x-vcache: MISS
etag: "18bd84320ef7105d00777c7fad3accaa"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a29506ff8b3ac39-YYZ
expires: Sun, 13 Jul 2025 06:08:27 GMT

GET
H2 200 5b811a05a7eae.image.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/e/ca/ecacefcc-a844-11e8-b7a6-9f8e82b5ffdf/ 8 KB
8 KB 77ms
76ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/e/ca/ecacefcc-a844-11e8-b7a6-9f8e82b5ffdf/5b811a05a7eae.image.jpg?crop=680%2C383%2C256%2C432&resize=300%2C169&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71c8a46b4771d78ee740a13b4e09815517b4c4660de0e28e3fb1e8ad7ed3b2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:40 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=8304
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="5b811a05a7eae.webp"
content-length: 7734
cf-bgj: imgq:85,h2pri
last-modified: Sat, 25 Aug 2018 08:57:42 GMT
server: cloudflare
x-vcache: MISS
etag: "82dabe781dfe036c7f26b19c526ede54"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a29506ff8b4ac39-YYZ
expires: Sun, 13 Jul 2025 06:13:27 GMT

GET
H2 200 b-904ac2d-fa24dc02.js Show response
tagan.adlightning.com/leeenterprises/ 71 KB
26 KB 42ms
42ms Script
application/javascript 18.238.49.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-115.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e2538ddd14fe3225b3349e4c508da448b0ac8df11ebead50b55662b2f3df076

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 00:14:33 GMT
content-encoding: gzip
via: 1.1 2260f0d6b734b81aaef20a0b1c178318.cloudfront.net (CloudFront)
x-amz-version-id: JpQLJZlJiYH0ImTqvWyHuV_7GTPKKRiJ
x-amz-cf-pop: JFK52-P3
age: 303668
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26202
x-amz-meta-git_commit: 904ac2d
last-modified: Tue, 20 Feb 2024 14:47:48 GMT
server: AmazonS3
etag: "7a41b7e2b9e4a0f06ee27698e5b7b752"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: uQmUjZQFMC0CZ56SVpdiSz5koY_KuWHFcX2zQiJFj3lWGUYiZHOMkQ==

GET
H2 200 bl-efd1047-95b4fdc8.js Show response
tagan.adlightning.com/leeenterprises/ 136 KB
56 KB 71ms
71ms Script
application/javascript 18.238.49.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/bl-efd1047-95b4fdc8.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-115.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5d186c4e6175d67113dc2e279617769875fb6cf3ac0ec723f5e415c6776b392

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:51:49 GMT
content-encoding: gzip
via: 1.1 2260f0d6b734b81aaef20a0b1c178318.cloudfront.net (CloudFront)
x-amz-version-id: G8_ykcuz8ac5qp9Fg96FehQ11Xwrs4dq
x-amz-cf-pop: JFK52-P3
age: 85432
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 57152
x-amz-meta-git_commit: efd1047
last-modified: Fri, 12 Jul 2024 12:32:07 GMT
server: AmazonS3
etag: "51a7b0dc57d0e63d9db44351091b3779"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Y-JUDYkMdFn4p6TnzdgzW4v9xiPaJeQCSf40kRHDIa3iY7std03sLg==

GET
H2 200 /
cmp.osano.com/ Frame DF0F 0
0 121ms
40ms Document
text/html 108.138.85.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.85.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-85-55.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heraldcourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 14291
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Sat, 13 Jul 2024 08:37:30 GMT
etag: W/"48a0e738f84f45eb10ccd17ff6e09429"
last-modified: Tue, 06 Feb 2024 18:00:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 4685cae701bd588fa0176a1c8b1e52f4.cloudfront.net (CloudFront)
x-amz-cf-id: z_7fI0tDaMs9FoFsfz0vhRb38FX7cKk-Jf7dkww3gnvpMJh__8XbXw==
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: POJv8cLnvurN8PIkBGZX7_kfH6.eePMP
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 osano-ui.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 99 KB
24 KB 48ms
45ms Script
application/javascript 108.138.85.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano-ui.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.85.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-85-31.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4dc6cd117dd4b9bbe01efb494c3608a4e7f13d8d2b2dc17ffc842e130ddec082

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:48:12 GMT
x-amz-version-id: BQt1zEEpbMt1nxK6U9O8NPzt.uZ7PMsl
content-encoding: br
x-content-type-options: nosniff
via: 1.1 0cba74644cedf83bb6fb7dc90d8b0980.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P2
age: 53249
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Jul 2024 21:47:38 GMT
server: AmazonS3
etag: W/"93f72921fad68a062c4b24fe2617d617"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=86400, no-transform, public
x-amz-cf-id: vwPPguYr2KHzBZChgE_9Vx0l60TvNEhqiXlI6to13T3SzMXUx-YB3g==

GET
H3 200 en-ca.json Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 28 KB
9 KB 44ms
43ms XHR
application/json 108.138.85.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/en-ca.json

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.85.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-85-31.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e8ad0451663eeb881d08bdaa3b843b013db8bc6e769eee80d5dcdaa9ddefd943

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Fri, 12 Jul 2024 21:53:37 GMT
x-content-type-options: nosniff
x-amz-version-id: keRkN.Wd7lx50nk8xZKVA7R1Ckk7d.7m
content-encoding: br
via: 1.1 70b043d52df382dd62760368de89949e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
age: 52924
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Jul 2024 21:47:38 GMT
server: AmazonS3
etag: W/"6e62ac6749de5e7b13331378d1d3a1e1"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, no-transform, public
vary: Accept-Encoding
x-amz-cf-id: yT0XpzF2Hj6AVmoG9Q02LC8SXLuIImZqIS2kde-aYhI6aWKB3EOhDg==

OPTIONS
H3 200 en-ca.json
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ Frame 0
0 271ms
51ms Preflight 108.138.85.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/en-ca.json

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.85.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-85-31.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://heraldcourier.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 13 Jul 2024 12:35:41 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 70b043d52df382dd62760368de89949e.cloudfront.net (CloudFront)
x-amz-cf-id: 8i2jhynXxLT2lz_jpiM11_PesdjIZVxHZvSLa3jwKQeQjUKtcC8Hig==
x-amz-cf-pop: IAD12-P2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
BLOB 200
OK 122e81fa-0366-4933-8b65-66b88bfe3e14
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/122e81fa-0366-4933-8b65-66b88bfe3e14
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 5d0b85013e5f4.image.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/9/75/97577d1c-d665-11ee-a3b4-371a45b20682/ 3 KB
3 KB 52ms
50ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/9/75/97577d1c-d665-11ee-a3b4-371a45b20682/5d0b85013e5f4.image.png?crop=475%2C267%2C0%2C103&resize=300%2C169&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b2a7ea474bb545e729268b4086e221ac3d92bef399d0dcf5c57ae843378e314

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:40 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=6026
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="5d0b85013e5f4.webp"
content-length: 3082
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Feb 2024 18:17:11 GMT
server: cloudflare
x-vcache: MISS
etag: "7a751edc1c9c2349aab7a4db30f2978b"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a295072db85ac39-YYZ
expires: Sat, 12 Jul 2025 13:12:33 GMT

GET
H2 200 63ed58aeb184b.image.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/8/f3/8f33b766-ad7d-11ed-bc46-bf2aa1866aff/ 18 KB
19 KB 54ms
52ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/8/f3/8f33b766-ad7d-11ed-bc46-bf2aa1866aff/63ed58aeb184b.image.jpg?crop=1369%2C770%2C0%2C118&resize=400%2C225&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc2e040a8d3f83cfa2c8f0aa3a256c7340cc166322a1f3c3819426aba6acc84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:40 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origSize=19591, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 18743
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Feb 2023 22:11:58 GMT
server: cloudflare
x-vcache: MISS
etag: "9ee21b51f55103b667b93f408e18e015"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a295072eb86ac39-YYZ
expires: Sat, 12 Jul 2025 10:05:47 GMT

GET
H2 200 66919ddccadb0.preview.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/2/30/230f4870-4002-11ef-bd1e-9346d51e0913/ 20 KB
20 KB 52ms
51ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/2/30/230f4870-4002-11ef-bd1e-9346d51e0913/66919ddccadb0.preview.jpg?crop=1024%2C576%2C0%2C96&resize=400%2C225&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f86f7ceae6779ac38e1a7afa8a63ab2a2c34a41ce21389afd17d9cbbf167269

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:40 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origSize=21419, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 20253
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Jul 2024 21:19:24 GMT
server: cloudflare
x-vcache: MISS
etag: "d8a7f29ddceb41a61b1a8d9edd7e9f11"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a295072eb87ac39-YYZ
expires: Sat, 12 Jul 2025 23:34:39 GMT

GET
H2 200 6691a11bc631f.preview.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/d/d7/dd7947ae-c47f-5186-a705-849168536a03/ 8 KB
8 KB 50ms
50ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/d/d7/dd7947ae-c47f-5186-a705-849168536a03/6691a11bc631f.preview.jpg?crop=1197%2C673%2C3%2C101&resize=400%2C225&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d88ab89238763b0544c7baaf6c3972b810f290ed7d861884ebf08b4a6076df46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:40 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=10310
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="6691a11bc631f.webp"
content-length: 7900
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Jul 2024 21:33:18 GMT
server: cloudflare
x-vcache: MISS
etag: "29bd182014e75e05c734439757f6cbe7"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a295072eb88ac39-YYZ
expires: Sat, 12 Jul 2025 21:43:57 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407090101/ 467 KB
146 KB 49ms
48ms Script
text/javascript 209.85.144.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407090101/pubads_impl.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f157.1e100.net

Software

cafe /

Resource Hash

e26560ac1cafd1b40a57a9752030456e204533d0a9de82d86988baa5c7392b07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 15:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77656
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149005
x-xss-protection: 0
server: cafe
etag: 9149364935077818280
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 12 Jul 2025 15:01:24 GMT

GET
H2 200 /
cmp.osano.com/ Frame 7EB7 0
0 2ms
1ms Document
text/html 108.138.85.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.85.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-85-55.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heraldcourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 14291
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Sat, 13 Jul 2024 08:37:30 GMT
etag: W/"48a0e738f84f45eb10ccd17ff6e09429"
last-modified: Tue, 06 Feb 2024 18:00:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 4685cae701bd588fa0176a1c8b1e52f4.cloudfront.net (CloudFront)
x-amz-cf-id: z_7fI0tDaMs9FoFsfz0vhRb38FX7cKk-Jf7dkww3gnvpMJh__8XbXw==
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: POJv8cLnvurN8PIkBGZX7_kfH6.eePMP
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 310 KB
0 0ms
0ms Script
application/javascript 18.160.51.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.51.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-51-31.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e03f31f070cdf96deb44c8a8760578f65f041cdfc2f69a1b449da43ee298c326

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:49:19 GMT
content-encoding: gzip
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront), 1.1 fbc610cefe909c4febc0d681ddbb9a44.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 23:08:14 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, IAD55-P2
age: 2781
x-amz-server-side-encryption: AES256
etag: W/"ba6b386e5d42265c831a1ba06f75f187"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: _edkrMpBIx4Mw6KwXjrK3TQ5F1dPZSEQagWlBzLNkezLi0YkAvWExw==

POST
H2 204 record Show response
consent.api.osano.com/ 0
438 B 121ms
119ms XHR
text/plain 99.86.229.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.api.osano.com/record
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.229.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-229-88.iad79.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 Jul 2024 12:35:41 GMT
via: 1.1 c93cdf0926e57254c4cc150bcbedb97c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C3
x-amzn-trace-id: Root=1-6692749c-1278512a64a17ba132114f49
x-amzn-requestid: 746256af-6477-4e6f-8d8b-46b64523fe8b
x-cache: Miss from cloudfront
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With
x-amz-apigw-id: a2cokEoYoAMERBA=
x-amz-cf-id: HwccqTQVtmIWWtkGYgZP1CIoELnyZ2mmUuhk4qW0O2WaemoRFLgTQQ==

OPTIONS
H2 200 record
consent.api.osano.com/ Frame 0
0 148ms
44ms Preflight
application/json 99.86.229.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.api.osano.com/record
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.229.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-229-88.iad79.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heraldcourier.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sat, 13 Jul 2024 12:35:40 GMT
via: 1.1 c93cdf0926e57254c4cc150bcbedb97c.cloudfront.net (CloudFront)
x-amz-apigw-id: a2cojEproAMEllg=
x-amz-cf-id: RawBt03l-JAkMxQW2JSQPXoX-0HZBO3qfIZ5ypdfiq-V4N4wWgpmnw==
x-amz-cf-pop: IAD79-C3
x-amzn-requestid: 4d3b7cca-1b52-45a0-a4ab-ffba4ccbb5ea
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

iframe
d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/ Frame 160A
Redirect Chain

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

0
0

418ms
41ms

Document
text/html

18.165.81.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.81.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-81-140.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://heraldcourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Age: 83982
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Fri, 12 Jul 2024 13:16:00 GMT
ETag: "50351b1f6590b5c4886c111874e016a0"
Last-Modified: Fri, 01 Oct 2021 23:50:10 GMT
Server: AmazonS3
Via: 1.1 3ea826f29560ca95cae18534029cc5a6.cloudfront.net (CloudFront)
X-Amz-Cf-Id: zu-pnbdkyDrMsco_GGiQ-YYJpcq5tkVqWospKQ1JJvzFD-PJpFhRnw==
X-Amz-Cf-Pop: IAD55-P3
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 0
date: Sat, 13 Jul 2024 12:35:40 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

GET
H2 200 5b5dc540-ca6c-013a-51e3-0cc47a8ffaac Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 142ms
47ms Script
application/javascript 34.86.110.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/5b5dc540-ca6c-013a-51e3-0cc47a8ffaac
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.86.110.8 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.110.86.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 57f295553fdda2a7f1ee0e5dab92d82f2bace1df0a781117dee1cb06eacbf891

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:40 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F-HF6eVtcqQ2CaeXuKEE
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bundle.js Show response
36c6879a-4526-4abb-8e9f-4ebc04002619.redfastlabs.com/assets/ 234 KB
76 KB 415ms
47ms Script
application/javascript 13.32.151.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://36c6879a-4526-4abb-8e9f-4ebc04002619.redfastlabs.com/assets/bundle.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.151.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-151-80.iad66.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55fba8edf4d8a364ee5cef9a2f02a95990853247830e392216684632b131e721

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 850_A5Ef9zrN3t8ayjOHf7.GvAisvCpn
content-encoding: gzip
via: 1.1 7bab52277d6272f1dda6e20e26aba08e.cloudfront.net (CloudFront)
date: Sat, 13 Jul 2024 12:34:57 GMT
last-modified: Fri, 12 Jul 2024 20:14:19 GMT
server: AmazonS3
x-amz-cf-pop: IAD66-C2
age: 45
x-amz-server-side-encryption: AES256
etag: W/"3da5f46a5e49387b724f36a6847cb91f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=600
x-amz-cf-id: SjEq3ybfjXmrSt-GJLpvhfE7OYaXRD1yYRTLJ2rEjGREfSzx5okd8A==

GET
H2 200 9044ad82-110c-4c5a-ae3e-7f494f648854 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 144ms
88ms Script
application/javascript 34.86.110.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/9044ad82-110c-4c5a-ae3e-7f494f648854
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.86.110.8 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.110.86.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 843804ef63035459aec71aea910682e219c447aa021dd9a1de7f74b811567520

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:41 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F-HF6efHY-q7vewWHwWC
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK 3eb2ad5c-fc11-4406-8c49-6bc08cae7eeb
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/3eb2ad5c-fc11-4406-8c49-6bc08cae7eeb
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 17f55273-7f93-46ff-9d7f-24f5e150fb08
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/17f55273-7f93-46ff-9d7f-24f5e150fb08
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 62d7aa6f-632c-4b8b-a71d-c14422b11b5c
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/62d7aa6f-632c-4b8b-a71d-c14422b11b5c
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 669245e8dc033.preview.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/2/b7/2b701419-7a53-585f-b4f5-545356ff0368/ 43 KB
43 KB 51ms
50ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/2/b7/2b701419-7a53-585f-b4f5-545356ff0368/669245e8dc033.preview.png?crop=620%2C349%2C0%2C0&resize=400%2C225&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e261ff61b0624a4783206506ab40da86438cb9f8ed09877a4420ddbe590e18f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:40 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=76405
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="669245e8dc033.webp"
cf-bgj: imgq:85,h2pri
last-modified: Sat, 13 Jul 2024 09:16:25 GMT
server: cloudflare
x-vcache: MISS
etag: "2a9ae60f9fcd408d914f478c6c1167d1"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8a295074ed19ac39-YYZ
expires: Sun, 13 Jul 2025 09:21:56 GMT

GET
H2 200 6691a11b048f9.image.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/5/b7/5b777cc5-65aa-5f3b-b1b0-1b48881ce102/ 28 KB
29 KB 53ms
53ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/5/b7/5b777cc5-65aa-5f3b-b1b0-1b48881ce102/6691a11b048f9.image.jpg?resize=400%2C225

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c5dd26bf69598cf33c8355942dad58da3038d499725e46db6ca61a425676f03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:40 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origSize=30975, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Jul 2024 21:33:16 GMT
server: cloudflare
x-vcache: MISS
etag: "c655be3c562f2d3418d3eb19b1f036eb"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8a295074ed1bac39-YYZ
expires: Sat, 12 Jul 2025 21:43:57 GMT

GET
H2 200 6690bc0a8eb89.preview.jpg
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/4/e1/4e1bcf1f-cd6e-5f0a-90a5-b38158a21100/ 21 KB
21 KB 48ms
48ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/assets/v3/editorial/4/e1/4e1bcf1f-cd6e-5f0a-90a5-b38158a21100/6690bc0a8eb89.preview.jpg?crop=1764%2C992%2C0%2C90&resize=400%2C225&order=crop%2Cresize

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c78e90d7fbf3de45ee943559d21b59198773675a0a1bfaaefac4baf833ef05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:40 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origSize=22654, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 21432
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Jul 2024 05:15:55 GMT
server: cloudflare
x-vcache: MISS
etag: "dfbe7e7ec3cb43f582cf52cd24781417"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8a295074ed1cac39-YYZ
expires: Sat, 12 Jul 2025 15:31:32 GMT

GET aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 0
0

POST auction
elb.the-ozone-project.com/openrtb2/ 0
0

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame E385 0
0 142ms
48ms Document
text/html 209.85.144.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f157.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2499
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28620
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 11:54:02 GMT
expires: Sat, 13 Jul 2024 12:44:02 GMT
last-modified: Mon, 08 Jul 2024 19:45:39 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 134ms
50ms Script
text/javascript 74.119.117.4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 11 Jul 2024 14:14:53 GMT
server: nginx
etag: W/"668fe8dd-a6cc"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 Jul 2024 12:35:41 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
7 KB 340ms
34ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de12b9657e65335caf68ac463c3525f83bb3f6fb55d44204adc23085363f60d4

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jul 2024 21:09:41 GMT
server: cloudflare
age: 399717
etag: W/"668c5595-4429"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8a295077ce795467-YYZ
expires: Tue, 16 Jul 2024 12:35:41 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 1112ms
26ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 12:31:57 GMT
content-encoding: gzip
age: 345825
x-guploader-uploadid: ACJd0NpxAi1RKxd7DTUq2ae6XGYvmdZR-J7ZOdAweofx2-5IBMgY2eUy8QLXg08oGj4IHs9wabs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 09 Jul 2025 12:31:57 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 41 KB
12 KB 173ms
39ms Script
text/javascript 108.138.128.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae897e4b61f8f34bd4e9b4f01f8a23ff37e87316542a72b6e1096ae48e653596

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 18:45:07 GMT
content-encoding: gzip
via: 1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jul 2024 18:17:57 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 64235
x-amz-server-side-encryption: AES256
etag: W/"aec3aba6ab802c8f463ab64a2ec8a62a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 3bWSEHsYT9Bh4GtgsPD1LPB2o8Tu0gY8p8Dn2CeEk1thB_JCBr0FwA==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
16 KB 146ms
145ms Fetch
text/plain 209.85.144.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1114093269874396&correlator=2653932773219530&eid=31083340%2C31083342%2C31085217%2C95335606%2C31084215%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407090101&ptt=17&impl=fif&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&us_privacy=1---&gpp=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_sid=5&iu_parts=8438%2Cheraldcourier.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x1%7C8x1&ifi=1&didk=2287489771&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1720874141094&lmt=1720873172&adxs=799&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fheraldcourier.com%2F&vis=1&psz=1600x1&msz=1600x1&fws=4&ohw=1600&ga_vid=1138218325.1720874141&ga_sid=1720874141&ga_hid=1897129997&ga_fc=false&topics=9&tps=9&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJGQxODY1ZmY1LWM0ZjEtNDMxNC05ODkzLWEzN2Y5M2Y5NDg3NlgBEhwKDWNyd2RjbnRybC5uZXQYmove4IoySABSAghkEhsKDDMzYWNyb3NzLmNvbRiai97gijJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ymove4IoySABSAghkEhQKBW9wZW54GJqL3uCKMkgAUgIIZA..&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1720874138855&idt=2099&prev_scp=pos%3Dfixed-impact-top%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D4%26lee_hours%3D12%26lee_day%3D6&cust_params=k%3Dbreaking%2520news%252Cweather%252Ccrime%252Cpolitics%252Centertainment%252Clifestyles%252Csports%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&adks=3432733977&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f157.1e100.net

