democratherald.com Open in urlscan Pro
192.104.182.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lebanon-express.com/
Effective URL:
https://democratherald.com/
Submission Tags: tranco_l324
Submission: On April 15 via api (April 15th 2024, 3:36:39 am UTC) from DE — Scanned from DE

Summary HTTP 86 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 86 HTTP transactions. The main IP is 192.104.182.209, located in United States and belongs to LEE-ASN, US. The main domain is democratherald.com.
TLS certificate: Issued by GTS CA 1P5 on March 23rd 2024. Valid for: 3 months.

This is the only time democratherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.104.182.109 192.104.182.109	10668 (LEE-ASN) (LEE-ASN)
1 10	192.104.182.209 192.104.182.209	10668 (LEE-ASN) (LEE-ASN)
46	104.16.133.24 104.16.133.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:26d... 2600:9000:26db:8a00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.84.198.126 52.84.198.126	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
3	18.173.187.86 18.173.187.86	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26d... 2600:9000:26db:d400:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.173.154.88 18.173.154.88	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.40 142.250.186.40	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
86	14

1 192.104.182.109 (United States) 1 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com

lebanon-express.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 192.104.182.209 (United States) 1 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com

democratherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26db:8a00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.198.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-198-126.muc50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.187.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-86.muc50.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:d400:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.154.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-88.muc50.r.cloudfront.net

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	townnews.com bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 21974	805 KB
10	democratherald.com 1 redirects democratherald.com	96 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	564 KB
5	osano.com cmp.osano.com — Cisco Umbrella Rank: 5218	123 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2592	71 KB
2	gstatic.com www.gstatic.com	13 KB
1	google.de ampcid.google.de — Cisco Umbrella Rank: 100361	370 B
1	google.com ampcid.google.com — Cisco Umbrella Rank: 3229	441 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	21 KB
1	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 311	74 KB
1	lebanon-express.com 1 redirects lebanon-express.com	101 B
86	11

	Domain	Requested by
46	bloximages.chicago2.vip.townnews.com	democratherald.com bloximages.chicago2.vip.townnews.com
10	democratherald.com	1 redirects democratherald.com
6	www.googletagmanager.com	democratherald.com cmp.osano.com
5	cmp.osano.com	democratherald.com cmp.osano.com
3	tagan.adlightning.com	democratherald.com cmp.osano.com
2	www.gstatic.com	democratherald.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	www.google-analytics.com	cmp.osano.com
1	c.amazon-adsystem.com	democratherald.com
1	lebanon-express.com	1 redirects
86	11

This site contains links to these domains. Also see Links.

Domain
subscriberservices.lee.net
placement.memoriams.com
www.stringr.com
autos.democratherald.com
www.google.com
www.sciofire.org
www.powerford.com
www.gazettetimes.com
www.lebanon-express.com
www.democratherald.com
lee.net
bloxcms.com
bloxdigital.com

Subject Issuer	Validity	Valid
democratherald.com GTS CA 1P5	`2024-03-23` - `2024-06-21`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1	`2024-03-12` - `2025-04-12`	a year	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-07-08` - `2024-08-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://democratherald.com/
Frame ID: C5CA8EB446E6D17CAE190CB969B60D6B
Requests: 86 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: A5126ADA7BD659921115B6A79A1A1D53
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Albany Democrat-Herald | Breaking News| | Read Albany, OR and Oregon breaking news. Get latest news, events and information on Oregon sports, weather, entertainment and lifestyles.

Page URL History Show full URLs

http://lebanon-express.com/ HTTP 307
https://lebanon-express.com/ HTTP 301
https://democratherald.com/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

86
Requests

86 %
HTTPS

50 %
IPv6

11
Domains

11
Subdomains

14
IPs

3
Countries

1766 kB
Transfer

5169 kB
Size

1
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://subscriberservices.lee.net/subscriberservices/Content/paymentpagesingle.aspx?Domain=democratherald.com&SubscriberLevel=DOP&Return=https%3A%2F%2Fdemocratherald.com%2F#tracking-source=header&ir=true
Title: Subscribe $1 for 3 months

Search URL Search Domain Scan URL

URL: https://placement.memoriams.com/AlbanyDemocrat-Herald/Obituary/?utm_campaign=consumerdirect&utm_source=lee&utm_medium=np_s&utm_content=democratherald
Title: Share a story

Search URL Search Domain Scan URL

URL: https://www.stringr.com/xlEMW8wAzbW
Title: Share video

Search URL Search Domain Scan URL

URL: https://subscriberservices.lee.net/subscriberservices/Content/AccountStatus.aspx?Domain=democratherald.com
Title: My Subscription