Software

cafe /

Resource Hash

700c8235489a75e48acf3e5f6d1ff5d6af1928db0722fcf96bdee5fa986e5fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16724
x-xss-protection: 0
google-lineitem-id: 6742913270
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138480806663
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://heraldcourier.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 138ms
137ms Fetch
text/plain 209.85.144.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1114093269874396&correlator=1834740113484195&eid=31083340%2C31083342%2C31085217%2C95335606%2C31084215%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407090101&ptt=17&impl=fif&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&us_privacy=1---&gpp=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_sid=5&iu_parts=8438%2Cheraldcourier.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&didk=3978860786&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1720874141105&lmt=1720873172&adxs=800&adys=1&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fheraldcourier.com%2F&vis=1&psz=1600x1&msz=1600x1&fws=4&ohw=1600&ga_vid=1138218325.1720874141&ga_sid=1720874141&ga_hid=1897129997&ga_fc=false&topics=9&tps=9&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJGQxODY1ZmY1LWM0ZjEtNDMxNC05ODkzLWEzN2Y5M2Y5NDg3NlgBEhwKDWNyd2RjbnRybC5uZXQYmove4IoySABSAghkEhsKDDMzYWNyb3NzLmNvbRiai97gijJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ymove4IoySABSAghkEhQKBW9wZW54GJqL3uCKMkgAUgIIZA..&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1720874138855&idt=2099&prev_scp=pos%3Dfixed-impact-bottom%2Cbtf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D7%26lee_hours%3D12%26lee_day%3D6&cust_params=k%3Dbreaking%2520news%252Cweather%252Ccrime%252Cpolitics%252Centertainment%252Clifestyles%252Csports%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&adks=626189969&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f157.1e100.net

Software

cafe /

Resource Hash

586ec898a4756d57bd071ccfc1232a6f478fcdb125dc47068c1295b07674ef8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12293
x-xss-protection: 0
google-lineitem-id: 6456749718
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138460066988
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://heraldcourier.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 149ms
148ms Fetch
text/plain 209.85.144.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1114093269874396&correlator=1366045286596123&eid=31083340%2C31083342%2C31085217%2C95335606%2C31084215%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407090101&ptt=17&impl=fif&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&us_privacy=1---&gpp=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_sid=5&iu_parts=8438%2Cheraldcourier.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=3x1&ifi=3&didk=4148407427&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1720874141108&lmt=1720873172&adxs=1155&adys=1054&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fheraldcourier.com%2F&vis=1&psz=325x1&msz=325x1&fws=4&ohw=1600&ga_vid=1138218325.1720874141&ga_sid=1720874141&ga_hid=1897129997&ga_fc=false&topics=9&tps=9&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJGQxODY1ZmY1LWM0ZjEtNDMxNC05ODkzLWEzN2Y5M2Y5NDg3NlgBEhwKDWNyd2RjbnRybC5uZXQYmove4IoySABSAghkEhsKDDMzYWNyb3NzLmNvbRiai97gijJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ymove4IoySABSAghkEhQKBW9wZW54GJqL3uCKMkgAUgIIZA..&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1720874138855&idt=2099&prev_scp=pos%3Dnative_ad_grid_v3%2Catf%2C50%26density%3Dstandard%26lee_group%3D8%26lee_hours%3D12%26lee_day%3D6&cust_params=k%3Dbreaking%2520news%252Cweather%252Ccrime%252Cpolitics%252Centertainment%252Clifestyles%252Csports%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&adks=3133586711&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f157.1e100.net

Software

cafe /

Resource Hash

1f9f908f59f200c501112c39f0d97c7054013a9f0fa65cb4819cad9a0c2996b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12968
x-xss-protection: 0
google-lineitem-id: 6059470473
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138397768800
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://heraldcourier.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 775 B
349 B 132ms
131ms Fetch
text/plain 209.85.144.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1114093269874396&correlator=4252737981285100&eid=31083340%2C31083342%2C31085217%2C95335606%2C31084215%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407090101&ptt=17&impl=fif&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&us_privacy=1---&gpp=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_sid=5&iu_parts=8438%2Cheraldcourier.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=7x1&ifi=4&didk=2078956885&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1720874141111&lmt=1720873172&adxs=120&adys=1740&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fheraldcourier.com%2F&vis=1&psz=1360x1&msz=1360x1&fws=4&ohw=1600&ga_vid=1138218325.1720874141&ga_sid=1720874141&ga_hid=1897129997&ga_fc=false&topics=9&tps=9&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJGQxODY1ZmY1LWM0ZjEtNDMxNC05ODkzLWEzN2Y5M2Y5NDg3NlgBEhwKDWNyd2RjbnRybC5uZXQYmove4IoySABSAghkEhsKDDMzYWNyb3NzLmNvbRiai97gijJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ymove4IoySABSAghkEhQKBW9wZW54GJqL3uCKMkgAUgIIZA..&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1720874138855&idt=2099&prev_scp=pos%3Dsponsor-banner-impact%2Cbtf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D5%26lee_hours%3D12%26lee_day%3D6&cust_params=k%3Dbreaking%2520news%252Cweather%252Ccrime%252Cpolitics%252Centertainment%252Clifestyles%252Csports%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&adks=1077773998&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f157.1e100.net

Software

cafe /

Resource Hash

77bc87880056d395d610a69b8305f7f98288802b0fd1bf7fd31bedfba8f153ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 319
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://heraldcourier.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 775 B
355 B 134ms
133ms Fetch
text/plain 209.85.144.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1114093269874396&correlator=4145201079636345&eid=31083340%2C31083342%2C31085217%2C95335606%2C31084215%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407090101&ptt=17&impl=fif&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&us_privacy=1---&gpp=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_sid=5&iu_parts=8438%2Cheraldcourier.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=5x1&ifi=5&didk=2851316612&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1720874141114&lmt=1720873172&adxs=798&adys=6445&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fheraldcourier.com%2F&vis=1&psz=1600x1&msz=1600x1&fws=4&ohw=1600&ga_vid=1138218325.1720874141&ga_sid=1720874141&ga_hid=1897129997&ga_fc=false&topics=9&tps=9&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJGQxODY1ZmY1LWM0ZjEtNDMxNC05ODkzLWEzN2Y5M2Y5NDg3NlgBEhwKDWNyd2RjbnRybC5uZXQYmove4IoySABSAghkEhsKDDMzYWNyb3NzLmNvbRiai97gijJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ymove4IoySABSAghkEhQKBW9wZW54GJqL3uCKMkgAUgIIZA..&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1720874138855&idt=2099&prev_scp=pos%3Dmembers-impact%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D3%26lee_hours%3D12%26lee_day%3D6&cust_params=k%3Dbreaking%2520news%252Cweather%252Ccrime%252Cpolitics%252Centertainment%252Clifestyles%252Csports%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&adks=2681755583&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f157.1e100.net

Software

cafe /

Resource Hash

a13d9be17a2bfaa9d8e59c267a68d52c152ff9c17e141817732fa27ba43cb450

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 325
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://heraldcourier.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5e2aea41339c5faf8c52147b7ac78ac3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B30F 0
0 1695ms
50ms Document
text/html 209.85.201.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5e2aea41339c5faf8c52147b7ac78ac3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.201.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 12:35:42 GMT
expires: Sat, 13 Jul 2024 12:35:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 07b128f2-2623-49dc-bbca-697db1e48f83
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/07b128f2-2623-49dc-bbca-697db1e48f83
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK a5e957e1-ee8d-41e5-8022-6019ce2916cc
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/a5e957e1-ee8d-41e5-8022-6019ce2916cc
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 400ms
48ms Script
text/javascript 172.217.197.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.197.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Jul 2024 10:58:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5819
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 13 Jul 2024 12:58:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 283 KB
81 KB 53ms
51ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

3dc40c1884d5c7ff9d40c64f5c2a67fea3e10a03b45f64def8a58499af2eb838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82545
x-xss-protection: 0
last-modified: Sat, 13 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jul 2024 12:35:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 204 KB
72 KB 58ms
57ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

78520ce342da52a78713cdd653eee0638c424ffd9d8e8d5c45916401c1005bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73280
x-xss-protection: 0
last-modified: Sat, 13 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jul 2024 12:35:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 303 KB
101 KB 67ms
67ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S5LKEZJN96&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ca074d59bfdeafce2bdd51b10da9151c68abe71c2caed53d3a250b9086e7015b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102797
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Jul 2024 12:35:41 GMT

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma1527/lee/6/
Redirect Chain

https://js.matheranalytics.com/s/ma1527/725149306/lee/ml.js?cb=1660
https://js.matheranalytics.com/static/ltm/ma1527/lee/6/ml.br.js

152 KB
44 KB

25ms
24ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma1527/lee/6/ml.br.js
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: H2
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: feddb72b8b28f210f295fb9f9a5e9e29cebb27598c857d7720d08965e1d4e6c0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:26:35 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 28 Jun 2024 19:07:39 GMT
server: nginx
age: 68947
etag: "c29cedddeb678621efee74ffa5a84341"
vary: Accept-Encoding
x-cache: HIT Fri, 28 Jun 2024 19:19:28 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44746

Redirect headers

date: Sat, 13 Jul 2024 12:35:42 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma1527/lee/6/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-served-by: 4-gc-northeast1c-54231035

GET
H2 200 b-904ac2d-fa24dc02.js Show response
tagan.adlightning.com/leeenterprises/ Frame 8DCA 71 KB
0 42ms
42ms Script
application/javascript 18.238.49.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-115.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e2538ddd14fe3225b3349e4c508da448b0ac8df11ebead50b55662b2f3df076

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 00:14:33 GMT
content-encoding: gzip
via: 1.1 2260f0d6b734b81aaef20a0b1c178318.cloudfront.net (CloudFront)
x-amz-version-id: JpQLJZlJiYH0ImTqvWyHuV_7GTPKKRiJ
x-amz-cf-pop: JFK52-P3
age: 303668
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26202
x-amz-meta-git_commit: 904ac2d
last-modified: Tue, 20 Feb 2024 14:47:48 GMT
server: AmazonS3
etag: "7a41b7e2b9e4a0f06ee27698e5b7b752"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: uQmUjZQFMC0CZ56SVpdiSz5koY_KuWHFcX2zQiJFj3lWGUYiZHOMkQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8DCA 0
0 419ms
418ms Fetch
image/gif 209.85.144.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaLdYuKfXpGfUX2KLH04gdKdXL02pk3aK0I8q-TiOL5ercilycXbvf4_LDBpV60hllVj2-QyqHXP_UN_eJncKi8_0Jf6J7Y0aEbqAk7WRac62fJVgVd8amAW9KMSe3DFkS1HajVPgiPYhTeslJeR1DSQdOmX_V-SlduSdz-euHbkArznG_K2SYGDdswrKnUnIoItbRkcLIzIyME3_B_I11JjOAlbjdW4F0dGQfD5hGcpqMf5vrcZoL3wnK0ENLvYXhqIUpLKKlju3FkUCS6zeznVmDQkUL45C8zAV0GMTEdYwBzkq4jJHYsY2-jA66XaNnA41d-MOXKVONy8flSOD5lNpWzEZo_6phxNVYVH1HBzrj&sai=AMfl-YRMFA3EqhSitZEWT1_VhoJYxJekt0ebIuVnP-GW0V2-k4kOl3Y3bZuTRPC383m99WRXrAsPx0Mqv734nIqRK0AY9aHxCT8mRyMDhR_hIxEXICXY9pDY8h0EDq7Vv51agg5eq9nglXO-nCYJT_G0D1M&sig=Cg0ArKJSzNO0dFpywPgjEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 13 Jul 2024 12:35:41 GMT

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 4 KB
3 KB 101ms
40ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83a1764bd6972445902cd9bb3378a8afb9300f90ee424a9c7a58ae6bb49876a

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:41 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Jul 2024 10:23:57 GMT
server: cloudflare
age: 7882
etag: W/"10f0-61cf6291f4d0d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8a2950792c085491-YYZ
expires: Sat, 13 Jul 2024 11:24:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8DCA 204 KB
63 KB 127ms
43ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64533
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 13:15:15 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 50ms
49ms Fetch
text/plain 172.217.197.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S5LKEZJN96&gtm=45je4790v893785645za200zb6749731&_p=1720874140074&gcs=G111&gcd=13r3v3r3r5&npa=0&dma=0&tcfd=10004&tag_exp=0&cid=1138218325.1720874141&ecid=1707540201&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&_s=1&sid=1720874141&sct=1&seg=0&dl=https%3A%2F%2Fheraldcourier.com%2F&dt=Bristol%20Herald%20Courier%20%7C%20Breaking%20News%20%7C%20Read%20Bristol%2C%20VA%20and%20Virginia%20breaking%20news.%20Get%20latest%20news%2C%20events%20and%20information%20on%20Virginia%20sports%2C%20weather%2C%20entertainment%20and%20lifestyles&en=ad_impression&ep.domain=heraldcourier.com&ep.asset_flag_array=false&ep.asset_tag_array=false&ep.page_type=homepage&ep.platform=desktop&ep.application=editorial&ep.byline=Undefined&ep.syndication_domain=null&ep.blox_sections=&ep.url_fragment=&ep.author=Undefined&ep.eedition_view_type=Page%20View&ep.asset_app=editorial&ep.asset_has_paywall=notset&ep.asset_has_video=no&ep.query_id=COrmjt-DpIcDFUL1lAkdVccPAw&up.user_status=anonymous&up.user_subscription=No&up.user_ppid=&up.user_uuid=false&up.user_subscription_date=false&tfd=3437&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5LKEZJN96&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.197.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qa-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heraldcourier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 51ms
51ms Fetch
text/plain 172.217.197.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S5LKEZJN96&gtm=45je4790v893785645z86749731za200zb6749731&_p=1720874140074&gcs=G111&gcd=13r3v3r3r5&npa=0&dma=0&tcfd=10004&tag_exp=0&cid=1138218325.1720874141&ecid=1707540201&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=2&sid=1720874141&sct=1&seg=0&dl=https%3A%2F%2Fheraldcourier.com%2F&dt=Bristol%20Herald%20Courier%20%7C%20Breaking%20News%20%7C%20Read%20Bristol%2C%20VA%20and%20Virginia%20breaking%20news.%20Get%20latest%20news%2C%20events%20and%20information%20on%20Virginia%20sports%2C%20weather%2C%20entertainment%20and%20lifestyles&en=page_view&_fv=1&_ss=2&ep.domain=heraldcourier.com&ep.asset_flag_array=false&ep.asset_tag_array=false&ep.page_type=homepage&ep.platform=desktop&ep.application=editorial&ep.byline=Undefined&ep.syndication_domain=null&ep.blox_sections=&ep.url_fragment=&ep.author=Undefined&ep.eedition_view_type=Page%20View&ep.asset_app=editorial&ep.asset_has_paywall=notset&ep.asset_has_video=no&tfd=3438&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5LKEZJN96&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.197.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qa-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heraldcourier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b-904ac2d-fa24dc02.js Show response
tagan.adlightning.com/leeenterprises/ Frame C3D0 71 KB
0 42ms
42ms Script
application/javascript 18.238.49.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-115.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e2538ddd14fe3225b3349e4c508da448b0ac8df11ebead50b55662b2f3df076

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 00:14:33 GMT
content-encoding: gzip
via: 1.1 2260f0d6b734b81aaef20a0b1c178318.cloudfront.net (CloudFront)
x-amz-version-id: JpQLJZlJiYH0ImTqvWyHuV_7GTPKKRiJ
x-amz-cf-pop: JFK52-P3
age: 303668
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26202
x-amz-meta-git_commit: 904ac2d
last-modified: Tue, 20 Feb 2024 14:47:48 GMT
server: AmazonS3
etag: "7a41b7e2b9e4a0f06ee27698e5b7b752"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: uQmUjZQFMC0CZ56SVpdiSz5koY_KuWHFcX2zQiJFj3lWGUYiZHOMkQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C3D0 0
0 264ms
263ms Fetch
image/gif 209.85.144.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUkbuCP-zZpCnlCY7qHFbNBIhPuoJ5MaCPKSYjxRb8DOKPaDzf4uFvMCQgu4WvXtqhrHl_PI04L4bUWNFfDDE2cgWKEyqgyAT01BTSkCFVJanQmFvx-OZxprHas0Q6qbHytOS1UEGMoMbIY1UlWsFa0VPKUPQ8O-G5KNFh1Glx_2VSZXCgoYph5tN_CbaV5gK2Lr1NSJZcm0BNk79WiMa5h5kTD2Y-4aZMNjngHNI0oKBQ4KMl52ZzQ66y10oYmKfmJBH-PYsX2AbNMgmI_W7Pxpj5UoGpDcfWhvx0BuGkmUpo4pMPfekSLf_ITMUTW2izwD-amnCju3meZdHfe9HCMufuQXIlbZUVWLGFF4On5zkcnUdOWQ&sai=AMfl-YRnASP-sB01pmcDshGFY8wuKqKzS7bs3lsaX0I1kRhIaAfQ9S0plltkxr19V574ctc1jGkdH2ENY2r556X_f0m_ukoNGNWGVenZOJpGr1fOX6gvf7H7kue9HID6NknhGZV64ScDeXEKq6ScHw5faEGF&sig=Cg0ArKJSzPE34BWwvoL0EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 13 Jul 2024 12:35:41 GMT

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 52 KB
4 KB 64ms
33ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 188420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3279
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-ce35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kubDzSK9YlVnGfypL9Nyebcrt%2BLbVGEVcq6QOxWle%2Bit%2BpASkEv%2FRada8m8yVHbqpmIm%2FTHPvfEV2FOUoE5q7Wa4EP1eckjHIng0iV3eDQjjxqECM%2ByslwMxbZ%2FnmXh1kxVRNa%2BJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a295079fecdab16-YYZ
expires: Thu, 03 Jul 2025 12:35:41 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C3D0 204 KB
0 1ms
1ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64533
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 13:15:15 GMT

GET
H2

200

1468822993788261277
tpc.googlesyndication.com/simgad/
Redirect Chain

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODrlLrJJxABGAEyCLk7K10w3IA-
https://tpc.googlesyndication.com/simgad/1468822993788261277

138 KB
139 KB

46ms
45ms

Image
image/gif

142.251.179.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1468822993788261277

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Server

142.251.179.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f132.1e100.net

Software

sffe /

Resource Hash

bc8fcab474e0504e70a9f79bad0408bc15bb2404523001b492020d92d882a2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Fri, 11 Jul 2025 10:51:13 GMT
date: Thu, 11 Jul 2024 10:51:13 GMT
x-content-type-options: nosniff
age: 179068
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141445
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 13:02:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

Redirect headers

date: Sat, 13 Jul 2024 11:46:41 GMT
x-content-type-options: nosniff
server: cafe
age: 2940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/1468822993788261277
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Aug 2024 11:46:41 GMT

GET
H2 200 b-904ac2d-fa24dc02.js Show response
tagan.adlightning.com/leeenterprises/ Frame 4485 71 KB
0 42ms
42ms Script
application/javascript 18.238.49.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-115.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e2538ddd14fe3225b3349e4c508da448b0ac8df11ebead50b55662b2f3df076

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 00:14:33 GMT
content-encoding: gzip
via: 1.1 2260f0d6b734b81aaef20a0b1c178318.cloudfront.net (CloudFront)
x-amz-version-id: JpQLJZlJiYH0ImTqvWyHuV_7GTPKKRiJ
x-amz-cf-pop: JFK52-P3
age: 303668
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26202
x-amz-meta-git_commit: 904ac2d
last-modified: Tue, 20 Feb 2024 14:47:48 GMT
server: AmazonS3
etag: "7a41b7e2b9e4a0f06ee27698e5b7b752"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: uQmUjZQFMC0CZ56SVpdiSz5koY_KuWHFcX2zQiJFj3lWGUYiZHOMkQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4485 0
0 355ms
354ms Fetch
image/gif 209.85.144.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaqz0pRwe2uh71I1axf5srDyLusBIEN5gcZ7Xurd2M_DhygiQaWbXwFdeeP-NYys64aa93hRBsB0POYDKlB4qmnKwvAmAE-2TimqJJd3zHsec0lRKW3YtE7LgrQA6D_nvM4iCBf3em1dl5Rkx3TwJO2HQqN6ETajDDf1Fo5xIFsysQUpv3ynHiDZr6ZSLMc0nbBBqWTtdhl60irhcniOuEDmglxw770KTPNPhuqnC6Lk2rHIURelhZIIl3ykuzSbUyncEBnk5hpld7cgvVjTEViNwUv45P0nA176pdnqHpykODga1qxwWvzKlFYs1FtxGTScqiIaW3wFynCOsgD0Dm-OuVGPaNDBH3f5Z3R7BtB-iB&sai=AMfl-YSY0IRWJH_GioZclNZUKVj5YXM50TB7WZsorqE1il1j-owemj9_eJVJZgvZv8Qy7TO5CIUAZTO2pZPyxwims1omWR57z0oVii2B8oS9PmOci5-Vh20Nwu97_dDePoMvLtaLg2PfUYFJuQAKcpGOU3U&sig=Cg0ArKJSzIV-4UEmfWwUEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 13 Jul 2024 12:35:42 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ Frame 4485 570 KB
179 KB 279ms
49ms Script
application/x-javascript 23.9.164.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.9.164.171 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-164-171.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7a075245e7a64b4a1841097d0f9485e0969a2f1124e57518afa2ecb4712cba6e