Search URL Search Domain Scan URL

URL: https://autos.democratherald.com/

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//Po%20Box%201%2BScio%2BOR%2B97374
Title: Po Box 1, Scio, OR 97374

Search URL Search Domain Scan URL

URL: http://www.sciofire.org/
Title: Website

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//1107%20N%20Coast%20Hwy%2BNewport%2BOR%2B97365
Title: 1107 N Coast Hwy, Newport, OR 97365

Search URL Search Domain Scan URL

URL: http://www.powerford.com/index.htm
Title: Website

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//P.O.%20BOX%201083%2BCorvallis%2BOR%2B97339
Title: P.O. BOX 1083, Corvallis, OR 97339

Search URL Search Domain Scan URL

URL: http://www.gazettetimes.com/sports/beavers-sports
Title: Beavers Sports

Search URL Search Domain Scan URL

URL: http://www.gazettetimes.com/
Title: Corvallis Gazette-Times

Search URL Search Domain Scan URL

URL: http://www.lebanon-express.com/
Title: Lebanon Express

Search URL Search Domain Scan URL

URL: http://www.gazettetimes.com/online_features/
Title: Online Features

Search URL Search Domain Scan URL

URL: http://www.democratherald.com/app/images/advertising/rate-cards/ratecard.pdf
Title: Advertising Rates

Search URL Search Domain Scan URL

URL: http://lee.net/careers/opportunities/?utm_source=newspaper&utm_medium=blox&utm_campaign=workhere
Title: Work here

Search URL Search Domain Scan URL

URL: https://lee.net/advertise/tos/
Title: Advertising Terms of Use

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://bloxdigital.com/
Title: bloxdigital.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lebanon-express.com/ HTTP 307
https://lebanon-express.com/ HTTP 301
https://democratherald.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://democratherald.com/tncms/tracking/business/block/?i=c89a830c-6609-5bb2-b863-033b715353b8,92e696f5-14e6-5efc-8a9f-07d8a0838a35,ae04e627-3ffa-5297-bdb2-e84d6b22f5f1, HTTP 302
https://democratherald.com/_services/v1/client_captcha/challenge?request=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE3MTMxNTI0OTUsImlhdCI6MTcxMzE1MjE5NSwicmVkaXJlY3QiOiIvdG5jbXMvdHJhY2tpbmcvYnVzaW5lc3MvYmxvY2svP2k9Yzg5YTgzMGMtNjYwOS01YmIyLWI4NjMtMDMzYjcxNTM1M2I4LDkyZTY5NmY1LTE0ZTYtNWVmYy04YTlmLTA3ZDhhMDgzOGEzNSxhZTA0ZTYyNy0zZmZhLTUyOTctYmRiMi1lODRkNmIyMmY1ZjEsIiwic2VydmljZSI6Il9sYl9yYXRlX2ZvcmVpZ24iLCJzaXRlIjoiZGVtb2NyYXRoZXJhbGQuY29tIn0.H0RcQ7IBdKc4wlNk5tShh4NqIEzZ72beEalVzuW9U8E

86 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
democratherald.com/
Redirect Chain

http://lebanon-express.com/
https://lebanon-express.com/
https://democratherald.com/

476 KB
55 KB

509ms
241ms

Document
text/html

192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.182.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.chicago2.vip.townnews.com

Software

Resource Hash

8e0f17e1025030186fe22c812defa110babe03657af3a2cbbdee46fc6b923df1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 5127
cache-control: public, max-age=10
content-encoding: gzip
content-length: 53636
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 15 Apr 2024 02:11:05 GMT
etag: W/6a1d346fc6be756ab2cd5994b027ea4f
last-modified: Mon, 15 Apr 2024 02:11:05 GMT
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.76.0; app21; 0.77s; 5.6M
x-ua-compatible: IE=edge
x-vcache: HIT
x-xrds-location: https://democratherald.com/tncms/xrds/
x-xss-protection: 1; mode=block

Redirect headers

cache-control: public, max-age=86400
content-length: 0
date: Mon, 15 Apr 2024 03:36:32 GMT
location: https://democratherald.com/

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
34 KB 369ms
148ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2793404
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e609f2-1882c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45b9c789ba0-FRA
expires: Thu, 13 Mar 2025 19:21:47 GMT

GET
H2 200 user.js Show response
democratherald.com/shared-content/art/tncms/user/ 3 KB
2 KB 147ms
145ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://democratherald.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:33:54 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 15:34:13 GMT
x-vcache: HIT
age: 158
etag: W/"660ec875-c46"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1437
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 362ms
141ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 275999
cross-origin-resource-policy: cross-origin
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45b9c779ba0-FRA
expires: Thu, 13 Mar 2025 16:43:58 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 33 KB
13 KB 300ms
79ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2793403
cross-origin-resource-policy: cross-origin
last-modified: Wed, 21 Feb 2024 21:20:34 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66922-841f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45b2c3f9ba0-FRA
expires: Thu, 13 Mar 2025 19:21:47 GMT

GET
H2 200 tnt.ee95c0b6f1daceb31bf5ef84353968c6.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 11 KB
4 KB 299ms
78ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1698635
cross-origin-resource-policy: cross-origin
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-2d77"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45b2c409ba0-FRA
expires: Thu, 13 Mar 2025 19:28:18 GMT

GET
H2 200 application.3c64d611e594b45dd35b935162e79d85.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 367ms
146ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 275999
cross-origin-resource-policy: cross-origin
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-1102"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45b9c7d9ba0-FRA
expires: Thu, 13 Mar 2025 15:38:06 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
905 B 357ms
137ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2793403
cross-origin-resource-policy: cross-origin
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-9b8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45b9c7c9ba0-FRA
expires: Thu, 13 Mar 2025 18:04:22 GMT

GET
H2 200 bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 300ms
80ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2793404
cross-origin-resource-policy: cross-origin
last-modified: Wed, 21 Feb 2024 21:20:32 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66920-1ac2e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45b2c3c9ba0-FRA
expires: Thu, 13 Mar 2025 19:21:47 GMT

GET
H2 200 layout.5bce7eb56c23d79d6ab89ab093c281ea.css
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 154 KB
28 KB 356ms
136ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.5bce7eb56c23d79d6ab89ab093c281ea.css

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d19fa38b5a5d309d4616cdeabd3bc17f6320cf7fb4172e9195e26c5bd22b69e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 479293
cross-origin-resource-policy: cross-origin
last-modified: Wed, 03 Apr 2024 13:42:55 GMT
x-vcache: MISS
server: cloudflare
etag: W/"660d5cdf-26643"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45b2c3d9ba0-FRA
expires: Wed, 09 Apr 2025 14:01:43 GMT

GET
H2 200 lee.ds.css
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ 97 KB
17 KB 301ms
81ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1712905229

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54acdadb35598b38fb51076dee4b5c2fcc7d6afb2e1b69f89bf8a38d871e556b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 244225
cross-origin-resource-policy: cross-origin
last-modified: Fri, 12 Apr 2024 07:00:29 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6618dc0d-184f3"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45b2c379ba0-FRA
expires: Sat, 12 Apr 2025 07:06:27 GMT

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 297ms
77ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2793403
cross-origin-resource-policy: cross-origin
last-modified: Wed, 21 Feb 2024 21:20:37 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66925-183e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45b2c389ba0-FRA
expires: Thu, 13 Mar 2025 18:04:22 GMT

GET
H2 200 owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 5 KB
1 KB 296ms
76ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b93740066fadbde00a03ff560765bd25b8e9ca74f7774a4633f61ce44b332991

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2802018
cross-origin-resource-policy: cross-origin
last-modified: Wed, 21 Feb 2024 21:20:37 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66925-12c4"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45b2c399ba0-FRA
expires: Thu, 13 Mar 2025 15:40:17 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 407 KB
88 KB 270ms
178ms Script
application/javascript 2600:9000:26db:8a00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:8a00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

7c3dd71e488780e2b4deb361906f9f252dad9bfbc04900b826bf090e5b5be420

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
content-encoding: br
via: 1.1 2dd902cd86ee8f22d66046533880d3e8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: MUC50-P3
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88992
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Apr 2024 19:48:14 GMT
server: CloudFront
etag: "4a863f129d779f8e797bdcea4e3c5401"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: zCxGO35ftJaiM-U1TeSB4RhvdxdvVfF3zNsTbjHNrdutf1VwLqIWeg==

GET
H2 200 access.d7adebba498598b0ec2c.js Show response
democratherald.com/shared-content/art/tncms/api/ 70 KB
29 KB 147ms
146ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://democratherald.com/shared-content/art/tncms/api/access.d7adebba498598b0ec2c.js
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Origin: https://democratherald.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:35:55 GMT
content-encoding: gzip
last-modified: Tue, 02 Apr 2024 13:48:15 GMT
x-vcache: HIT
age: 38
etag: W/"660c0c9f-1164b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 29242
service-worker-allowed: /