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 12:35:42 GMT
Content-Encoding: gzip
x-amz-request-id: K23GE0G4183G9YFS
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: EoqNDlP0UksXi0wZ3Q0O1gIVFHFO5WcRtssC6uiB2auNE0C1Pm/7pSgqfM8HkOojDKkPTMpGTeY=
Last-Modified: Tue, 09 Jul 2024 23:23:56 GMT
Server: AmazonS3
ETag: "2f8fbd563a9b6f37409fdcdfab8a4da2"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4485 204 KB
0 0ms
0ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64533
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 13:15:15 GMT

GET
BLOB 200
OK 4ec9d477-f684-4c24-9552-3a7e0f4d6880
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/4ec9d477-f684-4c24-9552-3a7e0f4d6880
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK c4bb566b-8988-4d7a-a533-c471191cd2e9
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/c4bb566b-8988-4d7a-a533-c471191cd2e9
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H2 200 /
heraldcourier.com/tncms/tracking/classifieds/featured/ 0
152 B 36ms
36ms Ping
application/octet-stream 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldcourier.com/tncms/tracking/classifieds/featured/?i=ea8e2cca-eb38-5d18-8fad-d69dc525f0d8,
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:41 GMT
real-hostname: heraldcourier.com
cache-control: s-maxage=0, private, no-cache
x-vcache: MISS
age: 0
content-length: 0
content-type: application/octet-stream

POST
H2 200 /
heraldcourier.com/tncms/tracking/business/block/ 0
152 B 38ms
37ms Ping
application/octet-stream 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldcourier.com/tncms/tracking/business/block/?i=b21d5bd9-6e33-5542-a537-47173b5b55e2,b89d53d3-ac79-567d-9a18-ffe3c375f3a9,1d23fd1f-daf9-5fa5-94a0-df14e7bdc421,
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:41 GMT
real-hostname: heraldcourier.com
cache-control: s-maxage=0, private, no-cache
x-vcache: MISS
age: 0
content-length: 0
content-type: application/octet-stream

GET
H2 200 a-058n.min.js Show response
b-code.liadm.com/ 101 KB
36 KB 131ms
40ms Script
application/javascript 108.138.85.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-058n.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.85.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-85-76.iad12.r.cloudfront.net
Software: /
Resource Hash: 6de74510362de0baa1fd76663443be0c3390ae06b591d5259942f17e2045c848

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 01:06:01 GMT
content-encoding: gzip
via: 1.1 71c1b7cb74a6a3840a4f2be73ffddc84.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P2
age: 41380
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: 0yfAI0MjZKt7wdDZ__96nhWxQQ9rkCNWhiBHM9Mn9nuq1TekKLHWvg==

GET
H2 200 3266 Show response
config.aps.amazon-adsystem.com/configs/ 531 B
808 B 168ms
43ms Script
application/javascript 18.160.10.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3266
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-80.iad12.r.cloudfront.net
Software: CloudFront /
Resource Hash: 38c7823ee1bf6034b7896c1bf6d6ae608dbbc1ce3f4106fa9ae23cc0ef3e32f6

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:06:26 GMT
via: 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD12-P3
age: 1756
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 531
x-amz-cf-id: 51zFjrWRit6AmfHFVNB8Fx6VbXb8vxXbFFPC8dfXpIY73kuO0PK7TA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
3 KB 44ms
43ms XHR
application/json 18.160.51.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3266&u=https%3A%2F%2Fheraldcourier.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.51.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-51-31.iad55.r.cloudfront.net
Software: Server /
Resource Hash: 969049d73c12a09bb9a6091e27184db02517e3b3839a41f7ef20a7d75b796372

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 10:50:04 GMT
via: 1.1 fbc610cefe909c4febc0d681ddbb9a44.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: IAD55-P2
age: 6336
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://heraldcourier.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 3093
x-amz-cf-id: 0XYuAvjzBovyNPepR_QYW4SooA6CVIRcwg9XWeUfMjfltmkb_I96mA==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C3D0 0
0 516ms
418ms Fetch
image/gif 209.85.144.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3l-5CEvYhNllzXG_yFiKJ1Aotz2GrRBbvbHP40D7JSc0kdORHVBYbNGE9kynYTt5nG2JirlVAdac9W-_t6tkwprnRNaed9Io3JphJoBDrjlQzI3fTj3xd0CJ4vZ4To0DzTZJj4vRbwmzMtn5t8ppShfSYzwU3OVoZjbxu-ZSFkR03gXfnQ2lr3pMPAbK4xCBJ9ENfd8qb0IiTga7hiQpYsu5Vs_JZTgBQzhCTPJoSPU_uoqmRl8oVBkecpef6DlOcaUQvEN9MPRT9NXz0h08CLWDyww2Y_E4UTwwpCHvdtAOS2oW_rjfDBqNA3qL_RW7ccnEcZ0K080W3-GSc1LUgQKHc51H2-bE5hB47INnvoat7yg0c-MjZ&sai=AMfl-YQtuK3RLeMkohNSARQaC6vSv0lVujV4hUdR_Gu9XA9P3mU8CsKPxG7R9lyuTKGvPIbYz87gHz7p_fNPcoUxvRBko5DpKfYWDO8xjqTStLZppKrcoqRUXKMzS_Q_yg-yMm69rtjYHHIhfcT-sXvAqD44&sig=Cg0ArKJSzAVa8963xzU6EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 13 Jul 2024 12:35:42 GMT

GET
DATA 200
OK truncated
/ Frame 8DCA 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62c47049296e192324cb54b6d01589e84904f9b8cb203dee65604d094a6b4545

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8DCA 0
0 493ms
419ms Fetch
image/gif 209.85.144.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuV4wY-bmnX6Zw3E0SyL6MryYvlwAnAJjL_ec4T8egKKRRQrwS0OD2ffDEcvdxjYbYKyvSiiplm4xSHupewuHVtR8DRQoZ6HJp03Mj2-GyRHNXcNwodkgHBvJtN5Mj54xy4iDkUDENhzjBM-p528cX39eT746PIy4ZSNrmEyYVCRTCpRhoHCGs1yKB-aScP-g54V3I5jtmoENQ2WUEbCXL1vWDluwZGEMBqpist-gxo9ScsKECExv-QxsWSodrnT2z1cpvIz3vZf6aEXST-tmcAQug4yMrIBIR4EmK8vtzYUqpDH1J8eRrhd9-xWHeCng-S8G8vzkvey2vwtNoaqqsp3vsB0r9mxN-M41tTHLeaqKZibQ&sai=AMfl-YQ6oZjriKMu-FqM8X1-PC8_wNK1tWxSnzAREZS_M8CGc549VC0W-I0J1GRLIL21Fqe0lX0NaADqIOtpATl2ClP1TyWlt0ZkGWpCxAu0V-nfuX_cUwalGrvKbLdKcMMToTzYVCDdjH_6lee44E10eQM&sig=Cg0ArKJSzMZ_3_h0tQoCEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 13 Jul 2024 12:35:42 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 293 B
629 B 16060ms
512ms XHR
text/javascript 18.238.58.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3266&u=https%3A%2F%2Fheraldcourier.com%2F&pid=sUGnFsISS6vBq&cb=0&ws=1600x1200&v=24.620.1905&t=2000&slots=%5B%7B%22sd%22%3A%22breakout_top%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F8438%2Fheraldcourier.com%2Fhomepage%22%7D%5D&pj=%7B%22sections%22%3A%22%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gpp=DBACOe%7ECQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA%7EBQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA%7E1---&gpp_sid=%5B5%5D&sm=be1dbb6e-7f8b-414d-9110-b49edda106fe&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.58.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-58-231.jfk52.r.cloudfront.net
Software: Server /
Resource Hash: 0073bcbaed2733c7d61767d883b20559622bc8063219d1b70adcd6dd4dcf40fe

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:57 GMT
via: 1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK52-P4
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://heraldcourier.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 293
x-amz-cf-id: 0e3WD9s4ilwmU1gaTUa2OMtHKJy9x55ZXohOl9k7wRyVwLtEyrmH7A==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
534 B 138ms
50ms XHR
application/json 18.206.4.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.206.4.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-206-4-140.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 950057446e1d102583e43f28b964079f256fadd96fba877ef6c1e36f21a4b635

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://heraldcourier.com
cache-control: no-cache
x-server: 10.40.9.158
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 200 brig.umd.min.App.js Show response
36c6879a-4526-4abb-8e9f-4ebc04002619.redfastlabs.com/assets/ 228 KB
50 KB 46ms
46ms Script
application/javascript 13.32.151.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://36c6879a-4526-4abb-8e9f-4ebc04002619.redfastlabs.com/assets/brig.umd.min.App.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.151.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-151-80.iad66.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4eca3e5e1219540cb6a37d795dace8f26164cee214b3da3f11f2ac8897d11db1

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: B5LxpVTirjRF6aZyBBWEipvzFUyoXjUp
content-encoding: gzip
via: 1.1 7bab52277d6272f1dda6e20e26aba08e.cloudfront.net (CloudFront)
date: Sat, 13 Jul 2024 12:34:45 GMT
last-modified: Fri, 12 Jul 2024 20:14:11 GMT
server: AmazonS3
x-amz-cf-pop: IAD66-C2
age: 93
x-amz-server-side-encryption: AES256
etag: W/"d3a400a40f4975b74f78ae274139689f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=600
x-amz-cf-id: u9qg7vZsd26M5p3wY_kUsZ2aYxy2BQjUHXVlQo1CFaJz_XZ755pRAQ==

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
440 B 15789ms
264ms XHR
application/json 209.85.201.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.201.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f101.1e100.net

Software

ESF /

Resource Hash

ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Jul 2024 12:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://heraldcourier.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1936.002-3.034/ 189 KB
59 KB 41ms
40ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1936.002-3.034/ice.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1d5b4430af3a2762bd52b10babc5e255f43bfd695f2dceb6afa37553be8c08f

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:42 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jun 2024 11:44:14 GMT
server: cloudflare
age: 1251
etag: W/"2f3cd-61a0ef81564c5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8a29507c1d4e5491-YYZ
expires: Mon, 12 Aug 2024 12:14:51 GMT

GET
BLOB 200
OK cbf71337-0031-4996-8937-68d4c50b42f4
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/cbf71337-0031-4996-8937-68d4c50b42f4
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 67592c27-e313-412d-9aa6-d0b19b59358e
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/67592c27-e313-412d-9aa6-d0b19b59358e
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C3D0 0
0 183ms
99ms Fetch
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DCA 0
0 425ms
245ms Fetch
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 15798ms
77ms Script
application/javascript 23.204.206.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.206.35 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-206-35.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:57 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sat, 13 Jul 2024 12:50:57 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 41 KB
12 KB 41ms
40ms Script
text/javascript 108.138.128.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d621ece174f701a9bb80e8a4db61772f79e70d59a25287cd9a63b465beb6d3a

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 09:41:09 GMT
content-encoding: gzip
via: 1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jul 2024 18:17:45 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 10474
x-amz-server-side-encryption: AES256
etag: W/"ba8d0ff42c9c25a1add6ec7e064ff56f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: m5OiRfCY5eor2U2GLZ8cEBYnujoWRMv0wZiuK1Q4JLSY4_2ShYc30w==

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ 16 KB
6 KB 31ms
30ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41c2df4698fc3e1ce03843c7e9e9b3ead8c59f9c7ef2f44308ab561210f5033c

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jul 2024 21:09:36 GMT
server: cloudflare
age: 399718
etag: W/"668c5590-4089"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8a29507c58ab5467-YYZ
expires: Tue, 16 Jul 2024 12:35:42 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
12 KB 667ms
34ms Script
application/javascript 104.22.53.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fheraldcourier.com%2F&ref=&_it=amazon&partner_id=663
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.53.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:42 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
server: cloudflare
x-amz-request-id: 4GNTEWM5RE8S976C
age: 1720
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 8a2950806e23ac5a-YYZ
x-amz-id-2: 1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 94 KB
28 KB 1123ms
34ms Script
text/javascript 104.22.52.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:15:00 GMT
server: cloudflare
x-amz-request-id: TYG6HYXX38Y338EE
age: 2422
etag: W/"7549ecdacdd2ca9502744f648799d58a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8a2950834fa4ab54-YYZ
x-amz-id-2: FERTTiNLpePIRQX7rFB+OiYKnr4l6eikicfQZPkSFOng2OEpVllm7XXzG8W3iLU8juXvwPb7duE=

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
98 KB 53ms
53ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

617a958b6e0e77c84dd1bc1eace5ce12994246e0df3a9e4df6df1702b5284d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100543
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Jul 2024 12:35:42 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 103 KB
28 KB 3259ms
87ms Script
text/javascript 99.86.191.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-191-237.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c58d825e642307da8aad2562a7a39a8103fa06f97141c6f1b5b57154b128949

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Y_TBOidUsNhh8GPIkoFTWhrjyJzqHpod
content-encoding: br
via: 1.1 29bea082286af4a231cfc553e1b23886.cloudfront.net (CloudFront)
date: Sat, 13 Jul 2024 12:34:55 GMT
x-amz-cf-pop: IAD79-C3
age: 50
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 31 May 2024 21:16:49 GMT
server: AmazonS3
etag: W/"db16dc6c043a013a784479e047f05f1b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: 5npMuMZdVJuAsTcB2TXj-s_ckRg4QBFuhi0f85zFNYRSWq8CUfknLA==

GET
DATA 200
OK truncated
/ Frame 4485 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa05f83a6ff3de2d1a105f48eb1ea7e3d93d39d05ba429adf035e3a727911c0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4485 0
0 402ms
114ms Fetch
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame D0D9 0
0 3262ms
77ms Document
text/html 74.119.117.17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=heraldcourier.com&gdpr=0&gdpr_consent=&gpp=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_sid=5

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://heraldcourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 12:35:44 GMT
server: Kestrel
server-processing-duration-in-ticks: 303811
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 223 KB
60 KB 469ms
41ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 13 Jul 2024 12:35:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1316, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: GihlHCvSlj7MLvaaSBiR0fMQCBVcE9pR4j7AwllVlBdPYjd7lrpjaupnExCGe/JddfQKSiyOfLtrmCI06KXwrQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 manage
router.infolinks.com/usync/ Frame 5E68 0
0 107ms
56ms Document
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1936.002-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://heraldcourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 8a29508098c736c9-YYZ
content-encoding: br
content-type: text/html;charset=UTF-8
date: Sat, 13 Jul 2024 12:35:42 GMT
p3p: CP="NON DSP NID OUR COR"
server: cloudflare
via: 1.1 google

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 43 B
291 B 106ms
49ms XHR
application/json 35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0013300001gtmPFAAY&src=aps&ver=1.12.2&us_privacy=1---&gpp=DBACOe%7ECQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA%7EBQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA%7E1---&gpp_sid=5
Requested by: Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 29bd1f79ce6a664ac35bc5718e0852d02e0f6b54d9bb4a0794ace753c0387bcf

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 13 Jul 2024 12:35:42 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://heraldcourier.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 topics.html
postrelease.com/iframes/ Frame D654 0
0 4845ms
205ms Document
text/html 52.36.224.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postrelease.com/iframes/topics.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.224.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-224-135.us-west-2.compute.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://heraldcourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 582
content-type: text/html
date: Sat, 13 Jul 2024 12:35:47 GMT
etag: "ec22fdd2cd0ccf11c7761864efa96c06"
last-modified: Fri, 15 Mar 2024 21:34:47 GMT
server: AmazonS3
x-amz-id-2: AuaumHx00LMPRE6WnLq1bgeTD4JcInqyc69cwlR5lUOTbU0ZswSysLP7MSlLD/t6dTkJMjJO74o=
x-amz-request-id: 2DQM4DW0Q0A7ETFE
x-amz-server-side-encryption: AES256

GET display.js
jadserve.postrelease.com/ Frame 4485 0
0

GET esp
oajs.openx.net/ 0
0

GET
H2 200 p.js Show response
cdn.parsely.com/keys/heraldcourier.com/ 67 KB
25 KB 137ms
42ms Script
application/javascript 52.85.131.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/heraldcourier.com/p.js?gtm_ver=3.1
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.131.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-131-58.iad50.r.cloudfront.net
Software: nginx /
Resource Hash: 24e5027613909b1dad1aec2026851f9c6054c205dd747fa5e36cfb4e5052c2e9

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: public
date: Sat, 13 Jul 2024 08:29:06 GMT
content-encoding: gzip
via: 1.1 1bf457d3d7fed552451c3ab5896fde02.cloudfront.net (CloudFront)
last-modified: Mon, 08 Apr 2024 13:46:23 GMT
server: nginx
x-amz-cf-pop: IAD50-C2
age: 14796
etag: W/"6613f52f-10a8a"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: obXpP1QIEiBQXbflfkjv1JXsT0dI3dpRrEu2phXF--s0uJ2y2DMPIQ==
expires: Sun, 14 Jul 2024 08:29:06 GMT

GET
H2

200

j Show response
rp.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1720874142866&aid=a-058n&se=e30&duid=3f389ea64a07--01j2p1f2hyqdvn4fpnr6aqf0mf&tv=v2.14.3&pu=https%3A%2F%2Fheraldcourier.com%2F&ext__pubcid=d1865ff5-c4f1-4314-9893-a37f...
https://rp.liadm.com/j?dtstmp=1720874142866&aid=a-058n&se=e30&duid=3f389ea64a07--01j2p1f2hyqdvn4fpnr6aqf0mf&tv=v2.14.3&pu=https%3A%2F%2Fheraldcourier.com%2F&ext__pubcid=d1865ff5-c4f1-4314-9893-a37f...