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 298 KB
74 KB 141ms
49ms Script
application/javascript 52.84.198.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.198.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-198-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 02:43:45 GMT
content-encoding: gzip
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront), 1.1 37efbeb485d6113a0b2df63b2f651402.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2024 15:16:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MUC50-P5
age: 3169
x-amz-server-side-encryption: AES256
etag: W/"4f9091ca1740c69dd8d2e945b57ade3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: LV73ZxsrOHcMOQpsayj2kCnBIl2ofO_7gF_xj9c3GQQnXguUdYoGtw==

GET
H2 200 democratherald.com.v2.js Show response
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/ 1 KB
616 B 467ms
248ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/democratherald.com.v2.js?_dc=1713147065

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac2a2c07e9f50abf3c0bcd1b80336df238efd56ffbc399b8a9cee0aa7dd7b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
last-modified: Tue, 12 Mar 2024 19:18:49 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65f0aa99-46f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45b9c7e9ba0-FRA
expires: Tue, 15 Apr 2025 03:36:33 GMT

GET
H2 200 owl.carousel.50dc41fa734414148ce4b489fd904c5f.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 41 KB
11 KB 302ms
83ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/owl.carousel.50dc41fa734414148ce4b489fd904c5f.js

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3386bb5a79ff2284d6557313c0ddd06b0a64b9bfb6daf9631aaf6d2343d219cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2802015
cross-origin-resource-policy: cross-origin
last-modified: Wed, 21 Feb 2024 21:20:35 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66923-a55f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45b2c3e9ba0-FRA
expires: Thu, 13 Mar 2025 15:40:17 GMT

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 38ms
38ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2802325
cross-origin-resource-policy: cross-origin
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-dbe"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45cdcff9ba0-FRA
expires: Thu, 13 Mar 2025 15:38:07 GMT

GET
H2 200 tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
2 KB 39ms
39ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2793403
cross-origin-resource-policy: cross-origin
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-1baf"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45cdd009ba0-FRA
expires: Thu, 13 Mar 2025 18:04:22 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 144ms
56ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 13:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 567521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3945
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Apr 2025 13:57:53 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
9 KB 145ms
57ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 01:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8653
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Apr 2025 01:10:34 GMT

GET
H2 200 messaging.js Show response
democratherald.com/shared-content/art/tncms/api/ 2 KB
1 KB 158ms
157ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://democratherald.com/shared-content/art/tncms/api/messaging.js
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:33:13 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 15:34:13 GMT
x-vcache: HIT
age: 200
etag: W/"660ec875-9cb"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 885
service-worker-allowed: /

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 207 B
260 B 364ms
145ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2793402
cross-origin-resource-policy: cross-origin
last-modified: Wed, 21 Feb 2024 21:20:36 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66924-cf"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45b9c7b9ba0-FRA
expires: Thu, 13 Mar 2025 18:04:22 GMT

GET
H2 200 tracking.js Show response
democratherald.com/shared-content/art/tncms/ 3 KB
1 KB 293ms
292ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://democratherald.com/shared-content/art/tncms/tracking.js
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:33:54 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 15:34:13 GMT
x-vcache: HIT
age: 158
etag: W/"660ec875-a3a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1157
service-worker-allowed: /

GET
H2 200 prebid8.39.0.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 260 KB
79 KB 403ms
184ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/prebid8.39.0.js?_dc=1710174502

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c447506df9ed73c4d2bab46a1477c2858588c62ac4e81606b139e04b94e3ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2802325
cross-origin-resource-policy: cross-origin
last-modified: Mon, 11 Mar 2024 16:28:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65ef3126-40e18"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45b9c7a9ba0-FRA
expires: Thu, 13 Mar 2025 15:38:06 GMT

GET
H2 200 lee.common.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ 9 KB
3 KB 359ms
140ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/lee.common.js?_dc=1712905229

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2008966819bb51e24bb6cbf82ef28efeb4d678e20c3b61fc02bb5d45b45e74e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 246353
cross-origin-resource-policy: cross-origin
last-modified: Fri, 12 Apr 2024 07:00:29 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6618dc0d-2459"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45b9c799ba0-FRA
expires: Sat, 12 Apr 2025 07:05:41 GMT

GET
H2 200 fontawesome.568f3d1ab17b33ce05854081baadadac.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 268 KB
98 KB 62ms
61ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.568f3d1ab17b33ce05854081baadadac.js