50 B
399 B

44ms
44ms

XHR
application/json

44.210.250.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp.liadm.com/j?dtstmp=1720874142866&aid=a-058n&se=e30&duid=3f389ea64a07--01j2p1f2hyqdvn4fpnr6aqf0mf&tv=v2.14.3&pu=https%3A%2F%2Fheraldcourier.com%2F&ext__pubcid=d1865ff5-c4f1-4314-9893-a37f93f94876&us_privacy=1---&wpn=lc-bundle&gdpr=0&gpp_s=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_as=5&cd=.heraldcourier.com&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlJlYWQgdGhlIGxhdGVzdCBCcmlzdG9sLCBWQSBuZXdzLiBHZXQgdGhlIGxhdGVzdCBvbiBldmVudHMsIHNwb3J0cywgd2VhdGhlciwgZW50ZXJ0YWlubWVudCwgbGlmZXN0eWxlcyBhbmQgbW9yZS4iPjx0aXRsZT5CcmlzdG9sIEhlcmFsZCBDb3VyaWVyIHwgQnJlYWtpbmcgTmV3cyB8IFJlYWQgQnJpc3RvbCwgVkEgYW5kIFZpcmdpbmlhIGJyZWFraW5nIG5ld3MuIEdldCBsYXRlc3QgbmV3cywgZXZlbnRzIGFuZCBpbmZvcm1hdGlvbiBvbiBWaXJnaW5pYSBzcG9ydHMsIHdlYXRoZXIsIGVudGVydGFpbm1lbnQgYW5kIGxpZmVzdHlsZXM8L3RpdGxlPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL2hlcmFsZGNvdXJpZXIuY29tLyI-PHRpdGxlIGlkPSJ0bnQtc3ZnLXRpdGxlLTEiPkNvbGxlY3Rpb248L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS0yIj5WaWRlbzwvdGl0bGU-PHRpdGxlIGlkPSJ0bnQtc3ZnLXRpdGxlLTMiPkNvbGxlY3Rpb248L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS00Ij5WaWRlbzwvdGl0bGU-PHRpdGxlIGlkPSJ0bnQtc3ZnLXRpdGxlLTUiPlZpZGVvPC90aXRsZT48dGl0bGUgaWQ9InRudC1zdmctdGl0bGUtNiI-VmlkZW88L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS03Ij5WaWRlbzwvdGl0bGU-PHRpdGxlIGlkPSJ0bnQtc3ZnLXRpdGxlLTgiPkF1ZGlvPC90aXRsZT48dGl0bGUgaWQ9InRudC1zdmctdGl0bGUtOSI-QXVkaW88L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS0xMCI-QXVkaW88L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS0xMSI-QXVkaW88L3RpdGxlPg&n3pc=true
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: H2
Server: 44.210.250.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-250-205.compute-1.amazonaws.com
Software: /
Resource Hash: bf8a676a7f02c526c2946d58540257c34ef4a32ccd46787e08a031073b4ff642

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:44 GMT
x-pixel-event-id: 7d409cc2-7ecf-452f-b107-9f59015852b5
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://heraldcourier.com
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 50

Redirect headers

location: /j?dtstmp=1720874142866&aid=a-058n&se=e30&duid=3f389ea64a07--01j2p1f2hyqdvn4fpnr6aqf0mf&tv=v2.14.3&pu=https%3A%2F%2Fheraldcourier.com%2F&ext__pubcid=d1865ff5-c4f1-4314-9893-a37f93f94876&us_privacy=1---&wpn=lc-bundle&gdpr=0&gpp_s=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_as=5&cd=.heraldcourier.com&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlJlYWQgdGhlIGxhdGVzdCBCcmlzdG9sLCBWQSBuZXdzLiBHZXQgdGhlIGxhdGVzdCBvbiBldmVudHMsIHNwb3J0cywgd2VhdGhlciwgZW50ZXJ0YWlubWVudCwgbGlmZXN0eWxlcyBhbmQgbW9yZS4iPjx0aXRsZT5CcmlzdG9sIEhlcmFsZCBDb3VyaWVyIHwgQnJlYWtpbmcgTmV3cyB8IFJlYWQgQnJpc3RvbCwgVkEgYW5kIFZpcmdpbmlhIGJyZWFraW5nIG5ld3MuIEdldCBsYXRlc3QgbmV3cywgZXZlbnRzIGFuZCBpbmZvcm1hdGlvbiBvbiBWaXJnaW5pYSBzcG9ydHMsIHdlYXRoZXIsIGVudGVydGFpbm1lbnQgYW5kIGxpZmVzdHlsZXM8L3RpdGxlPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL2hlcmFsZGNvdXJpZXIuY29tLyI-PHRpdGxlIGlkPSJ0bnQtc3ZnLXRpdGxlLTEiPkNvbGxlY3Rpb248L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS0yIj5WaWRlbzwvdGl0bGU-PHRpdGxlIGlkPSJ0bnQtc3ZnLXRpdGxlLTMiPkNvbGxlY3Rpb248L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS00Ij5WaWRlbzwvdGl0bGU-PHRpdGxlIGlkPSJ0bnQtc3ZnLXRpdGxlLTUiPlZpZGVvPC90aXRsZT48dGl0bGUgaWQ9InRudC1zdmctdGl0bGUtNiI-VmlkZW88L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS03Ij5WaWRlbzwvdGl0bGU-PHRpdGxlIGlkPSJ0bnQtc3ZnLXRpdGxlLTgiPkF1ZGlvPC90aXRsZT48dGl0bGUgaWQ9InRudC1zdmctdGl0bGUtOSI-QXVkaW88L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS0xMCI-QXVkaW88L3RpdGxlPjx0aXRsZSBpZD0idG50LXN2Zy10aXRsZS0xMSI-QXVkaW88L3RpdGxlPg&n3pc=true
access-control-allow-origin: https://heraldcourier.com
date: Sat, 13 Jul 2024 12:35:44 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
BLOB 200
OK eb649143-c550-4515-b903-7a2f52b97386
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/eb649143-c550-4515-b903-7a2f52b97386
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK a4557410-94fd-47bc-ae39-bee420de7369
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/a4557410-94fd-47bc-ae39-bee420de7369
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 / Show response
conduit.redfast.com/ping/ 2 KB
1 KB 224ms
125ms Fetch
application/json 108.138.85.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://conduit.redfast.com/ping/?device_type=web&counter=0&chrome_ext=false&

Requested by

Host: 36c6879a-4526-4abb-8e9f-4ebc04002619.redfastlabs.com
URL: https://36c6879a-4526-4abb-8e9f-4ebc04002619.redfastlabs.com/assets/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.85.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-85-19.iad12.r.cloudfront.net

Software

Resource Hash

02b093ff331be8186a34ae0a2436d77c55fe11695eb85febe54e23f8d7eb8641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD12-P2
x-cache: Miss from cloudfront
x-xss-protection: 0
x-request-id: 872852a1-ddc5-421a-86a1-4e0ff15faa4f
x-runtime: 0.017652
rf-endpoint: CF
referrer-policy: strict-origin-when-cross-origin
etag: W/"02b093ff331be8186a34ae0a2436d77c"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: RF-ENDPOINT
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Accept-Encoding,Origin
x-amz-cf-id: iOZ0aONnHCdwqKKAg7RxGsZKL3ud7D244xyJqEIVsdxEG4ihWkxsrw==

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 49ms
49ms Fetch
text/plain 172.217.197.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je4790v887101457z8861227858za200zb861227858&_p=1720874140074&gcs=G111&gcd=13r3r3r3r5&npa=0&dma=0&tcfd=10004&tag_exp=0&cid=1138218325.1720874141&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=heraldcourier.com%20%7C%20Read%20Bristol%2C%20VA%20and%20Virginia%20breaking%20news.%20Get%20latest%20news%2C%20events%20and%20information%20on%20Virginia%20sports%2C%20weather%2C%20entertainment%20and%20lifestyles&dl=https%3A%2F%2Fheraldcourier.com%2F&sid=1720874142&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.canonical_url=https%3A%2F%2Fheraldcourier.com%2F&epn.townnews_crm_group_id=35&ep.generator=BLOX&ep.generator_version=1.78.3&tfd=4741&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.197.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qa-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heraldcourier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 146 B
295 B 45ms
44ms XHR
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=663&sync=0&domain=heraldcourier.com&url=https://heraldcourier.com/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fheraldcourier.com%2F&ref=&_it=amazon&partner_id=663
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 575f40a58bfc080a1634590eea68805a8a05bbc405b715cd2c6ebda46b0d4ef7

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 Jul 2024 12:35:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization,content-type
cf-ray: 8a295084183fac66-YYZ

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 360ms
46ms Preflight
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=663&sync=0&domain=heraldcourier.com&url=https://heraldcourier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://heraldcourier.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8a295083c804ac66-YYZ
content-length: 0
content-type: application/json
date: Sat, 13 Jul 2024 12:35:43 GMT
debug: OPTIONS block
expires: Sun, 13 Jul 2025 12:35:43 GMT
server: cloudflare

GET
H2 200 961211893969940 Show response
connect.facebook.net/signals/config/ 73 KB
15 KB 381ms
380ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/961211893969940?v=2.9.161&r=stable&domain=heraldcourier.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

f4d093172db78fda9c5b40e1315a9438b3d567a57c0310dc53d6553f0559a7f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 13 Jul 2024 12:35:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=44, rtx=0, c=64, mss=1316, tbw=64163, tp=-1, tpl=-1, uplat=338, ullat=0
pragma: public
x-fb-debug: 1sk8gtL6SqYacdiWjURXOWCRChm6zK9H/Hw/9fGe9KnieHSVNUgxJjUnhYnKmurSjYGSMZq/8OwizgYCtYSnug==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 444ms
42ms Image
image/gif 54.152.53.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Bristol%20Herald%20Courier%20%7C%20Breaking%20News%20%7C%20Read%20Bristol%2C%20VA%20and%20Virginia%20breaking%20news.%20Get%20latest%20news%2C%20events%20and%20information%20on%20Virginia%20sports%2C%20weather%2C%20entertainment%20and%20lifestyles&arttype=editorial&cms=townnews%2Fblox&ptype=homepage&pubname=The%20Bristol%20Herald%20Courier&sec=homepage&tv=js-3.0.167&tna=Mather&aid=v1&p=web&tz=America%2FVancouver&tzoff=420&lang=en-CA&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=6&tvcfg=lee&tid=6371f706-3402-4c49-af14-9334f69c3f56&pid=495d2cec-8995-44fa-9907-62591c19d514&dtm=1720874143041&qnm=_matherq&visible=1&tabid=3622194b-978f-4068-a8b9-c800a1dd453d&url=https%3A%2F%2Fheraldcourier.com%2F&vp=1600x1200&ds=1600x6759&tofa=1720874143&vid=1&lvidt=1720874143&duid=3e867d5c-f787-42eb-8b17-8a06ee3417ed&cid=ma1527&mrk=725149306&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcyMDg3NDEzODIwMSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiI1Ni43MTk4NzNtYiIsImhlYXBUIjoiNzMuMjA3ODc3bWIiLCJmc3RQYWludCI6IjE5NjMiLCJmZXRjaFMiOiI2MDQiLCJkb21haW5TIjoiNjA0IiwiZG9tYWluRSI6IjYwNCIsImNvbm5TIjoiNjA0IiwiY29ubkUiOiI2MDQiLCJyZXF1UyI6IjYwOCIsInJlc3BTIjoiNjQzIiwicmVzcEUiOiI3MTgiLCJkb21Mb2FkIjoiNjU0IiwiZG9tSW50ZXIiOiIyMDkxIiwiZG9tTG9hZFMiOiIyMTEwIiwiZG9tTG9hZEUiOiIyMTEzIn0sImtleXdvcmRzIjpbImJyZWFraW5nIG5ld3MiLCJ3ZWF0aGVyIiwiY3JpbWUiLCJwb2xpdGljcyIsImVudGVydGFpbm1lbnQiLCJsaWZlc3R5bGVzIiwic3BvcnRzIl0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTEzODIxODMyNSIsInJlZlRpbWUiOiIxNzIwODc0MTQzMDQwIn1dfQ
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.53.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-53-162.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Sat, 13 Jul 2024 12:35:43 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8DCA 42 B
65 B 101ms
100ms Fetch
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUBAmFBlxT5TRrtaQWLMBBjZKrNJkSqlQ5kv9LP_0TgEaL71STIobmMSijUdnbBaQAcofhMRP_l27NgXKGuOCv1Yl5gXsa_OSPA3K9XKhVxDzW6mCZTsjlnJRSk3mhfLRFGqlGnUca1wGHctyLIxp_m8wKGSWbhvA&sig=Cg0ArKJSzA0FFaCN1mZTEAE&id=lidar2&mcvt=1022&p=1,799,2,800&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20240710&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=626189969&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1680694100&rst=1720874141410&rpt=581&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=14

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 283 B
318 B 58ms
57ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2F
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d691d2c845b42841483311725f90261e06c8f1d78cbcc8151b661da7569ed52

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript;charset=ISO-8859-1
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 8a29508238415491-YYZ

GET
H2 200 gsd Show response
router.infolinks.com/ 324 B
467 B 59ms
59ms Script
text/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3200774&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2F&jsv=1936.002-3.034&_cb=17208741424000
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bbdc74d56b482e8780a6eeab37492e2e10b9eaec6c8d53dc76d6bd42a7a69a2

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/javascript;charset=UTF-8
p3p: CP="NON DSP NID OUR COR"
cache-control: max-age=0
cf-ray: 8a29508248475491-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK /
p1.parsely.com/px/ 43 B
229 B 3504ms
43ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/px/?rand=1720874143082&plid=b78686d3-8109-4785-922c-03e21caaf2fd&idsite=heraldcourier.com&url=https%3A%2F%2Fheraldcourier.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22user_subscription%22%3A%22No%22%2C%22parsely%3Ametadata-detection%22%3A%7B%22version%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fheraldcourier.com%2F%22%2C%22hash%22%3A1643541504%7D%7D&sid=1&surl=https%3A%2F%2Fheraldcourier.com%2F&sref=&sts=1720874143067&slts=0&title=Bristol+Herald+Courier+%7C+Breaking+News+%7C+Read+Bristol%2C+VA+and+Virginia+breaking+news.+Get+latest+news%2C+events+and+information+on+Virginia+sports%2C+weather%2C+entertainment+and+lifestyles&date=Sat+Jul+13+2024+05%3A35%3A43+GMT-0700+(Pacific+Daylight+Time)&action=pageview&js=1&pvid=46f9d446-edd4-44b7-96c1-ed501079865f&u=pid%3Dd2975bf6-bfa7-4e32-8338-bf608550cbf3
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 12:35:46 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 iqusync-1.31.min.js Show response
resources.infolinks.com/static/usync/ 2 KB
880 B 36ms
35ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/static/usync/iqusync-1.31.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7adedc362a799da2168fec3a6b8ee1d705edbcbebb4d2fbf456af1f575a2ecae

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Jul 2024 11:30:04 GMT
server: cloudflare
age: 914
etag: W/"7ce-61cf7158b5e00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8a29508298665491-YYZ
expires: Mon, 12 Aug 2024 12:20:29 GMT

POST
H2 200 doq.htm Show response
rt3006.infolinks.com/action/ 4 KB
2 KB 424ms
112ms XHR
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3006.infolinks.com/action/doq.htm?pcode=utf-8&r=17208741432171
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1936.002-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b2f2a255daaa6008dab986e9c2fc346f3b68264df13b0fd579f3344b1740566

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://heraldcourier.com
p3p: CP="NON DSP NID OUR COR"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-language: en-CA
cf-ray: 8a2950852bea3981-YYZ
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 iquid-01.js Show response
resources.infolinks.com/static/ 68 KB
14 KB 41ms
40ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/static/iquid-01.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f60c8e46ff2161132091c8bdaf0628c161918a67a1d65854c21bc6bdff7eb91

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Mar 2024 09:50:03 GMT
server: cloudflare
age: 4059
etag: W/"11007-613231db6db5c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8a29508338bd5491-YYZ
expires: Mon, 12 Aug 2024 11:28:04 GMT

GET
BLOB 200
OK d69e5068-eed6-435d-92f4-529c3c4be971
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/d69e5068-eed6-435d-92f4-529c3c4be971
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK a49488b4-0fdc-42cd-b334-3fcdee2a9bf1
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/a49488b4-0fdc-42cd-b334-3fcdee2a9bf1
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 6b555f30-ebda-4d9f-b295-9305cdf47331
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/6b555f30-ebda-4d9f-b295-9305cdf47331
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ 16 KB
89 B 29ms
29ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41c2df4698fc3e1ce03843c7e9e9b3ead8c59f9c7ef2f44308ab561210f5033c

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jul 2024 21:09:36 GMT
server: cloudflare
age: 399719
etag: W/"668c5590-4089"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8a2950835c085467-YYZ
expires: Tue, 16 Jul 2024 12:35:43 GMT

GET
H2 200 ProfilesEngineServlet Show response
api.intentiq.com/profiles_engine/ 110 B
989 B 1182ms
46ms XHR
text/html 108.139.29.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=328512134&pt=17&dpn=1&jsver=5.36&iiqidtype=2&iiqpcid=c1b7042a-492a-446e-bb4e-bd24ed7d47c2&iiqpciddate=1720874143274&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=166_1720874143274&fbp=2505576691&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/iquid-01.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-24.jfk50.r.cloudfront.net
Software: /
Resource Hash: 4f1540c5087bae5e01a44549d528455d72437ff29d13e537bca45c65ec213ed0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:44 GMT
via: 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
pragma: no-cache
access-control-max-age: 3600
vary: Origin
content-type: text/html
access-control-allow-origin: https://heraldcourier.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me, DNT,X-CustomHeader,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control
x-amz-cf-id: C_-C6R3LdWp0V-sHu-SQxCfSJFdr2fAeBFQs17GWGVYhlPFU-v0mqg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=928940&iiqidtype=2&iiqpcid=c1b7042a-492a-446e-bb4e-bd24ed7d47c2&iiqpciddate=1720874143274&tsrn...
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=928940&iiqidtype=2&iiqpcid=c1b7042a-492a-446e-bb4e-bd24ed7d47c2&iiqpciddate=1720874143274&tsrn...

43 B
1 KB

55ms
54ms

Image
image/gif

52.85.132.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=928940&iiqidtype=2&iiqpcid=c1b7042a-492a-446e-bb4e-bd24ed7d47c2&iiqpciddate=1720874143274&tsrnd=110_1720874143275&fbp=2505576691&jsver=5.36&abtp=100&abtg=A&ckls=true&ci=fYzo5BLKrA&nc=false&trid=-1699695500
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: H2
Server: 52.85.132.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-4.iad50.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:43 GMT
via: 1.1 e67eec39bafe7d4b59266632bc2a9886.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD50-C2
x-cache: Miss from cloudfront
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: NedajM32AgjwSeFHPjHPKLpvA5lbzo7eqErmSBaIANc5v-TfOpc_-g==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:43 GMT
via: 1.1 e67eec39bafe7d4b59266632bc2a9886.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD50-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=928940&iiqidtype=2&iiqpcid=c1b7042a-492a-446e-bb4e-bd24ed7d47c2&iiqpciddate=1720874143274&tsrnd=110_1720874143275&fbp=2505576691&jsver=5.36&abtp=100&abtg=A&ckls=true&ci=fYzo5BLKrA&nc=false&trid=-1699695500
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: lRpE9AL0Sw1Lv1pHCLljq22E6VS1Exq84yVP0I5GHd3rF41DFd55rg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 did-004d.min.js Show response
d-code.liadm.com/ 98 KB
35 KB 3526ms
86ms Script
application/javascript 13.32.208.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d-code.liadm.com/did-004d.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.208.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-208-13.iad66.r.cloudfront.net
Software: /
Resource Hash: ec516dc31a72ec6f2d2e01d6a4e5e38d0aa7e6d4e687deaec53e772089a022cf

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 07:05:37 GMT
content-encoding: gzip
via: 1.1 6ff4697c5089876d94430beacc9a4d5e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C1
age: 19809
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: cJWs5Nfd8TkkCNV4lMnN_OO2Ib1aE7qQ1QS-IW7KwLFiSmuZKxmmhw==

GET
H2 200 id5.js Show response
resources.infolinks.com/static/ 58 KB
17 KB 38ms
37ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/static/id5.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 26 Mar 2023 15:25:02 GMT
server: cloudflare
age: 5974
etag: W/"e65f-5f7cf3aed6f0f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8a295083a8ec5491-YYZ
expires: Mon, 12 Aug 2024 10:56:09 GMT

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 43 B
96 B 48ms
48ms XHR
application/json 35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.12.2&us_privacy=1---&gpp=DBACOe%7ECQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA%7EBQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA%7E1---&gpp_sid=5
Requested by: Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 29bd1f79ce6a664ac35bc5718e0852d02e0f6b54d9bb4a0794ace753c0387bcf

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 13 Jul 2024 12:35:43 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://heraldcourier.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 1386ms
41ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=961211893969940&ev=PageView&dl=https%3A%2F%2Fheraldcourier.com%2F&rl=&if=false&ts=1720874143422&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720874143415.896832726107041185&cs_est=true&ler=empty&cdl=API_unavailable&it=1720874143017&coo=false&rqm=GET

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1316, tbw=2809, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Jul 2024 12:35:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 1448ms
103ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=961211893969940&ev=PageView&dl=https%3A%2F%2Fheraldcourier.com%2F&rl=&if=false&ts=1720874143422&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720874143415.896832726107041185&cs_est=true&ler=empty&cdl=API_unavailable&it=1720874143017&coo=false&rqm=FGET

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x4d08f67a8e82401f","source_keys":["1","2"]},{"key_piece":"0xaf37aa71ab5510f7","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 13 Jul 2024 12:35:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391098169608422493", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1316, tbw=3159, tp=-1, tpl=-1, uplat=62, ullat=0
pragma: no-cache
x-fb-debug: MctgfecsS3Y04sUth+9mi+c4sRy4BqzA9QuFfttLBS6yZ5VW65K5XSRGxf2v0segvPthIIC28LX0ZKz27qS0Ug==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391098169608422493"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 1386ms
42ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=961211893969940&ev=Domain&dl=https%3A%2F%2Fheraldcourier.com%2F&rl=&if=false&ts=1720874143426&cd[custom_param]=heraldcourier.com&sw=1600&sh=1200&v=2.9.161&r=stable&ec=1&o=4126&fbp=fb.1.1720874143415.896832726107041185&ler=empty&cdl=API_unavailable&it=1720874143017&coo=false&rqm=GET

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1316, tbw=2809, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Jul 2024 12:35:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 1407ms
126ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=961211893969940&ev=Domain&dl=https%3A%2F%2Fheraldcourier.com%2F&rl=&if=false&ts=1720874143426&cd[custom_param]=heraldcourier.com&sw=1600&sh=1200&v=2.9.161&r=stable&ec=1&o=4126&fbp=fb.1.1720874143415.896832726107041185&ler=empty&cdl=API_unavailable&it=1720874143017&coo=false&rqm=FGET

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x346ce140d94f56b7","source_keys":["1","2"]},{"key_piece":"0x2a5dd6ecbb9a016f","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 13 Jul 2024 12:35:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391098170931041288", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=44, rtx=0, c=10, mss=1316, tbw=6867, tp=-1, tpl=-1, uplat=86, ullat=0
pragma: no-cache
x-fb-debug: 4rj4ndGl2ryuMoWiawMm65NF549iNx3OFHCcNDkIQq8zIZmkZeFaxjNksMU4PNeVDKVE38XbLeFaam0m3RzHog==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391098170931041288"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 415 KB
143 KB 604ms
50ms Script
text/javascript 173.194.66.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.66.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f95.1e100.net

Software

sffe /

Resource Hash

936f5a4299c7435fde1e9db72f95b51fe142f901e9fc9972395e508726b3a4ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145330
x-xss-protection: 0
expires: Sat, 13 Jul 2024 12:35:44 GMT

GET
H2 200 container-4.0.html
resources.infolinks.com/static/ Frame CFE2 0
0 37ms
35ms Document
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/static/container-4.0.html
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1936.002-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://heraldcourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 1442
cache-control: max-age=2592000
cf-cache-status: HIT
cf-ray: 8a2950863c0c36c9-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 13 Jul 2024 12:35:43 GMT
expires: Mon, 12 Aug 2024 12:11:41 GMT
last-modified: Mon, 18 Dec 2023 15:25:02 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 google

GET
BLOB 200
OK 2e8ab3d0-30ad-4cc3-b0c2-c6b475a3520e
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/2e8ab3d0-30ad-4cc3-b0c2-c6b475a3520e
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK ad0bfc1a-215b-4dca-a48a-d48817561413
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/ad0bfc1a-215b-4dca-a48a-d48817561413
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 in_search.js Show response
resources.infolinks.com/js/1936.002-3.034/ 234 KB
36 KB 47ms
46ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1936.002-3.034/in_search.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b46bc1cdac4ab275468dbc876d0db1df58cb4c8e017b6c9bf30fc935e87a846

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jun 2024 11:44:14 GMT
server: cloudflare
age: 850
etag: W/"3a86d-61a0ef81560dd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8a2950868a6e5491-YYZ
expires: Mon, 12 Aug 2024 12:21:33 GMT

GET
H2 200 bubble.js Show response
resources.infolinks.com/js/1936.002-3.034/ 156 KB
30 KB 40ms
38ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1936.002-3.034/bubble.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59ddf97f6e2d2c730808590edffb1c8caf4569dc1f10eb24c374e445911e6841

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jun 2024 11:44:14 GMT
server: cloudflare
age: 282
etag: W/"2702f-61a0ef8155cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8a2950869a7b5491-YYZ
expires: Mon, 12 Aug 2024 12:31:01 GMT

GET
BLOB 200
OK fbc6c621-fc47-4bb8-86fc-a23f1ef619f9
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/fbc6c621-fc47-4bb8-86fc-a23f1ef619f9
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 getads.htm Show response
rt3006.infolinks.com/action/ 9 KB
6 KB 1516ms
1515ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3006.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22breaking%20news%22%2C%22scs%22%3A%22Sp1DDQvQzs%22%7D%5D&rid=a3f4a3b4-343a-47b5-93ff-2754032ab09e&jsv=1936.002-3.034&sr=1600X1200&rts=1720874143809&cfv=-1&cb=getAdsResponse&os=Linux&ov=x86_64&br=Chrome&bv=126.0.0.0&dv=p&ce=t&purl=https%3A%2F%2Fheraldcourier.com%2F&tzo=-0700&c=c&strg=true&pitc=11~FlT6yAikPbfqup6LnPt5qzZukyHuDFyh&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=i4OvRCBcSWasGuWXyPbE9DSEMi1eSh629-vzZNAyw29xgrheGXc5RyzdminIA61e8CD4rnyYOuShKp_J_Rg1fg0lZPedZ4jU6dp4X41z_iIKsw5X6KrLttIk7EsvU4wXxGfyoWwwpI6KhogxwPvzH54ClDDsso6u&rsk=60&rcs=hbo3QKku07x9U1nfKsfUHg&cuid=c73ec044-f927-4153-baab-926897a09c1b&hbnr=false
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4637e05cc2229f04cc819a0b12e4199db3657a3f58e5de140260b9739b65b75c

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
content-language: en-CA
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 8a2950873ad85491-YYZ
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 18 KB
9 KB 507ms
506ms Fetch
application/json 172.64.144.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/prebid8.39.0.js?_dc=1718863205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.78 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4e15b8abb8987dc07700ca9e9f4644e22ce6b9da119a848049edafbfe5b1f7d

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://heraldcourier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8a29508a0dd6abe2-YYZ
expires: 0

GET
H/1.1 200
OK a-058n
i.liadm.com/s/c/ Frame A09F 0
0 190ms
55ms Document
text/html 34.232.93.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-058n?duid=3f389ea64a07--01j2p1f2hyqdvn4fpnr6aqf0mf&euns=0&s=&us_privacy=1---&gpp_s=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_as=5&version=v2.14.3&cd=.heraldcourier.com

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.232.93.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-93-132.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://heraldcourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 660
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Jul 2024 12:35:44 GMT
Request-Time: 14
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H/1.1 200
OK baker
sli.heraldcourier.com/ 19 B
370 B 464ms
69ms Image
image/gif 23.205.106.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sli.heraldcourier.com/baker?dtstmp=1720874144410
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.106.84 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-106-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Expires: Sat, 13 Jul 2024 12:35:44 GMT
Pragma: no-cache
Date: Sat, 13 Jul 2024 12:35:44 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 19
Content-Type: image/gif

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 770 B
215 B 421ms
421ms XHR
application/json 209.85.144.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fheraldcourier.com%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f157.1e100.net

Software

cafe /

Resource Hash

d06914f0b847d48ec24666fdd1809ccc50dee7169b29ee7c5122d0b2efe08564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190
x-xss-protection: 0
expires: Sat, 13 Jul 2024 12:35:44 GMT

GET
H2 200 vidice.js Show response
resources.infolinks.com/js/vidice/4.1/ 372 KB
99 KB 46ms
45ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/vidice/4.1/vidice.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d0fd41a302491651608058cdb5be0101ba8c7a5cdd316365227d5e81e9ff354

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:44 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Jan 2024 10:40:04 GMT
server: cloudflare
age: 2603
etag: W/"5d1e7-6101344cba9ba"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8a29508b6ce05491-YYZ
expires: Mon, 12 Aug 2024 11:52:21 GMT

GET
H2 200 adview.htm Show response
rt3006.infolinks.com/action/ 0
146 B 94ms
94ms XHR
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3006.infolinks.com/action/adview.htm?rid=a3f4a3b4-343a-47b5-93ff-2754032ab09e&bdc=1&midx=0&emd=MTQ3fjE4MjE&rts=1720874145388&prod_t=d&jsv=1936.002-3.034&skin=sidebar&theme=nologo&sdata=breaking%20news&scs=Sp1DDQvQzs&rsd=i4OvRCBcSWasGuWXyPbE9DSEMi1eSh629-vzZNAyw29xgrheGXc5RyzdminIA61e8CD4rnyYOuShKp_J_Rg1fg0lZPedZ4jU6dp4X41z_iIKsw5X6KrLttIk7EsvU4wXxGfyoWwwpI6KhogxwPvzH54ClDDsso6u&rsk=60&rcs=hbo3QKku07x9U1nfKsfUHg
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1936.002-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:45 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://heraldcourier.com
p3p: CP="NON DSP NID OUR COR"
cache-control: no-cache,no-store
access-control-allow-credentials: true
cf-ray: 8a295090cbf83981-YYZ
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1346 159 KB
52 KB 124ms
124ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: blank
URL: about:blank

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

43a99c9a02c533e7ee2359abb8903d729b6cbed4fff3b2f7fddaa447bd044cc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53378
x-xss-protection: 0
server: cafe
etag: 9115429312888016538
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 13 Jul 2024 12:35:45 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 10 KB
2 KB 124ms
40ms Fetch
application/json 99.86.191.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-191-237.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf7757eb072d08d857634fe0a4997f9efe4d0c20b614f72858a0d61fe090743c

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: OMBMX.CTyyxMTiHSNr3DUMVjRYfhTR4L
content-encoding: gzip
via: 1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
date: Sat, 13 Jul 2024 10:44:05 GMT
x-amz-cf-pop: IAD79-C3
age: 6701
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 14 May 2024 16:41:32 GMT
server: AmazonS3
etag: W/"0074e8875be5983630541f9e8c04547d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: fxYFSsnHmHTiKulFpqQqBcQGF76NpC1b3HmtmPMoGttNgYLJljkGKQ==

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407110101/ Frame 1346 424 KB
143 KB 127ms
126ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407110101/show_ads_impl_fy2021.js?bust=31085242

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

03a9f58b7c5f30ee109f720972e19fdc1929fb52c0b504ccc736849ee1986ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146763
x-xss-protection: 0
server: cafe
etag: 1899994855981110466
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 12:35:45 GMT

GET
H2 200 870.bundle.6e2976b75e60ab2b2bf8.js Show response
cdn.segment.com/analytics-next/bundles/ 17 KB
5 KB 43ms
42ms Script
application/javascript 99.86.191.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/870.bundle.6e2976b75e60ab2b2bf8.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-191-237.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da691c9121865cc84cb038acd5c8cc3b8adcd480c4f1edeaa8bbf8acd532ee0f

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 12:34:50 GMT
x-amz-version-id: JwJ9.0ta_f_qVJIoe4VFff0B7W8IQOvS
content-encoding: br
via: 1.1 29bea082286af4a231cfc553e1b23886.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C3
age: 11923256
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 22 Feb 2024 18:59:59 GMT
server: AmazonS3
etag: W/"69ff6d99504e355f116e0d507f3dcf2b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: L0fWv5iPnoSkeRCus7nHEJlWpDL7eRm_hEB9y3RCyc1bAHSfEKsurA==

GET
H2 200 tsub-middleware.bundle.77315eced46c5ae4c052.js Show response
cdn.segment.com/analytics-next/bundles/ 568 B
1 KB 41ms
40ms Script
application/javascript 99.86.191.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/tsub-middleware.bundle.77315eced46c5ae4c052.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-191-237.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0857d11fef8be7a02171417365501f07d12e4d0fd4969a8ce43b9adffb7b1158

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 19 Jun 2024 22:26:47 GMT
x-amz-version-id: gqbiQ4JTwmnEtNjrr_67of3zztreXHxd
via: 1.1 29bea082286af4a231cfc553e1b23886.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C3
age: 2038139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 568
last-modified: Sun, 16 Jun 2024 09:48:38 GMT
server: AmazonS3
etag: "2e2a6826c25f4a2f22f0112c0e467584"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: fTNf37V7eFvZ9Cxj9EsIsw7lpfqdND34U9n4rp7PPTKnn814Kr0Zew==

GET
H2 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 43ms
42ms Script
application/javascript 99.86.191.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-191-237.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Apr 2024 15:05:27 GMT
x-amz-version-id: 1lCjHefPzcRt0EbQDFkkb.6FnzhNuKxa
content-encoding: br
via: 1.1 29bea082286af4a231cfc553e1b23886.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C3
age: 7680619
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Apr 2024 21:39:45 GMT
server: AmazonS3
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: VS-gtYHwE6X9D9Ndm7G1aBhSlcJ41LL_5_9bOLW7AWWWdviNtVsmnQ==

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 42ms
42ms Script
application/javascript 99.86.191.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-191-237.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Apr 2024 06:42:44 GMT
x-amz-version-id: 6p7m0DymtVd2iHKfdr7k4GM1yYafy1xS
content-encoding: br
via: 1.1 29bea082286af4a231cfc553e1b23886.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C3
age: 7969982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Apr 2024 03:48:56 GMT
server: AmazonS3
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: 3BB1vu27w1JPW4hwcSpGshiCOSRbaIjWFWbLM3_nGK1xfT8XjQy1mg==

GET
H2 200 / Show response
heraldcourier.com/tncms/dmp/segment_audiences/ 80 B
651 B 356ms
353ms Fetch
application/json 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://heraldcourier.com/tncms/dmp/segment_audiences/?anonymous_id=c4c9dc3f-e908-4a37-a090-dda454d8e329

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

313f39f8b90f51fd04e2708370e21674be8444df480db62d87382f85ad4e77cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://heraldcourier.com/
X-Requested-Feature: geoip
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
age: 0
content-length: 85
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 13 Jul 2024 12:35:45 GMT
x-vcache: MISS
etag: W/28534236ca49b37cfe05fe57a05ac4b6
x-frame-options: SAMEORIGIN
vary: Origin, X-Townnews-Now-API-Version, Accept-Encoding
content-type: application/json; charset=UTF-8
x-tncms: 1.78.3; app7; 0.31s; 0.7M
cache-control: public, max-age=300
accept-ranges: bytes
x-robots-tag: noarchive

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
175 B 1314ms
97ms Fetch
application/json 54.69.251.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.69.251.6 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-69-251-6.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://heraldcourier.com
date: Sat, 13 Jul 2024 12:35:47 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/ Frame 1397 0
0 135ms
42ms Document
text/html 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407110101/show_ads_impl_fy2021.js?bust=31085242

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 66764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jul 2024 18:03:02 GMT
etag: 2738592464165616
expires: Fri, 26 Jul 2024 18:03:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1346 0
20 B 114ms
113ms Image
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=d_IL_INSEARCH&cls=IL_BASE%20insearch1&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1346 0
20 B 112ms
111ms Image
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=x-reveal-ad&cls=hidden-print&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: heraldcourier.com
URL: https://heraldcourier.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2D46 0
0 426ms
350ms Document
text/html 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gdpr_consent=tcunavailable&tcfe=3&gpp=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_sid=5&client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=2751417937&pi=t.ma~as.2794737922&w=728&abgtt=1&rdp=false&format=728x90&url=https%3A%2F%2Fheraldcourier.com%2F&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720874145593&bpp=5&bdt=177&idt=312&shv=r20240709&mjsv=m202407110101&ptt=9&saldr=aa&correlator=8184874838080&frm=23&ife=1&pv=2&ga_vid=351378721.1720874146&ga_sid=1720874146&ga_hid=547870303&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95334510%2C95334524%2C95334829%2C31085242%2C21065724%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3217362809498527&tmod=795319980&uas=0&nvt=1&loc=https%3A%2F%2Fheraldcourier.com%2F&fc=640&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.6fg7szvr32li&fsb=1&dtd=355

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407110101/show_ads_impl_fy2021.js?bust=31085242

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 26178
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 12:35:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8AA9 0
0 124ms
52ms Document
text/html 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gdpr_consent=tcunavailable&tcfe=3&gpp=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_sid=5&client=ca-pub-6373315980741255&output=html&adk=1812271804&adf=480832066&abgtt=1&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&rdp=false&format=0x0&url=https%3A%2F%2Fheraldcourier.com%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_18~29_11~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720874145593&bpp=2&bdt=178&idt=321&shv=r20240709&mjsv=m202407110101&ptt=9&saldr=aa&prev_fmts=728x90&nras=1&correlator=8184874838080&frm=23&ife=1&pv=1&ga_vid=351378721.1720874146&ga_sid=1720874146&ga_hid=547870303&ga_fc=0&nhd=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95334510%2C95334524%2C95334829%2C31085242%2C21065724%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3217362809498527&tmod=795319980&uas=0&nvt=1&fsapi=1&loc=https%3A%2F%2Fheraldcourier.com%2F&fc=640&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=2.vdest8x89yd3&fsb=1&dtd=358

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407110101/show_ads_impl_fy2021.js?bust=31085242

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 12:35:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1346 16 KB
12 KB 110ms
108ms XHR
application/json 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240709&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407110101/show_ads_impl_fy2021.js?bust=31085242

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

f0b393f278e59fd428c7d7048df636230cb5fd29d99cff1cee4439d637e077fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12746
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1346 17 KB
6 KB 45ms
45ms Script
text/javascript 142.251.179.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407110101/show_ads_impl_fy2021.js?bust=31085242

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Jul 2024 12:35:46 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ED11 0
0 127ms
43ms Document
text/html 142.251.179.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.179.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 494111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jul 2024 19:20:35 GMT
expires: Mon, 07 Jul 2025 19:20:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 9056 0
0 207ms
107ms Document
text/html 172.217.197.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f147.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fGGsQPvfALDzzxdZ9_bMRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-fGGsQPvfALDzzxdZ9_bMRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 12:35:46 GMT
expires: Sat, 13 Jul 2024 12:35:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
BLOB 200
OK 26fea864-f7bc-4437-ab1d-b4433d6aadc8
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/26fea864-f7bc-4437-ab1d-b4433d6aadc8
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 dcl.htm Show response
rt3006.infolinks.com/action/ 0
62 B 100ms
99ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3006.infolinks.com/action/dcl.htm?rid=a3f4a3b4-343a-47b5-93ff-2754032ab09e&prod_t=d&sdata=breaking%20news&bdc=1&midx=0&capara=%7B%22ve%22%3A%22mrc50%22%7D
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 8a2950978a775491-YYZ
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 49ms
49ms Fetch
text/plain 172.217.197.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S5LKEZJN96&gtm=45je4790v893785645za200zb6749731&_p=1720874140074&gcs=G111&gcd=13r3v3r3r5&npa=0&dma=0&tcfd=10004&tag_exp=0&cid=1138218325.1720874141&ecid=1707540201&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&sid=1720874141&sct=1&seg=0&dl=https%3A%2F%2Fheraldcourier.com%2F&dt=Bristol%20Herald%20Courier%20%7C%20Breaking%20News%20%7C%20Read%20Bristol%2C%20VA%20and%20Virginia%20breaking%20news.%20Get%20latest%20news%2C%20events%20and%20information%20on%20Virginia%20sports%2C%20weather%2C%20entertainment%20and%20lifestyles&_s=3&tfd=8615&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5LKEZJN96&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.197.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qa-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heraldcourier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 any Show response
idx.liadm.com/idex/did-004d/ 460 B
878 B 404ms
46ms XHR
text/plain 34.231.175.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/did-004d/any?duid=3f389ea64a07--01j2p1f2hyqdvn4fpnr6aqf0mf&us_privacy=1---&gdpr=0&did=did-004d&gpp_s=DBACOe~CQBsaMAQBsaMAEXjkAENA0EwAP_gAEPgAAQAI9QOIAFAAaABWAC4AMgAcABAACQAFoAMgAaQA5ADqAHgAfQBEAEYAJIATIAngCgAFIALYAXwAwgBmADQAHiAQIBBACEAEWAI8ASgArYBlAGXANIA0wBzwDuAO8AeIBA4CDgIRASUBJgCngFRAKyAXUAwgBmgDlAIMARqAvMBe4DGQGTAMsAaiA3cBxwDoQH7gR6BBSBIAAsACoAFwAMgAcABAACQAGQANAAcgA8AB9AEQARQAmABPACkAF8AMwAaAA_ACEgGUAZYA54B3AHeAQOAg4CEAEWAKeAXUBeYDJgGWAM-AaqA_cCCgAAA~BQBsaMAQBsaMAEXjkAENA0CgAf_AAIfAAAj1A4gAUABoAFYALgAyABwAEAAJAAWgAyABpADkAOoAeAB9AEQARgAkgBMgCeAKAAUgAtgBfADCAGYANAAeIBAgEEAIQARYAjwBKACtgGUAZcA0gDTAHPAO4A7wB4gEDgIOAhEBJQEmAKeAVEArIBdQDCAGaAOUAgwBGoC8wF7gMZAZMAywBqIDdwHHAOhAfuBHoEFIEgACwAKgAXAAyABwAEAAJAAZAA0AByADwAH0ARABFACYAE8AKQAXwAzABoAD8AISAZQBlgDngHcAd4BA4CDgIQARYAp4BdQF5gMmAZYAz4BqoD9wIKA~1---&gpp_as=5&cd=.heraldcourier.com&pu=https%3A%2F%2Fheraldcourier.com&ajs_user_id=null&_pubcid=d1865ff5-c4f1-4314-9893-a37f93f94876&resolve=nonId&resolve=uid2&resolve=index&resolve=openx&resolve=pubmatic&resolve=magnite&resolve=bidswitch&resolve=medianet&resolve=sovrn&resolve=connatix&resolve=thetradedesk

Requested by

Host: d-code.liadm.com
URL: https://d-code.liadm.com/did-004d.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.175.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-175-99.compute-1.amazonaws.com

Software

Resource Hash

b3d3aab79895a1cf2e8359ffdee2b5d41e142484385e24863ee6b0bdcbb55454

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 4
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://heraldcourier.com
cache-control: max-age=86399, private
access-control-allow-credentials: true
trace-id: b3efc9355634ab8b
content-length: 460
expires: Sun, 14 Jul 2024 12:35:47 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 50ms
49ms Fetch
text/plain 172.217.197.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je4790v887101457za200zb861227858&_p=1720874140074&gcs=G111&gcd=13r3r3r3r5&npa=0&dma=0&tcfd=10004&tag_exp=0&cid=1138218325.1720874141&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&dt=heraldcourier.com%20%7C%20Read%20Bristol%2C%20VA%20and%20Virginia%20breaking%20news.%20Get%20latest%20news%2C%20events%20and%20information%20on%20Virginia%20sports%2C%20weather%2C%20entertainment%20and%20lifestyles&dl=https%3A%2F%2Fheraldcourier.com%2F&sid=1720874142&sct=1&seg=0&_s=2&tfd=8679&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.197.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qa-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heraldcourier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 1346 0
0