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2802325
cross-origin-resource-policy: cross-origin
last-modified: Wed, 21 Feb 2024 21:20:34 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66922-43130"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45cfd129ba0-FRA
expires: Thu, 13 Mar 2025 16:55:46 GMT

GET
H2 200 tracker.js Show response
democratherald.com/shared-content/art/stats/common/ 9 KB
3 KB 294ms
293ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://democratherald.com/shared-content/art/stats/common/tracker.js
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:32:46 GMT
content-encoding: gzip
last-modified: Tue, 09 Apr 2024 20:00:11 GMT
x-vcache: HIT
age: 226
etag: W/"66159e4b-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 77f60d1c-381f-11ec-896b-83aba96013e0.png
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/custom/image/ 5 KB
5 KB 104ms
100ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/custom/image/77f60d1c-381f-11ec-896b-83aba96013e0.png

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9611b3effeae4872a95f3a4620e5be2b35b5c61af16a3d0ae9a197f1d877b74

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 2802325
cf-polished: origFmt=png, origSize=5736
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="77f60d1c-381f-11ec-896b-83aba96013e0.webp"
content-length: 4970
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Oct 2021 18:47:14 GMT
server: cloudflare
x-vcache: MISS
etag: "617af032-1668"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8748e45bac849ba0-FRA
expires: Thu, 13 Mar 2025 15:38:06 GMT

GET
H2 200 user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ 978 B
1 KB 48ms
48ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 1979255
cf-polished: origFmt=png, origSize=3610
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="user_no_avatar.webp"
content-length: 978
cf-bgj: imgq:85,h2pri
last-modified: Thu, 02 Apr 2015 21:53:54 GMT
server: cloudflare
x-vcache: MISS
etag: "551dba72-e1a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8748e45cfd149ba0-FRA
expires: Sat, 22 Mar 2025 23:19:26 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/leeenterprises/ 15 KB
7 KB 180ms
53ms Script
application/javascript 18.173.187.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/op.js
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-86.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 455366da943213aaaeab2c41c15fee94b115a07720f811aca8d0c5dd267826d5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: nv6paUxL._U.njq7e7vANs2T_C_cOENq
content-encoding: gzip
via: 1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
date: Mon, 15 Apr 2024 03:32:59 GMT
x-amz-cf-pop: MUC50-P4
age: 1091
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6577
x-amz-meta-git_commit: 904ac2d
last-modified: Sun, 14 Apr 2024 23:59:01 GMT
server: AmazonS3
etag: "bdab6f468cb766dfaa55b5eb5a412d86"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: AYa12s8WxeGNHEoDk18GC1dXtBukFP26zyocOBI5cpySYl4_f4jqYw==

GET
H2 200 democratherald.com.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/ 1 KB
429 B 89ms
88ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/democratherald.com.js?_dc=1710174502

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58517e014b1eeea18720ea6a8b99d533429519353f2654200aab406d1b190013

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2793401
cross-origin-resource-policy: cross-origin
last-modified: Mon, 11 Mar 2024 16:28:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65ef3126-5b9"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45bbc8c9ba0-FRA
expires: Thu, 13 Mar 2025 18:04:22 GMT

GET
H2 200 dfp.lazy.ozone.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 17 KB
4 KB 38ms
38ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/dfp.lazy.ozone.js?_dc=1710174502

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3be4062dcffa71f30502d5aa870b05c34c7a494a44cb1cf2aaed563bb76ec97a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2802325
cross-origin-resource-policy: cross-origin
last-modified: Mon, 11 Mar 2024 16:28:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65ef3126-451b"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45c8cd69ba0-FRA
expires: Thu, 13 Mar 2025 16:44:02 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 244 KB
82 KB 155ms
65ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba5c6c108f4ad44c395e3e1d7ee3a8181181ef6d2ea850aae2d1651eb29d1df2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84029
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Apr 2024 03:36:34 GMT