GET
H2 200 / Show response
conduit.redfast.com/ping/ 2 KB
1 KB 133ms
133ms Fetch
application/json 108.138.85.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://conduit.redfast.com/ping/?device_type=web&counter=0&chrome_ext=false&

Requested by

Host: 36c6879a-4526-4abb-8e9f-4ebc04002619.redfastlabs.com
URL: https://36c6879a-4526-4abb-8e9f-4ebc04002619.redfastlabs.com/assets/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.85.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-85-19.iad12.r.cloudfront.net

Software

Resource Hash

42b647ee11f5a95693ab57128f473a77c34bd65c461ed87af5cadc895d9edabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

ANONYMOUS-USER-ID: ca3aa1e756401314cae60a4e07a958429e1236458d1357f0ed369e306b776f71
Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD12-P2
x-cache: Miss from cloudfront
x-xss-protection: 0
x-request-id: c033f30f-9342-40ec-a0e4-363d13c6681a
x-runtime: 0.018577
rf-endpoint: CF
referrer-policy: strict-origin-when-cross-origin
etag: W/"42b647ee11f5a95693ab57128f473a77"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: RF-ENDPOINT
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Accept-Encoding,Origin
x-amz-cf-id: 4AFIEH3A5nJvMydhhkjcTBfSHDd8yGQCnxd8lD3YkICsQE7JzafkUA==

OPTIONS
H2 200 /
conduit.redfast.com/ping/ Frame 0
0 107ms
106ms Preflight 108.138.85.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://conduit.redfast.com/ping/?device_type=web&counter=0&chrome_ext=false&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.85.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-85-19.iad12.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymous-user-id
Access-Control-Request-Method: GET
Origin: https://heraldcourier.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: anonymous-user-id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: RF-ENDPOINT
access-control-max-age: 7200
content-length: 0
date: Sat, 13 Jul 2024 12:35:48 GMT
via: 1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
x-amz-cf-id: PCb4GJ8AInsATNl_en79ycRZQtKo_lsNvMD137cwujl6r6CXH7iZ2A==
x-amz-cf-pop: IAD12-P2
x-cache: Miss from cloudfront

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 51ms
50ms Fetch
text/plain 172.217.197.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S5LKEZJN96&gtm=45je4790v893785645z8887101457za200zb6749731&_p=1720874140074&gcs=G111&gcd=13r3v3r3r5&npa=0&dma=0&tcfd=10004&tag_exp=0&cid=1138218325.1720874141&ecid=1707540201&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&_s=4&sid=1720874141&sct=1&seg=0&dl=https%3A%2F%2Fheraldcourier.com%2F&dt=Bristol%20Herald%20Courier%20%7C%20Breaking%20News%20%7C%20Read%20Bristol%2C%20VA%20and%20Virginia%20breaking%20news.%20Get%20latest%20news%2C%20events%20and%20information%20on%20Virginia%20sports%2C%20weather%2C%20entertainment%20and%20lifestyles&en=ad_impression&ep.domain=heraldcourier.com&ep.asset_flag_array=false&ep.asset_tag_array=false&ep.page_type=homepage&ep.platform=desktop&ep.application=editorial&ep.byline=Undefined&ep.syndication_domain=null&ep.blox_sections=&ep.url_fragment=&ep.author=Undefined&ep.eedition_view_type=Page%20View&ep.asset_app=editorial&ep.asset_has_paywall=notset&ep.asset_has_video=no&ep.query_id=CNTtt-GDpIcDFaaNdwEdcB8JSA&_et=5051&tfd=13675&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5LKEZJN96&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.197.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qa-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heraldcourier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 49ms
49ms Fetch
text/plain 172.217.197.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je4790v887101457za200zb861227858&_p=1720874140074&gcs=G111&gcd=13r3v3r3r5&npa=0&dma=0&tcfd=10004&tag_exp=0&cid=1138218325.1720874141&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&_s=3&dt=heraldcourier.com%20%7C%20Read%20Bristol%2C%20VA%20and%20Virginia%20breaking%20news.%20Get%20latest%20news%2C%20events%20and%20information%20on%20Virginia%20sports%2C%20weather%2C%20entertainment%20and%20lifestyles&dl=https%3A%2F%2Fheraldcourier.com%2F&sid=1720874142&sct=1&seg=0&en=ad_impression&ep.canonical_url=https%3A%2F%2Fheraldcourier.com%2F&epn.townnews_crm_group_id=35&ep.generator=BLOX&ep.generator_version=1.78.3&ep.query_id=CNTtt-GDpIcDFaaNdwEdcB8JSA&_et=3920&tfd=13683&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.197.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qa-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heraldcourier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 51ms
51ms XHR
text/plain 172.217.197.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1897129997&t=pageview&_s=1&dl=https%3A%2F%2Fheraldcourier.com%2F&dp=%2F&ul=en-ca&de=UTF-8&dt=Bristol%20Herald%20Courier%20%7C%20Breaking%20News%20%7C%20Read%20Bristol%2C%20VA%20and%20Virginia%20breaking%20news.%20Get%20latest%20news%2C%20events%20and%20information%20on%20Virginia%20sports%2C%20weather%2C%20entertainment%20and%20lifestyles&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAADACAAIg~&cid=1138218325.1720874141&tid=UA-54716522-7&_gid=1420759543.1720874152&_slc=1&gtm=45He4790n71PDQV3Nv72758733za200&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fheraldcourier.com%2F&cd16=No&cd17=Page%20View&cm1=1604&gcs=G1--&gcd=13l3l3l3l5&dma=0&tcfd=10004&tag_exp=0&z=315856898

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:35:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heraldcourier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 43ms
42ms Image
image/gif 54.152.53.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.167&tna=Mather&aid=v1&p=web&tz=America%2FVancouver&tzoff=420&lang=en-CA&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=6&tvcfg=lee&f_privb=0&tid=9053687b-b386-4a6c-8abc-ddbfac3cb46d&pid=495d2cec-8995-44fa-9907-62591c19d514&dtm=1720874153041&qnm=_matherq&visible=1&tabid=3622194b-978f-4068-a8b9-c800a1dd453d&url=https%3A%2F%2Fheraldcourier.com%2F&vp=1600x1200&ds=1600x6759&tofa=1720874143&vid=1&lvidt=1720874143&duid=3e867d5c-f787-42eb-8b17-8a06ee3417ed&cid=ma1527&mrk=725149306&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcyMDg3NDEzODIwMSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiI3Mi41MTk1NTNtYiIsImhlYXBUIjoiOTAuNTA0MDk3bWIiLCJmc3RQYWludCI6IjE5NjMiLCJmZXRjaFMiOiI2MDQiLCJkb21haW5TIjoiNjA0IiwiZG9tYWluRSI6IjYwNCIsImNvbm5TIjoiNjA0IiwiY29ubkUiOiI2MDQiLCJyZXF1UyI6IjYwOCIsInJlc3BTIjoiNjQzIiwicmVzcEUiOiI3MTgiLCJkb21Mb2FkIjoiNjU0IiwiZG9tSW50ZXIiOiIyMDkxIiwiZG9tTG9hZFMiOiIyMTEwIiwiZG9tTG9hZEUiOiIyMTEzIn19
Requested by: Host: heraldcourier.com
URL: https://heraldcourier.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.53.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-53-162.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Sat, 13 Jul 2024 12:35:53 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 / Show response
conduit.redfast.com/ping/ 2 KB
1 KB 163ms
163ms Fetch
application/json 108.138.85.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://conduit.redfast.com/ping/?device_type=web&counter=1720874148&chrome_ext=false&

Requested by

Host: 36c6879a-4526-4abb-8e9f-4ebc04002619.redfastlabs.com
URL: https://36c6879a-4526-4abb-8e9f-4ebc04002619.redfastlabs.com/assets/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.85.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-85-19.iad12.r.cloudfront.net

Software

Resource Hash

56edf8353736c7e6aaccb446b06bf20f00e48f46f00a69cd42d2b270703f8286

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

ANONYMOUS-USER-ID: ca3aa1e756401314cae60a4e07a958429e1236458d1357f0ed369e306b776f71
Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 12:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD12-P2
x-cache: Miss from cloudfront
x-xss-protection: 0
x-request-id: bcc6badb-2a8c-4a11-bc33-4b2d6290f1da
x-runtime: 0.024166
rf-endpoint: CF
referrer-policy: strict-origin-when-cross-origin
etag: W/"56edf8353736c7e6aaccb446b06bf20f"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: RF-ENDPOINT
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Accept-Encoding,Origin
x-amz-cf-id: jhB6dIbsHoOHYzJyY6uldadSTUnBoKEDQ_zDZMZxYX9oQGu-tAf_Ew==

OPTIONS
H2 200 /
conduit.redfast.com/ping/ Frame 0
0 105ms
104ms Preflight 108.138.85.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://conduit.redfast.com/ping/?device_type=web&counter=1720874148&chrome_ext=false&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.85.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-85-19.iad12.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymous-user-id
Access-Control-Request-Method: GET
Origin: https://heraldcourier.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: anonymous-user-id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: RF-ENDPOINT
access-control-max-age: 7200
content-length: 0
date: Sat, 13 Jul 2024 12:35:53 GMT
via: 1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
x-amz-cf-id: rS5hokGQHt4sNEb8zLdwlG5o7DcBxWVytdDjhQ6v7DIUI5jR23RxDA==
x-amz-cf-pop: IAD12-P2
x-cache: Miss from cloudfront

POST
H2 200 publisher:getClientId Show response
ampcid.google.ca/v1/ 3 B
369 B 1505ms
79ms XHR
application/json 209.85.144.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.ca/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.113 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f113.1e100.net

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Jul 2024 12:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://heraldcourier.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 2CB5
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-LoopMe_n-minuteMedia_bf_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_...
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-LoopMe_n-minuteMedia_bf_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_...

0
0

108ms
60ms

Document
text/html

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-LoopMe_n-minuteMedia_bf_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift_n-Outbrain&dcc=t

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://heraldcourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 422
Content-Type: text/html;charset=ISO-8859-1
Date: Sat, 13 Jul 2024 12:35:58 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: YSBRMYX805YMJMDQB07F

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sat, 13 Jul 2024 12:35:58 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-LoopMe_n-minuteMedia_bf_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift_n-Outbrain&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: TYEJ5ERK3CVBQ8GZSPY3

GET
H3

200

pd
google-bidout-d.openx.net/w/1.0/ Frame 4730
Redirect Chain

https://google-bidout-d.openx.net/w/1.0/pd?plm=5
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

0
0

52ms
51ms

Document
text/html

35.244.159.8

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://heraldcourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 451
content-type: text/html
date: Sat, 13 Jul 2024 12:36:03 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 13 Jul 2024 12:36:03 GMT
location: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
BLOB 200
OK 66c06cbd-0692-4ff0-90b0-aaf3b6d8a2d2
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/66c06cbd-0692-4ff0-90b0-aaf3b6d8a2d2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 dcl.htm Show response
rt3006.infolinks.com/action/ 0
60 B 97ms
97ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3006.infolinks.com/action/dcl.htm?rid=a3f4a3b4-343a-47b5-93ff-2754032ab09e&jsv=1936.002-3.034&capara=%7B%22error%22%3A%22ICE_HB%20was%20not%20found%20on%20window%20-%20init%20not%20fired.%22%7D
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heraldcourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 12:36:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 8a2951081de35491-YYZ
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK d4d1c5a5-9d9d-4019-8641-0703f6f5ed66
https://heraldcourier.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldcourier.com/d4d1c5a5-9d9d-4019-8641-0703f6f5ed66
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js

Domain: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/openrtb2/auction

Domain: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/openrtb2/auction

Domain: jadserve.postrelease.com
URL: https://jadserve.postrelease.com/display.js?ntv_z=native_ad_grid_v3&ntv_au=ntv547680579&ntv_m=1&ntv_url=https%3A%2F%2Fheraldcourier.com%2F&rand=661501599.2787408&us_privacy=1---

Domain: oajs.openx.net
URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fheraldcourier.com%2F&rid=esp

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240709&jk=3217362809498527&bg=!xcalxonNAAZjPzuvQz87ADQBe5WfOFzbz-fzvoFr9h7GSxmMoq8OKArXYc2AuSfqHUrfW2E0mzIuYuU0Zc3lr68XRxN5AgAAAERSAAAABGgBB34ANlMUGVD5vw1T9UVJMeQ02P2IwebfZmrMULShZ82IISHG7bz6FaJ6Ji-G1rCQqVuyDr3jiLNaaAoAESP2ajOzYmgB-w1FVcgJssu9mQLGlThr0DU1Mfd2MIBSqE3YW7wEzWtvguSi-pgtKxEh6uE8l4TguPUgrv3IEfeVhNGkNo2oOi-0dUFhOwenVZ5MM4YCuTq_5SJwIoA41_mPNY_K8eie9Feqyo9R_5pPXkAzmYSzH8rw12ITgmp1F6pPg9iCbSwUv3eF88UXWYY4g2qt91UayywHPp139PVMQ0NX254B4j7BG4jPtTcG-TBpsmCgfrKY1GXwBo8BzG-anscPOloarvjTZJcpV0JAKvqj9rOsaIT5HSQoyFAtrMS1g2Q0IOqaWv7U_9sbw5hgDL463MUhfymMlJ9GPsyt7bD2Km_VY4bmfCMsFFFABqVvLArTKZBUK0JYP67bxWzOaoDUr7jh8CixzQUGUEDg1HKu47xRpzYsI9QZdx1BDSqUQ1eYWdMFS6-NFZ3jmGPJyyNGfDfvSQjX45skTmFg8nJoC97djOSftncdYg_7t1M-4jtAE4LwOiGX4SVMqaIhbQ0lpvAwQmag_37vHloV2ImNGFIiI1YRTG4wfld-m0pt6UvVcNk_WUQ0-ioYaIbO7qNzcgLv9TPB8rIOYJkXyEROREdbhGgS7fniwyjnNiYr4TAfX3Ulhhoj0gWuQD8k85nX0vvz9Qcs4YYrAup8rYxfxPPKdWVoVx6Sep_v25CkK7CSeu21zAyFx_3O7Ol9O2wqyffIW8OGH6R6aCtSyrPMoVgp77oI50CYvc3Cmge42fVLwVdGkNOK4MdyYIzqRc7oB-agvdq503Jp8Gb7g96f4WvwqCP1NSGyy8sglh0_oiVAKYOIwMrwtkfulIj2ajzMlt5zbXSGNWuIk6bl4eQZCzmxLFzRXbdSULpwq2sDUifV2u9Rn0wRHdn5huMt6RKCOFiaUjeuNFMSAvUIIEhXV4Nj74n_YW3IeOxp2iWuwFiBG02BtKsyyjRT3nqLGHerBE2NTa0