GET
BLOB 200
OK 7f915862-5657-402b-9dad-f27cd5db8306
https://democratherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://democratherald.com/7f915862-5657-402b-9dad-f27cd5db8306
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 tracker.gif
democratherald.com/shared-content/art/stats/common/ 0
145 B 169ms
169ms Image
image/gif 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://democratherald.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=171315219410377077016001200679430993925&tnms_dt=Albany%20Democrat-Herald%20%7C%20Breaking%20News%7C%20%7C%20Read%20Albany%2C%20OR%20and%20Oregon%20breaking%20news.%20Get%20latest%20news%2C%20events%20and%20information%20on%20Oregon%20sports%2C%20weather%2C%20entertainment%20and%20lifestyles.&tnms_upage=1&tnms_do=democratherald.com&tnms_uri=/&tnms_ref=&rt=1713152194104
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
x-vcache: MISS
age: 0
etag: "48f79fed-0"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
BLOB 200
OK 7310b907-babd-412d-9071-bcf0c1ef58ff
https://democratherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://democratherald.com/7310b907-babd-412d-9071-bcf0c1ef58ff
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 6c2fe775-82e5-4b2e-8e4d-dd8b9107225e
https://democratherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://democratherald.com/6c2fe775-82e5-4b2e-8e4d-dd8b9107225e
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 77f60d1c-381f-11ec-896b-83aba96013e0.png
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/custom/image/ 5 KB
0 0ms
0ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/custom/image/77f60d1c-381f-11ec-896b-83aba96013e0.png
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9611b3effeae4872a95f3a4620e5be2b35b5c61af16a3d0ae9a197f1d877b74

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
cf-cache-status: HIT
age: 2802325
cf-polished: origFmt=png, origSize=5736
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="77f60d1c-381f-11ec-896b-83aba96013e0.webp"
content-length: 4970
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Oct 2021 18:47:14 GMT
server: cloudflare
x-vcache: MISS
etag: "617af032-1668"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8748e45bac849ba0-FRA
expires: Thu, 13 Mar 2025 15:38:06 GMT

GET
H2 200 user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ 978 B
0 0ms
0ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
cf-cache-status: HIT
age: 1979255
cf-polished: origFmt=png, origSize=3610
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="user_no_avatar.webp"
content-length: 978
cf-bgj: imgq:85,h2pri
last-modified: Thu, 02 Apr 2015 21:53:54 GMT
server: cloudflare
x-vcache: MISS
etag: "551dba72-e1a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8748e45cfd149ba0-FRA
expires: Sat, 22 Mar 2025 23:19:26 GMT

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 85cba808-140a-4e39-b3a8-7626d4ba56a6
https://democratherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://democratherald.com/85cba808-140a-4e39-b3a8-7626d4ba56a6
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 serif-ds.woff2
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 26 KB
26 KB 221ms
74ms Font
application/font-woff2 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/serif-ds.woff2

Requested by

Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1712905229

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1712905229
Origin: https://democratherald.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 2165295
cross-origin-resource-policy: cross-origin
content-length: 26164
last-modified: Tue, 12 Mar 2024 18:40:26 GMT
x-vcache: MISS
server: cloudflare
etag: "65f0a19a-6634"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8748e45eacfdbbbb-FRA
expires: Thu, 13 Mar 2025 15:34:06 GMT

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 77f60d1c-381f-11ec-896b-83aba96013e0.png
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/custom/image/ 5 KB
0 0ms
0ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/custom/image/77f60d1c-381f-11ec-896b-83aba96013e0.png
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9611b3effeae4872a95f3a4620e5be2b35b5c61af16a3d0ae9a197f1d877b74

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:33 GMT
cf-cache-status: HIT
age: 2802325
cf-polished: origFmt=png, origSize=5736
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="77f60d1c-381f-11ec-896b-83aba96013e0.webp"
content-length: 4970
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Oct 2021 18:47:14 GMT
server: cloudflare
x-vcache: MISS
etag: "617af032-1668"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8748e45bac849ba0-FRA
expires: Thu, 13 Mar 2025 15:38:06 GMT

GET
H2 200 b-904ac2d-fa24dc02.js Show response
tagan.adlightning.com/leeenterprises/ 71 KB
26 KB 72ms
72ms Script
application/javascript 18.173.187.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-86.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e2538ddd14fe3225b3349e4c508da448b0ac8df11ebead50b55662b2f3df076

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 20 Feb 2024 14:48:04 GMT
content-encoding: gzip
via: 1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
x-amz-version-id: JpQLJZlJiYH0ImTqvWyHuV_7GTPKKRiJ
x-amz-cf-pop: MUC50-P4
age: 4711711
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26202
x-amz-meta-git_commit: 904ac2d
last-modified: Tue, 20 Feb 2024 14:47:48 GMT
server: AmazonS3
etag: "7a41b7e2b9e4a0f06ee27698e5b7b752"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: _1fetExAYHdhDJZuqN-nX6xdHHaizdE5ZfqkAvDMYQmoXBiLR89QLA==

GET
H2 200 bl-1918c9e-ce8a4fb0.js Show response
tagan.adlightning.com/leeenterprises/ 91 KB
38 KB 83ms
82ms Script
application/javascript 18.173.187.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/bl-1918c9e-ce8a4fb0.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-86.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c28851e461db14990f6e74be12dcee8004e3c2658a175d315f84759bb0221679

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 00:04:30 GMT
content-encoding: gzip
via: 1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
x-amz-version-id: fFjw0wHvSaZA12wzcvk7pilbnVVV4fFq
x-amz-cf-pop: MUC50-P4
age: 12725
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 38519
x-amz-meta-git_commit: 1918c9e
last-modified: Sun, 14 Apr 2024 23:58:39 GMT
server: AmazonS3
etag: "0efff208ae65ce8580b8b448ad34dd65"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: nSFe3YuV3KDa3yFe3t1mBBsxKy-mIypU6lzCQa0H0-OmHxxTB30Zfg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 581 KB
145 KB 145ms
145ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ff935902351dc0f959c9c43a94e82f7e3a5ba6b58759b4315537d9281090ab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148438
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Apr 2024 03:36:34 GMT

GET
H2 200 /
cmp.osano.com/ Frame A512 0
0 184ms
43ms Document
text/html 2600:9000:26db:d400:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:d400:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://democratherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 10307
alt-svc: h3=":443"; ma=86400
content-encoding: gzip
content-type: text/html
date: Mon, 15 Apr 2024 00:44:48 GMT
etag: W/"48a0e738f84f45eb10ccd17ff6e09429"
last-modified: Tue, 06 Feb 2024 18:00:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
x-amz-cf-id: zDNWMXSoWXeVAxxS8eVcdG9mUpNU1u9yC7pHLa0ljc54uyFdMF0fCw==
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: POJv8cLnvurN8PIkBGZX7_kfH6.eePMP
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 osano-ui.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 101 KB
25 KB 75ms
74ms Script
application/javascript 2600:9000:26db:8a00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano-ui.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:8a00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1c75500024a3c8c767aafcfe7f9855172d55a13fb1abcb1c05d3995be3d49e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: As3ysBYQWWdJs69iKKfGN_62d3DGFpJ2
content-encoding: br
via: 1.1 2dd902cd86ee8f22d66046533880d3e8.cloudfront.net (CloudFront)
date: Sun, 14 Apr 2024 04:33:26 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: MUC50-P3
age: 83140
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Apr 2024 19:48:09 GMT
server: AmazonS3
etag: W/"ff8096ae05cd6a95a5fe55d5a39057f7"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=86400, no-transform, public
x-amz-cf-id: x9WiYLM9xKOCpXhkvapZSiqRpvwVxlm8FcH-D8ycSLUYrIDOxnsgAw==

GET
H3 200 de.json Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 31 KB
10 KB 8ms
8ms XHR
application/json 18.173.154.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/de.json

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.173.154.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-88.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e16763a0552a1cadd3c2225e18ff241a47c1e95e001eae3e6abc682e96ee3744

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://democratherald.com/
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 6CQrhzZoeFGHU.a.DOWF4k5Ig9UDV.PL
content-encoding: gzip
via: 1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
date: Sun, 14 Apr 2024 06:43:26 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: MUC50-P3
age: 75237
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Apr 2024 19:48:10 GMT
server: AmazonS3
etag: W/"b4bd683b93fbd2241af81a911cc41c73"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400, no-transform, public
x-amz-cf-id: vzNzGcex_jAKNpABa9g1pR2lltAjfiGznTCdN6piQ-KQV01r88ud2w==

OPTIONS
H3 200 de.json
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ Frame 0
0 496ms
405ms Preflight 18.173.154.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

18.173.154.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-88.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://democratherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 15 Apr 2024 03:36:35 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
x-amz-cf-id: U_n4q_7-Rpv86jFTx0y_KgLTeisrUuHqUrLh9RMhlG0qElXRkJhg7g==
x-amz-cf-pop: MUC50-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 elections_light.png
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 1 KB
2 KB 79ms
78ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/elections_light.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2032bc49e7d6fd3f29f4e141353f8152fc44ce8b23e2c3b4fd4a6c572292286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1712905229
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 34752
cf-polished: origFmt=png, origSize=3065
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="elections_light.webp"
content-length: 1490
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Apr 2024 07:00:29 GMT
server: cloudflare
x-vcache: MISS
etag: "6614e78d-bf9"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8748e45eadc09ba0-FRA
expires: Fri, 11 Apr 2025 00:05:38 GMT