Verdicts & Comments Add Verdict or Comment

428 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

166 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.smartadserver.com/api	1970-01-21 07:31:28	Name: pid Value: 4737642192760230770
.liadm.com/j	1970-01-21 07:37:14	Name: lidid Value: e0048f5e-8adc-4155-b6e8-ff241d54bc25
i.liadm.com/s	1970-01-20 22:44:26	Name: _li_ss Value: CjQKBQgKELEYCgUIBhCxGAoFCAwQuxgKBgiiARCxGAoFCAsQsRgKBgiLARCxGAoGCNIBELEY
.heraldcourier.com/	1970-01-21 06:46:50	Name: osano_consentmanager_uuid Value: 349fc854-0f2f-46a4-985b-71337680bb84
.heraldcourier.com/	1970-01-21 06:46:50	Name: osano_consentmanager Value: po3MgGNy1icAVPhy-ACIKpUhez54jqJarGsrfSBkdI8AIRraK_-sG1Dhrt0xFT8DMtlYIXYFZf2DQ0nw0MvWvotreVp6hVVWXWx7sePVMBut-eypncfiujtELvWZg450ciKUH8Ck0ETMwACDYO9ETEuVz6Kgjhm0LnCHSVEzA_CFXorRoyWqm9SpiXkpBQDtkzUZ7nxkssiDo9gyBqjkRNaaT-fEFWzN_xJDaomIRZTUpITkAqAkUQMZCXpyTnH2JOflmGiwP3Gh8zKRvNiQkaqTcfkFe60q9DJWes-iHoBXJ-tNNHr8rgyl8_nzoNg1Iv7aYt0HAXyyu6uu-zz25VyFd1gmFUqz44VTGeqmHIxLhk_uosi8mvTu5VJfEr88WVaHyQhVSgtPR090LE7an3hWRHs0Z6BjVtq4TxYp15ebwPk05b4t7Aou1o1cXk3kTdZ5GiKCqIfigTrZRCMW_pbDRnNugD608QI6RkZIW7c8tI0IUwmTDZwRy_Kl_j9gz9ZnQOoGqtbx_qokbLZUR0wDPUGREldOmYIkiVeEKx119AfDnYoxex8VW307XFSt-gF8MI3z3hScNQAyrSEt3dKJ0wM91rxEfKoP3EN43JNP7djNiiw-vVFba5H7j0dUMWzZSf-VYOvdxIHALOOyJWRZFteQdcvUuAHwGhHmtBFbB7mTRMqGg5kFVyeO7ajxKaynCYAZPZj0X95IT9NI3aXNiVyfARU--eqGkVJzaOL40VG-CCw6aH3Amz2nawfKaOBuYaGV0IkgS7wBJ21ee4zAkbzhzjxggbV9i3N1GZ3dB846aT5B6TKnprQ0S5VwzRiwwNI6n2mQQqN7gCbrpQgvd3X5dZp6RuoZU0EaSbOgR_Ue24uw6q0-5r46HILVBWTV0I_Icb873vrDuWj5-elL6tZwp3RWKdV1yQWkb73Srxnd1XKeOFV42CYvrF-_De7X6ieJeISIAwVUIwrTgGHaCje7whu3vExyHOEiEPm9VHoQ2iEHZEFt2rMNtDGtOVz5kRNE5ACN88V6bpxT5M5nhYw00CprLG1aOOf5vUwtZmqgZnlY_AjA4zhcDr0va-PgpP3GsrO1UdrzmxGiNIPhXLZe4lPgVuSqZNSo0S9gDhvflhjs6qrjiml0qAdA0lsFUyi-Nnw30BMzqpMgTzqaNnka56l0rJ9_2EEAdMNP8oTSYkzl5zZbPAKLbp9ImncIQC5d41gzsVrKFlHegdg3n0B40m1YYv8GClgQCVqkDrGldpW-vNM3JVBuNnlX_YCyERbW6HAm79QrrwcntU1ozi5bQFNdi_bu1AcO90N0vO3Pev71If63J0DbVF2Rl88uxrHflwy-F42sSKg9IMtN4MG3iPBoL2jLm4dZq-jmyX3DNFUXzBocw-SoC9-C03yN4Ap-SfEjO1872ELhqlzSsU0XqYqO-TRMjXbugLvN3zIulzAr6N8qDOiJmdbnZd7b9FllfRIQ1f1b0zy2tliydf12bSsX2_QwyZrwcSSd73g1wUXkqV27trHMIP7D0YoHy6_nD6xvTgoMgxa5rW5ORlDizRN8-_tJBM02RE4WkbLRS2fa8iXA7iJzwuH2LG7eHBfCwdgSnDe9Czii-5YywViK3XB7yPAWC6-BN1jEM8OwGVxZGE2MKWpF2ShqOkhYCbIhZ1AwWr7dfTcbrNsVqvvlkLQrQjsB8Q4rUXuqjPXw-eK_rYc-6Wov3-R_sUN7DduVNB6UAfEJvS2CB4fjSRZ4uoVtr3-q0dfSoU7UIcaKRmBU50QR-uiMHUWUeYvvUdxnswipx7OFlviygxB85O63_cdxNZuvSWKCogUDB5bYTUcOii28_bRU3H7DXWCe_387Pi_jbtfkm_icqqgXhYnRb7t70SfDZxirux_MBAbK2tllvs7OfqlBLupE1sHG8y0CbSNbBAB6DSabB32azNB8tH-wZ0_G3S1s8l6kq6whFpyumkddrmrfzMBlZdbcxzirYvk4YGPsNfCYV0eFnbO8uaZsTdlWcXVi_wQWI-h2AHMkRVqLyYeYDF3_NqjKLqy9utS8D25WNrA3jjvu_ky68OsAkl2Rn27FBAiS9uXn9oKIBCvmDQ2KY_ctmd4vbe4c_XySkDo1Y33_FkrvTi_EBWQihnYv2lauCsc_2lrSG2M_MEQrUUQPxRxuTgMXVBwDZBUulH5ghuffRK0SdaZLcFFN357OcEJ10oUusfipy74li_gVwV2qoIqtM6_dCC0_n2vF0QsBOV0POJEuwzffMA5uFnedlO0faVFB2O1yTIF0ZfY6Y4NORijdD4rXusenTe-azSp3zUMgSKPCkS1a7VJz6vtiY-ZOxVJFi3cCCK8X76GKFhT4c0Djfun8j266B0kVKb8O7ZBgHOxG62ehNGPOjWGdELHL50y0sKFyE-AofJSRwZ6bm4P7JN7GcPpJFkiGGF31J4scQoJjIC2QNcY7rpGz8wJ8JQZSfMAWpoQLr-LEKScDvNqNWfFj5L3D9Fjh4FbJIPAy-GfHKGIsOhpDdL_DzySJWVvPqn66zjvC4EPwcnovjoU-NPPi3WuIc1JVl3g2ZgmpE89rp3Z5-MUQmsP_De1mxHJEU-FDiIHuM6ABUyBbjmYMtjcBajnbvFGOSzxsNLFHJjFMeTswOnXF0vvd8Vqsq5gKc3PlWRgsLjALKmACJeNEGICsl-gMl3VCizBE4db60VPIdPifkUY_YBtxOP9CjwfNdAtmz0FTMZnGBFcDWfxYIbaynxZzQ9c6vdsB-vJpwFB8qL484Lr8c1rbvtCwEPuZlOA_B9SHAR2th3n9FYByg6E0lK9ccznhpTYjCb1Q5nBVuPSJidl_VbnacixaHEKHpapZwwmcbXsJ__nW_Rh9W1fenR8IZSqgpYphFNkbK_vVybxhx0e30ASulojpbKVnaddEwXbRChp2MiICf_z_0YMzXMplYCwixKDgeKJUQ_-zzIc5MMG_mwTAMqGJ7WOMRRflCUfoSyPN83EF6pJycN6bp-c5OCbyPK3OxmHQ0qatC7PCOXtPwK3P5T1vdHlnRohmKImQK5yMmAiuegngGyR0Z-Au4p7cf5mZeISKyyZFImEZkdF7ULtN_Rsq1aUMLaqRAX0uucidp7Js_Frv_ZnwZfx7ybkMHU-1OP9n0oxe25AE_MnLjVTh29Nll1cK77ZPuahpUYYKy0-BmnIm0nF4uT9EV7g0ic2BU9VetNxv4kyb0xZ33nYDAkUwKAY=
.heraldcourier.com/	1970-01-21 06:46:50	Name: _pubcid Value: d1865ff5-c4f1-4314-9893-a37f93f94876
.simpli.fi/	1970-01-21 06:48:16	Name: suid Value: F6F6A1686BFA4EB883514629F10A3B52
.adsrvr.org/	1970-01-21 06:46:50	Name: TDID Value: fa2f9952-4a23-4612-ae89-0e7a827dc96e
.heraldcourier.com/	1970-01-21 07:22:50	Name: __gads Value: ID=4f4038be00683337:T=1720874141:RT=1720874141:S=ALNI_MbTQ2IQXQh7t1Ux0eagpyL4xk3wTA
.heraldcourier.com/	1970-01-21 07:22:50	Name: __gpi Value: UID=00000e7413a6d2dd:T=1720874141:RT=1720874141:S=ALNI_MaT4E2u9_QwtLU90rBKOMN4Ftii7A
.heraldcourier.com/	1970-01-21 02:20:26	Name: __eoi Value: ID=4ee796c236f0665d:T=1720874141:RT=1720874141:S=AA-AfjYR1qhzDsxCtkZic2IvviIG
.rubiconproject.com/	1970-01-21 06:46:50	Name: khaos Value: LYK4160Z-25-BKAK
.rubiconproject.com/	1970-01-21 06:46:50	Name: khaos_p Value: LYK4160Z-25-BKAK
.doubleclick.net/	1970-01-21 07:37:14	Name: IDE Value: AHWqTUnFQgVCqgg2wG2gUpdk_QQpTAjU1KOwqBK7hNzse8IRo-AGeWrVousOZkt54rM
.crwdcntrl.net/	1970-01-21 04:30:00	Name: _cc_id Value: 6966b473bd96eb9da59a7c6f20aa20a8
.heraldcourier.com/	1970-01-21 04:30:02	Name: _cc_id Value: 6966b473bd96eb9da59a7c6f20aa20a8
.heraldcourier.com/	1970-01-20 22:02:40	Name: panoramaId_expiry Value: 1720960542134
.heraldcourier.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .heraldcourier.com
.heraldcourier.com/	1970-01-21 07:37:14	Name: _lc2_fpi Value: 3f389ea64a07--01j2p1f2hyqdvn4fpnr6aqf0mf
.heraldcourier.com/	1970-01-21 07:37:14	Name: _lc2_fpi_meta Value: {%22w%22:1720874142270}
heraldcourier.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: f6d22e52-ab0f-45d9-b865-ef6abb3b8e7b
.casalemedia.com/	1970-01-21 06:46:50	Name: CMID Value: ZpJ0n0t3uU8AAHreABaURgAA
.casalemedia.com/	1970-01-21 00:10:50	Name: CMPS Value: 097
.casalemedia.com/	1970-01-21 00:10:50	Name: CMPRO Value: 097
.heraldcourier.com/	1970-01-20 22:01:15	Name: _ml_ses Value: *
.heraldcourier.com/	1970-01-20 22:01:15	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://heraldcourier.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1720874143067%2C%22slts%22:0}
.heraldcourier.com/	1970-01-21 07:30:38	Name: _parsely_visitor Value: {%22id%22:%22pid=d2975bf6-bfa7-4e32-8338-bf608550cbf3%22%2C%22session_count%22:1%2C%22last_session_ts%22:1720874143067}
.infolinks.com/	1970-01-21 07:37:14	Name: cuid Value: c73ec044-f927-4153-baab-926897a09c1b
.infolinks.com/	1970-01-21 00:10:50	Name: IXUSERCOOKIE Value: ZpJ0n0t3uU8AAHreABaURgAA&097
.heraldcourier.com/	1970-01-21 00:10:50	Name: _fbp Value: fb.1.1720874143415.896832726107041185
.intentiq.com/	1970-01-21 07:37:14	Name: intentIQ Value: fYzo5BLKrA
.intentiq.com/	1970-01-21 07:37:14	Name: IQver Value: 1.9
.intentiq.com/	1970-01-21 07:37:14	Name: ASDT Value: 0
.intentiq.com/	1970-01-21 07:37:14	Name: CSDT Value: UEQ6MTUzMjRfMCZVSVBVWDJN
.intentiq.com/	1970-01-21 07:37:14	Name: IQPData Value: 2505576691#1720874143732#0#1720874143732
.3lift.com/	1970-01-21 00:10:50	Name: tluidp Value: 3232986166787445379140
.3lift.com/	1970-01-21 00:10:50	Name: tluid Value: 3232986166787445379140
.adkernel.com/	1969-12-31 23:59:59	Name: SSPR_40 Value: aHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vMTUybXVzP3VpZD1BMTcyNTA2MDcyMjcwMTMxNjk1OQ==
.adkernel.com/	1969-12-31 23:59:59	Name: DSP2F_40 Value: 639242
.adkernel.com/	1970-01-20 22:44:26	Name: ADKUID Value: A1725060722701316959
.infolinks.com/	1970-01-21 00:10:50	Name: TPLSERCOOKIE Value: 3232986166787445379140
.go.sonobi.com/	1970-01-20 22:44:26	Name: __uis Value: b7c67161-af68-45d0-91a7-1903458ece6b
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8694\|ZpJ0o
.liadm.com/	1970-01-21 07:37:14	Name: lidid Value: e0048f5e-8adc-4155-b6e8-ff241d54bc25
.infolinks.com/	1970-01-21 00:10:50	Name: SONOBIUSERCOOKIE Value: b7c67161-af68-45d0-91a7-1903458ece6b
.intentiq.com/	1970-01-21 07:37:14	Name: intentIQCDate Value: 1720874144437
.heraldcourier.com/	1970-01-20 22:44:26	Name: _li_ss Value: CjQKBQgKELEYCgUIBhCxGAoFCAwQuxgKBgiiARCxGAoFCAsQsRgKBgiLARCxGAoGCNIBELEY
.heraldcourier.com/	1970-01-20 22:44:26	Name: _li_ss_meta Value: {%22w%22:1720874144626%2C%22e%22:1723466144626}
.360yield.com/	1970-01-21 00:10:50	Name: tuuid Value: 372c9df0-e91a-49bf-83d0-3b0972a6e814
.360yield.com/	1970-01-21 00:10:50	Name: tuuid_lu Value: 1720874144
.infolinks.com/	1970-01-21 00:10:50	Name: EQVSERCOOKIE Value: 4737642192760230770
.infolinks.com/	1970-01-21 00:10:50	Name: IMDUSERCOOKIE Value: 372c9df0-e91a-49bf-83d0-3b0972a6e814
.the-ozone-project.com/	1970-01-20 22:01:15	Name: __cf_bm Value: XA6wc3b7GZ0H.J.MLpaSVpEWoFNXoJuzi9Gg62nHwzk-1720874144-1.0.1.1-Lwbt_Xqd8LjiqfqsvMg4_1n_kJvwEEcLTqBPrzGXuXnTyxDM._v3viv5WQ.1HreGcoyA1KFVzb4qbvVSz_jetA
.bidswitch.net/	1970-01-21 06:46:50	Name: tuuid Value: 51a0e504-2f74-4402-9bd9-54fc330008a5
.bidswitch.net/	1970-01-21 06:46:50	Name: c Value: 1720874144
.bidswitch.net/	1970-01-21 06:46:50	Name: tuuid_lu Value: 1720874145
.heraldcourier.com/	1970-01-21 06:46:50	Name: _pubcid_cst Value: 2ywILI4shg%3D%3D
.addthis.com/	1970-01-21 07:31:28	Name: na_id Value: 2024071312354512700795135110
.addthis.com/	1970-01-21 07:31:28	Name: na_tc Value: Y
.addthis.com/	1970-01-21 07:31:28	Name: uid Value: 669274a1b4fdd9f6
.addthis.com/	1970-01-21 07:31:28	Name: ouid Value: 669274a10001eb455107d76bdecc3bc137a20c65b9ace9152499
openrtb-us-east-1.axonix.com/	1970-01-20 22:44:26	Name: ax_cx Value: 43537207-4a2c-443a-800b-0eb38bde47f5
.mookie1.com/	1970-01-21 07:30:02	Name: id Value: 10595773665471071635
.mookie1.com/	1970-01-21 07:30:02	Name: mdata Value: 1\|10595773665471071635\|1720874145200
.mookie1.com/	1970-01-21 07:30:02	Name: ov Value: 7272afe7f087100047068fa0ba5fb004
.infolinks.com/	1970-01-21 00:10:50	Name: EMDOUSERCOOKIE Value: 43537207-4a2c-443a-800b-0eb38bde47f5
.dlx.addthis.com/	1970-01-20 22:44:26	Name: na_sc_x Value: 1
.adnxs.com/	1970-01-21 07:37:14	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 07:22:50	Name: uid Value: 52e85601-dd5d-4701-868f-1a9fceb8fff2
.criteo.com/	1970-01-21 07:22:50	Name: receive-cookie-deprecation Value: 1
.heraldcourier.com/	1970-01-21 07:22:50	Name: cto_bundle Value: bei8x19nRGF3ZG9pSlI3c1E1aExUaU1KZXNMSTV3TWk2RCUyRlV2VSUyRk9wVFNkYWdJald3SjdjcjlnVmRUayUyRlhpVVZzRHQlMkY5ZHJCS0ppcnpvWXZKUDBZWCUyRllJJTJCOE1NMVo1Mm5pUzNxZFY5VzUyayUyQlNJVDNEZ3ZOZHBmazZCUzFjbll0c0s4SnNxUTVoWWRHeDZReiUyRjVZWU1jdmFhN3pOcU5kWUJmbFhsbFM4ZzUxQVpVJTNE
.heraldcourier.com/	1970-01-21 06:46:50	Name: ajs_anonymous_id Value: c4c9dc3f-e908-4a37-a090-dda454d8e329
.infolinks.com/	1970-01-21 00:10:50	Name: FRWHUSERCOOKIE Value: a137f31c9cfef7e843217580a17981f5
.mathtag.com/	1970-01-21 07:27:09	Name: uuid Value: 32576692-74a2-4800-b610-6ea9fd99887a
.lijit.com/	1970-01-21 06:46:50	Name: ljt_reader Value: I-_TALZHPZg3i2cpQjmvi3rC
.infolinks.com/	1970-01-21 00:10:50	Name: QORAUSERCOOKIE Value: A1725060722701316959
.infolinks.com/	1970-01-21 00:10:50	Name: SOVRNUSERCOOKIE Value: I-_TALZHPZg3i2cpQjmvi3rC
.heraldcourier.com/	1970-01-21 07:37:14	Name: _ga_S5LKEZJN96 Value: GS1.1.1720874141.1.0.1720874146.0.0.1707540201
.heraldcourier.com/	1970-01-21 07:37:14	Name: _ga_4T2EB147B8 Value: GS1.1.1720874142.1.0.1720874146.0.0.0
.bidswitch.net/	1970-01-20 22:01:14	Name: google_push Value: AXcoOmT52smGk7xYrxq4Vb-7uFyK6UUjAXR1tGU0pJE5E2VZAg_sVi3rMnKGyx5E7-6_LJZARf9092zUbADZXxNnd3lxGA7-UwY
.mediago.io/	1970-01-21 06:46:50	Name: __mguid_ Value: d091f832f71d08602iy40200lyk419x3
.quantserve.com/	1970-01-21 07:31:28	Name: mc Value: 669274a2-ea792-ffdf9-5ed71
.media.net/	1970-01-21 00:10:50	Name: data-inf Value: setstatuscode~~41
.infolinks.com/	1970-01-21 00:10:50	Name: MNETUSERCOOKIE Value: 3638757467669161000V10
.tapad.com/	1970-01-20 23:27:38	Name: TapAd_TS Value: 1720874147363
.tapad.com/	1970-01-20 23:27:38	Name: TapAd_DID Value: 8fab2d55-cf15-480e-abf8-812c53f2806d
.tapad.com/	1970-01-20 23:27:38	Name: TapAd_3WAY_SYNCS Value: 1!4692
.infolinks.com/	1970-01-21 00:10:50	Name: TAUSERCOOKIE Value: 8fab2d55-cf15-480e-abf8-812c53f2806d
.mgid.com/	1970-01-20 22:21:23	Name: lmg_usr Value: ddc5d652-b95c-4c1b-afb1-b5fa7cb24645
.mgid.com/	1970-01-20 22:21:23	Name: lmg_r Value: 13
.infolinks.com/	1970-01-20 22:21:23	Name: MGIDUSERCOOKIE Value: ddc5d652-b95c-4c1b-afb1-b5fa7cb24645
.quantserve.com/	1970-01-21 00:10:50	Name: d Value: EAoBFAGoLLjvsQjbrxA
.infolinks.com/	1970-01-21 00:10:50	Name: QCUSERCOOKIE Value: RZhmwESaPsBeyz7FSpxylBXKOctemzqWRJ9quFQ4
.media.net/	1970-01-21 06:46:50	Name: visitor-id Value: 3638757477669119000V10
.media.net/	1970-01-20 22:21:23	Name: data-g Value: CAESEK8UJ0QaUYeDm2DGpbtzPZU~~3
.advertising.com/	1970-01-21 06:47:11	Name: A3 Value: d=AQABBKN0kmYCEJ6UpBXBZwqxUtjHeqJV4xUFEgEBAQHGk2acZiXaxyMA_eMAAA&S=AQAAAhlRUhU_Q-5t6b0b1pwNNDw
.yahoo.com/	1970-01-21 06:47:11	Name: A3 Value: d=AQABBKR0kmYCEFVKwcBbNzjwd93Wy7tSU1oFEgEBAQHGk2acZiXaxyMA_eMAAA&S=AQAAAgrB7P90qUP1J5_HbJlhL3g
.infolinks.com/	1970-01-21 00:10:50	Name: VRUSERCOOKIE Value: y-Fg8VB1JE2uLYNnsLK5lnUqLo0rKZdbwb~A
.infolinks.com/	1970-01-21 00:10:50	Name: OUTHUSERCOOKIE Value: y-s87H0VFE2uGc9K.YU7gb8kCdjm56O8J5~A
.travelaudience.com/	1970-01-21 07:31:28	Name: _tracker Value: %7B%22UUID%22%3A%22EFFBF246-2A2B-49E2-067C-F58F83A0542F%22%7D
.infolinks.com/	1970-01-21 00:10:50	Name: LOPMUSERCOOKIE Value: eff3753f-3852-42e7-a291-bae4bdbb12ad
.csync.loopme.me/	1970-01-21 00:13:42	Name: viewer_token Value: d94e31ce-b74f-46ea-8fef-a92c87a5db01
.infolinks.com/	1970-01-21 00:10:50	Name: URUSERCOOKIE Value: OPTOUT
.infolinks.com/	1970-01-21 00:10:50	Name: R1USERCOOKIE Value: OPTOUT
.33across.com/	1970-01-21 06:46:50	Name: 33x_ps Value: u%3D212715932435545%3As1%3D1720874149287%3Ats%3D1720874149287
.infolinks.com/	1970-01-21 00:10:50	Name: 33AUSERCOOKIE Value: 212715932435545
.disqus.com/	1970-01-21 06:46:50	Name: zeta-ssp-user-id Value: ua-fc6fccf1-14fd-36d7-9967-d432f490e97f
.adkernel.com/	1969-12-31 23:59:59	Name: SSPZ Value: 220412
.adkernel.com/	1969-12-31 23:59:59	Name: DSP2F_3 Value: 622821
.server.cpmstar.com/	1970-01-21 07:22:50	Name: USER_ID Value: %fbu%a6R%10o%eb%a8%efy%c7%d1%3bt%dc
.owneriq.net/	1970-01-21 07:37:14	Name: si Value: Q7741605501448502639P
.owneriq.net/	1970-01-20 22:15:38	Name: p2 Value: gguuid
.owneriq.net/	1970-01-20 22:15:38	Name: gguuid Value: 1
.rfihub.com/	1970-01-21 07:22:50	Name: rud Value: H4sIAAAAAAAA_-MSNjIwtDSwNDC2tDAxNDc1MTUyMBfiM9Q11c3PNovQTU0z9C8EAGv0x0klAAAA
.rfihub.com/	1970-01-21 07:22:50	Name: eud Value: H4sIAAAAAAAA_1slzmtobmRgYW5iaGpoZmYCAA0lC7kQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjIwtDSwNDC2tDAxNDc1MTUyMBfiM9Q11c3PNovQTU0z9C8EAGv0x0klAAAA
.infolinks.com/	1970-01-21 00:10:50	Name: ZTUSERCOOKIE Value: 2019090398417545207
.heraldcourier.com/	1970-01-21 07:37:14	Name: _ga Value: GA1.2.1138218325.1720874141
.heraldcourier.com/	1970-01-20 22:02:40	Name: _gid Value: GA1.2.1420759543.1720874152
.infolinks.com/	1970-01-21 00:10:50	Name: DISUSERCOOKIE Value: ua-fc6fccf1-14fd-36d7-9967-d432f490e97f
.heraldcourier.com/	1970-01-21 07:37:14	Name: _ml_id Value: 3e867d5c-f787-42eb-8b17-8a06ee3417ed.1720874143.1.1720874153.1720874143
gtrace.mediago.io/	1970-01-21 06:46:50	Name: cst_70 Value: ts=1720874154
.amazon-adsystem.com/	1970-01-21 07:37:14	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-21 04:18:30	Name: ad-id Value: A75OqpqZdEldgrrqURRzGnY
.zemanta.com/	1970-01-21 06:46:50	Name: zuid Value: Fd_JlYFkGy2498DnHfJg
.infolinks.com/	1970-01-21 00:10:50	Name: ZMNUSERCOOKIE Value: TDMwQOD-RZ1h-tsu3oou
.lijit.com/	1970-01-21 06:46:50	Name: ljtrtbexp Value: eJyrVjIzU7IyNDcyMrAwNje10FGyMEXjo8kbGqALGBoiC9QCAL3%2FEMc%3D
.lijit.com/	1970-01-21 06:46:50	Name: _ljtrtb_106 Value: 4737642192760230770
.storygize.net/	1970-01-21 07:37:14	Name: U Value: 27667297-dcf8-4993-87ec-fca6bd758f72
.heraldcourier.com/	1970-01-20 22:01:17	Name: AMP_TOKEN Value: %24NOT_FOUND
.creativecdn.com/	1970-01-21 06:46:50	Name: g Value: zJHe0477oK8uE0Znd4sY_1720874159501
.creativecdn.com/	1970-01-21 06:46:50	Name: ts Value: 1720874159
.infolinks.com/	1970-01-21 00:10:50	Name: OXUSERCOOKIE Value: 222b4e24-2f46-4983-882b-b017b0ecdf7a
.lijit.com/	1970-01-21 06:46:50	Name: _ljtrtb_86 Value: 7J_zxwlAAe402pIiGAHyKfX6Iw6k85-JEfDlRUQEA4E
.pubmatic.com/	1970-01-21 06:46:50	Name: KADUSERCOOKIE Value: FAA48287-89DE-4CB0-A77C-21D59DE319B8
.analytics.yahoo.com/	1970-01-21 06:46:50	Name: IDSYNC Value: "18xp~2jj0:175w~2jj0:18z8~2jj0"
.pubmatic.com/	1970-01-21 00:10:50	Name: KRTBCOOKIE_377 Value: 22918-fa2f9952-4a23-4612-ae89-0e7a827dc96e&KRTB&22926-fa2f9952-4a23-4612-ae89-0e7a827dc96e&KRTB&23031-fa2f9952-4a23-4612-ae89-0e7a827dc96e
.dotomi.com/	1970-01-20 22:01:14	Name: DotomiTest Value: 4a3bc5c93c16125f
.pubmatic.com/	1970-01-20 22:44:26	Name: KRTBCOOKIE_148 Value: 19421-uid:F6F6A1686BFA4EB883514629F10A3B52&KRTB&23486-uid:F6F6A1686BFA4EB883514629F10A3B52&KRTB&23489-uid:F6F6A1686BFA4EB883514629F10A3B52&KRTB&23539-uid:F6F6A1686BFA4EB883514629F10A3B52
.pubmatic.com/	1970-01-21 00:10:50	Name: KRTBCOOKIE_80 Value: 22987-CAESEFPfoO1cb1mO1jyBQ1RZaN0&KRTB&23025-CAESEFPfoO1cb1mO1jyBQ1RZaN0&KRTB&23386-CAESEFPfoO1cb1mO1jyBQ1RZaN0
.bidr.io/	1970-01-21 07:29:47	Name: bito Value: AAD6uE7NJOkAABQJWKHnPg
.bidr.io/	1970-01-21 07:29:47	Name: bitoIsSecure Value: ok
.lijit.com/	1970-01-21 06:46:50	Name: ljtrtb Value: eJyrVjI0MFOyUjIxNzY3MzEytDQyNzMwMjYwNzdQ0lGyAEmZe8VXVZTnODqmmhgYFXhmujt6VHqnRZh5lptlW5jqermmueQEhQa6Opq4KtUCAAhyFP4%3D
.lijit.com/	1970-01-21 06:46:50	Name: _ljtrtb_85 Value: AAD6uE7NJOkAABQJWKHnPg
.rubiconproject.com/	1970-01-21 00:10:50	Name: receive-cookie-deprecation Value: 1
.sharethrough.com/	1970-01-20 22:44:26	Name: stx_user_id Value: 5694cb45-4a64-4ac6-9520-bff18ed99810
.adsrvr.org/	1970-01-21 06:46:50	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCLiYsazM0JE9EAUSFQoGZ29vZ2xlEgsI-syZ98rQkT0QBRIXCghhcHBuZXh1cxILCM7_w5eRnoY9EAUSFQoGY2FzYWxlEgsIrNLSgMvQkT0QBRIZCgpsaXZlaW50ZW50EgsI5JCGj8vQkT0QBRIUCgV0YXBhZBILCOaNl6rL0JE9EAUSFwoIcHVibWF0aWMSCwiyj5OgzNCRPRAFEhsKDHNoYXJldGhyb3VnaBILCJCioLDM0JE9EAUYASABKAIyCwjomKPd4tCRPRAFOAFaDHNoYXJldGhyb3VnaGAC
.infolinks.com/	1970-01-21 00:10:50	Name: SHTUSERCOOKIE Value: ea9e795c-a52e-4721-bca1-092477e9688e
.ipredictive.com/	1970-01-21 06:46:50	Name: cu Value: a948ba35-714b-4315-994f-8257395b0988\|1720874161619
.rubiconproject.com/	1970-01-21 06:46:50	Name: audit_p Value: 1\|2Hg2GyP+DrqyxuymxoGjXqdFKcQ/e6f0s6MWNJDGSJrH5NJDjBcymfmkQCdsKqqDBoLnMUlSzq0wHTRO1/p4iHX0qfg68IpFQAPcN3ARK86P6sKO9OB4BxskY+13l4KFOAAwdaXPX1EnJ2V65OMFJG8SYp07d3x7qn3PXhjDfg/REvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R8PINyFRbEKpA==
.rubiconproject.com/	1970-01-21 06:46:50	Name: audit Value: 1\|2Hg2GyP+DrqyxuymxoGjXqdFKcQ/e6f0s6MWNJDGSJrH5NJDjBcymfmkQCdsKqqDBoLnMUlSzq0wHTRO1/p4iHX0qfg68IpFQAPcN3ARK86P6sKO9OB4BxskY+13l4KFOAAwdaXPX1EnJ2V65OMFJG8SYp07d3x7qn3PXhjDfg/REvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R8PINyFRbEKpA==
.turn.com/	1970-01-21 02:20:26	Name: uid Value: 7333497410514647223
.pubmatic.com/	1970-01-20 22:44:26	Name: KRTBCOOKIE_22 Value: 14911-3918151026405089824&KRTB&23150-3918151026405089824&KRTB&23527-3918151026405089824
.infolinks.com/	1970-01-21 00:10:50	Name: PUBMUSERCOOKIE Value: FAA48287-89DE-4CB0-A77C-21D59DE319B8
.infolinks.com/	1970-01-21 00:10:50	Name: KADUSERCOOKIE Value: FAA48287-89DE-4CB0-A77C-21D59DE319B8~1720881937966
.pubmatic.com/	1970-01-20 22:44:26	Name: KRTBCOOKIE_279 Value: 22890-a948ba35-714b-4315-994f-8257395b0988&KRTB&23011-a948ba35-714b-4315-994f-8257395b0988&KRTB&23355-a948ba35-714b-4315-994f-8257395b0988
.pubmatic.com/	1970-01-20 22:44:26	Name: PugT Value: 1720874162
.sundaysky.com/	1970-01-21 07:37:14	Name: sskyu Value: d6.3162396cec724a46ac26ba042fa06e33
.sundaysky.com/	1970-01-21 07:37:14	Name: sskyCreationTime Value: 1720874162196
.sundaysky.com/	1970-01-20 22:11:18	Name: sskya Value: "e2JmOnt0czoiNGdiY2MyIix0OiJuaSJ9fQ=="
.pubmatic.com/	1970-01-20 22:44:26	Name: SPugT Value: 1720874161
.ads.pubmatic.com/	1970-01-20 22:02:40	Name: KCCH Value: YES
.pubmatic.com/	1970-01-21 00:10:50	Name: chkChromeAb67Sec Value: 6
.pubmatic.com/	1970-01-20 22:02:40	Name: pi Value: 156011:4
.pubmatic.com/	1970-01-21 00:10:50	Name: DPSync3 Value: 1722038400%3A261_260_259_263_201_262%7C1721433600%3A265_252
.pubmatic.com/	1970-01-21 00:10:50	Name: SyncRTB3 Value: 1722038400%3A71_3_166_231_22_54_104_250_46_220_21_13%7C1721433600%3A223_2

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

36c6879a-4526-4abb-8e9f-4ebc04002619.redfastlabs.com
5e2aea41339c5faf8c52147b7ac78ac3.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ampcid.google.ca
ampcid.google.com
api.intentiq.com
api.segment.io
b-code.liadm.com
bcp.crwdcntrl.net
bloximages.chicago2.vip.townnews.com
bloximages.newyork1.vip.townnews.com
c.amazon-adsystem.com
cdn-ima.33across.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.parsely.com
cdn.segment.com
cdnjs.cloudflare.com
cmp.osano.com
conduit.redfast.com
config.aps.amazon-adsystem.com
connect.facebook.net
consent.api.osano.com
d-code.liadm.com
d1eoo1tco6rr5e.cloudfront.net
elb.the-ozone-project.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
heraldcourier.com
i.liadm.com
id.hadron.ad.gt
idx.liadm.com
imasdk.googleapis.com
insight.adsrvr.org
jadserve.postrelease.com
js.matheranalytics.com
lexicon.33across.com
oa.openxcdn.net
oajs.openx.net
p1.parsely.com
pagead2.googlesyndication.com
postrelease.com
resources.infolinks.com
router.infolinks.com
rp.liadm.com
rt3006.infolinks.com
s.amazon-adsystem.com
s.ntv.io
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sli.heraldcourier.com
static.criteo.net
sync.intentiq.com
tag.simpli.fi
tagan.adlightning.com
tags.crwdcntrl.net
tpc.googlesyndication.com
www.bristolnews.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.heraldcourier.com
www.i.matheranalytics.com
c.amazon-adsystem.com
elb.the-ozone-project.com
jadserve.postrelease.com
oajs.openx.net
pagead2.googlesyndication.com
104.16.132.24
104.17.25.14
104.18.35.167
104.22.52.86
104.22.53.173
107.178.250.234
108.138.128.34
108.138.85.19
108.138.85.31
108.138.85.55
108.138.85.76
108.139.29.24
13.32.151.80
13.32.208.13
142.251.163.97
142.251.179.132
15.197.193.217
157.240.229.1
157.240.229.35
172.217.197.102
172.217.197.147
172.253.115.155
172.253.63.154
172.64.144.78
172.66.41.9
172.66.42.247
172.67.23.234
173.194.66.95
18.160.10.80
18.160.51.31
18.165.81.140
18.206.4.140
18.238.49.115
18.238.58.231
192.104.182.109
192.104.183.209
209.85.144.113
209.85.144.157
209.85.201.101
209.85.201.132
23.204.206.35
23.205.106.84
23.9.164.171
34.102.146.192
34.194.161.83
34.231.175.99
34.232.93.132
34.86.110.8
35.244.159.8
35.244.193.51
44.210.250.205
52.36.224.135
52.46.128.147
52.85.131.58
52.85.132.4
54.152.53.162
54.69.251.6
64.233.180.94
74.119.117.17
74.119.117.4
99.86.191.237
99.86.229.88
0073bcbaed2733c7d61767d883b20559622bc8063219d1b70adcd6dd4dcf40fe
02b093ff331be8186a34ae0a2436d77c55fe11695eb85febe54e23f8d7eb8641
03a9f58b7c5f30ee109f720972e19fdc1929fb52c0b504ccc736849ee1986ce4
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
0857d11fef8be7a02171417365501f07d12e4d0fd4969a8ce43b9adffb7b1158
092bbd7d5b73049f15027917d9c91c79784d4c47257a868b9fba05d7ea0ede20
0b2f2a255daaa6008dab986e9c2fc346f3b68264df13b0fd579f3344b1740566
0d0fd41a302491651608058cdb5be0101ba8c7a5cdd316365227d5e81e9ff354
0d621ece174f701a9bb80e8a4db61772f79e70d59a25287cd9a63b465beb6d3a
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec
1c5dd26bf69598cf33c8355942dad58da3038d499725e46db6ca61a425676f03
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e2538ddd14fe3225b3349e4c508da448b0ac8df11ebead50b55662b2f3df076
1e261ff61b0624a4783206506ab40da86438cb9f8ed09877a4420ddbe590e18f
1f9f908f59f200c501112c39f0d97c7054013a9f0fa65cb4819cad9a0c2996b2
23b818c0a04ba607bda3fd289f22edc2079cb8166010be3e90c52f39ae51bfdf
24e5027613909b1dad1aec2026851f9c6054c205dd747fa5e36cfb4e5052c2e9
276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
29bd1f79ce6a664ac35bc5718e0852d02e0f6b54d9bb4a0794ace753c0387bcf
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2da05efa253df31f6689aae783a930ddcdd96286a96cc6aea528f6e3b9365cdd
313f39f8b90f51fd04e2708370e21674be8444df480db62d87382f85ad4e77cf
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4
3386bb5a79ff2284d6557313c0ddd06b0a64b9bfb6daf9631aaf6d2343d219cd
38c7823ee1bf6034b7896c1bf6d6ae608dbbc1ce3f4106fa9ae23cc0ef3e32f6
3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc
3dc40c1884d5c7ff9d40c64f5c2a67fea3e10a03b45f64def8a58499af2eb838
41c2df4698fc3e1ce03843c7e9e9b3ead8c59f9c7ef2f44308ab561210f5033c
42b647ee11f5a95693ab57128f473a77c34bd65c461ed87af5cadc895d9edabb
43a99c9a02c533e7ee2359abb8903d729b6cbed4fff3b2f7fddaa447bd044cc3
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
45782508a28c1f03ebbfd53a3f172c85e77877a18b612b6dd23819cdc35dc54f
4637e05cc2229f04cc819a0b12e4199db3657a3f58e5de140260b9739b65b75c
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4a2e9aea8b17986ba1a3f447b9fbe6dfae755492b579e4f073f2a62fc0f31dbb
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4dc6cd117dd4b9bbe01efb494c3608a4e7f13d8d2b2dc17ffc842e130ddec082
4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09
4eca3e5e1219540cb6a37d795dace8f26164cee214b3da3f11f2ac8897d11db1
4f1540c5087bae5e01a44549d528455d72437ff29d13e537bca45c65ec213ed0
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55c986d4797a19819c545e7ab2874ec5a1f68f19a54885b770a7344924fb7379
55fba8edf4d8a364ee5cef9a2f02a95990853247830e392216684632b131e721
56e123c58ef432205f90e32680de69bf58545e1c2e4c52adafe3840ab56468d4
56edf8353736c7e6aaccb446b06bf20f00e48f46f00a69cd42d2b270703f8286
575f40a58bfc080a1634590eea68805a8a05bbc405b715cd2c6ebda46b0d4ef7
57f295553fdda2a7f1ee0e5dab92d82f2bace1df0a781117dee1cb06eacbf891
586ec898a4756d57bd071ccfc1232a6f478fcdb125dc47068c1295b07674ef8a
59ddf97f6e2d2c730808590edffb1c8caf4569dc1f10eb24c374e445911e6841
5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387
617a958b6e0e77c84dd1bc1eace5ce12994246e0df3a9e4df6df1702b5284d05
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c47049296e192324cb54b6d01589e84904f9b8cb203dee65604d094a6b4545
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
6c99489b319b437a61fc68c8239e83a67515a7f3e86929bd3253ca29bbd31732
6de74510362de0baa1fd76663443be0c3390ae06b591d5259942f17e2045c848
700c8235489a75e48acf3e5f6d1ff5d6af1928db0722fcf96bdee5fa986e5fe3
71c8a46b4771d78ee740a13b4e09815517b4c4660de0e28e3fb1e8ad7ed3b2b3
76460f1cd530a92dcb3d35468233b10d40dcb0ea7595aceb225104e63c3b78bc
77bc87880056d395d610a69b8305f7f98288802b0fd1bf7fd31bedfba8f153ff
78520ce342da52a78713cdd653eee0638c424ffd9d8e8d5c45916401c1005bc2
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
7a075245e7a64b4a1841097d0f9485e0969a2f1124e57518afa2ecb4712cba6e
7adedc362a799da2168fec3a6b8ee1d705edbcbebb4d2fbf456af1f575a2ecae
7b2a7ea474bb545e729268b4086e221ac3d92bef399d0dcf5c57ae843378e314
7c58d825e642307da8aad2562a7a39a8103fa06f97141c6f1b5b57154b128949
7d691d2c845b42841483311725f90261e06c8f1d78cbcc8151b661da7569ed52
843804ef63035459aec71aea910682e219c447aa021dd9a1de7f74b811567520
8c78e90d7fbf3de45ee943559d21b59198773675a0a1bfaaefac4baf833ef05d
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365
8f60c8e46ff2161132091c8bdaf0628c161918a67a1d65854c21bc6bdff7eb91
8f86f7ceae6779ac38e1a7afa8a63ab2a2c34a41ce21389afd17d9cbbf167269
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
936f5a4299c7435fde1e9db72f95b51fe142f901e9fc9972395e508726b3a4ed
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
950057446e1d102583e43f28b964079f256fadd96fba877ef6c1e36f21a4b635
969049d73c12a09bb9a6091e27184db02517e3b3839a41f7ef20a7d75b796372
9b46bc1cdac4ab275468dbc876d0db1df58cb4c8e017b6c9bf30fc935e87a846
9bbdc74d56b482e8780a6eeab37492e2e10b9eaec6c8d53dc76d6bd42a7a69a2
9c447506df9ed73c4d2bab46a1477c2858588c62ac4e81606b139e04b94e3ef3
9f68267a658666b4d4376e5849b57229314e917fb9c266ccea0852fcf333e265
a13d9be17a2bfaa9d8e59c267a68d52c152ff9c17e141817732fa27ba43cb450
a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392
a5d186c4e6175d67113dc2e279617769875fb6cf3ac0ec723f5e415c6776b392
a83a1764bd6972445902cd9bb3378a8afb9300f90ee424a9c7a58ae6bb49876a
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
ae897e4b61f8f34bd4e9b4f01f8a23ff37e87316542a72b6e1096ae48e653596
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b1d5b4430af3a2762bd52b10babc5e255f43bfd695f2dceb6afa37553be8c08f
b3d3aab79895a1cf2e8359ffdee2b5d41e142484385e24863ee6b0bdcbb55454
b84963e11878bfa08c3870cefd95e4887eb4fa821b97ff1bb14f7a76a793d5c4
b93740066fadbde00a03ff560765bd25b8e9ca74f7774a4633f61ce44b332991
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc2e040a8d3f83cfa2c8f0aa3a256c7340cc166322a1f3c3819426aba6acc84f
bc8fcab474e0504e70a9f79bad0408bc15bb2404523001b492020d92d882a2b4
bf8a676a7f02c526c2946d58540257c34ef4a32ccd46787e08a031073b4ff642
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
ca074d59bfdeafce2bdd51b10da9151c68abe71c2caed53d3a250b9086e7015b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7757eb072d08d857634fe0a4997f9efe4d0c20b614f72858a0d61fe090743c
d06914f0b847d48ec24666fdd1809ccc50dee7169b29ee7c5122d0b2efe08564
d4ac3340e2709533e067e362cc21cbe323f9e77905a4377b6ec67ea7711db6b4
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d88ab89238763b0544c7baaf6c3972b810f290ed7d861884ebf08b4a6076df46
da691c9121865cc84cb038acd5c8cc3b8adcd480c4f1edeaa8bbf8acd532ee0f
de12b9657e65335caf68ac463c3525f83bb3f6fb55d44204adc23085363f60d4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e03f31f070cdf96deb44c8a8760578f65f041cdfc2f69a1b449da43ee298c326
e1516994e225310f58d83644b803fe98b3f5e085c86f746dc70b89db11bfabf0
e26560ac1cafd1b40a57a9752030456e204533d0a9de82d86988baa5c7392b07
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e15b8abb8987dc07700ca9e9f4644e22ce6b9da119a848049edafbfe5b1f7d
e88bc41dfc3e11b318a5a3eeeb403b70f98705db64962f4647a3ad2cb9083aa6
e8ad0451663eeb881d08bdaa3b843b013db8bc6e769eee80d5dcdaa9ddefd943
eaa05f83a6ff3de2d1a105f48eb1ea7e3d93d39d05ba429adf035e3a727911c0
eacc85b8852ba94518a0ae128c6b1fb5d67ebb058eb405ab051465ea3bc0081a
ec516dc31a72ec6f2d2e01d6a4e5e38d0aa7e6d4e687deaec53e772089a022cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b393f278e59fd428c7d7048df636230cb5fd29d99cff1cee4439d637e077fa
f44f6526e35f8f2595a297c9e049e8efe9159f763c1d14832ada2d66931eebf8
f4d093172db78fda9c5b40e1315a9438b3d567a57c0310dc53d6553f0559a7f8
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
feddb72b8b28f210f295fb9f9a5e9e29cebb27598c857d7720d08965e1d4e6c0
ffb4f98cfb15bbdb4c1b6412baa6a661a0d5ff356f52866f88870bf05850380d
ffead3e4f6561930d9686d5c69e2e146b59fedf602473117e42a80d3571ede95

heraldcourier.com Open in urlscan Pro 192.104.183.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

225 Requests

86 %HTTPS

0 %IPv6

42 Domains

66 Subdomains

61 IPs

2 Countries

3359 kBTransfer

11526 kBSize

166 Cookies

15 Outgoing links

Page URL History

Redirected requests

225 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

heraldcourier.com Open in urlscan Pro
192.104.183.209 Public Scan

Screenshot
Live screenshot

Full Image

225
Requests

86 %
HTTPS

0 %
IPv6

42
Domains

66
Subdomains

61
IPs

2
Countries

3359 kB
Transfer

11526 kB
Size

166
Cookies

225 HTTP transactions
3 data transactions