GET
BLOB 200
OK 8f56f539-4ab0-4374-a9eb-d5c703e967c8
https://democratherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://democratherald.com/8f56f539-4ab0-4374-a9eb-d5c703e967c8
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 6619486d02899.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/2/b6/2b69ae29-7f5e-521b-a768-80a32e055f80/ 33 KB
33 KB 86ms
84ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/2/b6/2b69ae29-7f5e-521b-a768-80a32e055f80/6619486d02899.preview.jpg?crop=1231%2C692%2C0%2C29&resize=750%2C422&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fddd2ed73572baeb3831eaac01ff205faf623df9d7aae4d6359d054e45a0ab93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 34752
cf-polished: qual=85, origFmt=jpeg, origSize=34559
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="6619486d02899.webp"
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Apr 2024 14:42:53 GMT
server: cloudflare
x-vcache: MISS
etag: "d8afd273c95841fc7c5913a9a85eabdc"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45eddd29ba0-FRA
expires: Mon, 14 Apr 2025 13:35:03 GMT

GET
H2 200 6619f82798983.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/0/9c/09ce1900-f920-11ee-b179-6b73111ed48c/ 12 KB
12 KB 80ms
78ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/0/9c/09ce1900-f920-11ee-b179-6b73111ed48c/6619f82798983.preview.jpg?crop=1763%2C992%2C0%2C91&resize=300%2C169&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

449a67275ac4fcd1b665053f5a238970e5d343945f587bdb8449e58e24c0902f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 34752
cf-polished: origSize=12364, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 13 Apr 2024 03:12:39 GMT
server: cloudflare
x-vcache: MISS
etag: "ae400efb3f040910b96b0b26871ac1d2"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45eddd49ba0-FRA
expires: Sun, 13 Apr 2025 20:08:22 GMT

GET
H2 200 64bacdedd9124.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/2/e2/2e26464c-f6b9-11ee-b9ac-57c0cbd83649/ 5 KB
5 KB 74ms
73ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/2/e2/2e26464c-f6b9-11ee-b9ac-57c0cbd83649/64bacdedd9124.preview.jpg?crop=752%2C423%2C0%2C204&resize=300%2C169&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

396ca2636486b58db2de9b053351ff677ae8eb0e796b0878c305f99d6c36b856

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 34752
cf-polished: qual=85, origFmt=jpeg, origSize=5459
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="64bacdedd9124.webp"
content-length: 4748
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Apr 2024 21:36:10 GMT
server: cloudflare
x-vcache: MISS
etag: "06c20d32ba9032fdda8d3f6bba07c2de"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8748e45eddd59ba0-FRA
expires: Sun, 13 Apr 2025 19:20:44 GMT

GET
H2 200 6618df6c8b5ec.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/8/aa/8aa1cdee-f833-11ee-8ec5-8b932d6a6d40/ 7 KB
7 KB 75ms
74ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/8/aa/8aa1cdee-f833-11ee-8ec5-8b932d6a6d40/6618df6c8b5ec.preview.jpg?crop=1763%2C992%2C0%2C91&resize=300%2C169&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

001625a85ac9e2a1f653050ca30a99b5b7190f63fa95c7dbd00217f029709478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 34752
cf-polished: qual=85, origFmt=jpeg, origSize=7535
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="6618df6c8b5ec.webp"
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Apr 2024 07:14:52 GMT
server: cloudflare
x-vcache: MISS
etag: "43e45bc1c5b29665504911166d1944c8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45eddd69ba0-FRA
expires: Sun, 13 Apr 2025 13:59:06 GMT

GET
H2 200 648cf813d1889.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/0/14/014d12ac-f864-11ee-bdf2-a3e9c68ed393/ 8 KB
8 KB 73ms
72ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/0/14/014d12ac-f864-11ee-bdf2-a3e9c68ed393/648cf813d1889.preview.jpg?crop=640%2C360%2C0%2C60&resize=300%2C169&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3aa684f3f61f7763aec38dac34a5e14daf7ac2117b88717194efa0e871d516d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 34752
cf-polished: origSize=8324, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Apr 2024 00:31:30 GMT
server: cloudflare
x-vcache: MISS
etag: "52bfd4b3540ff849d6a2a72761421d9c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45eddd79ba0-FRA
expires: Sun, 13 Apr 2025 13:22:32 GMT

GET
H2 200 66199f9ac080f.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/1/bb/1bb83052-f861-11ee-8fa7-371e98051a3f/ 11 KB
12 KB 76ms
75ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/1/bb/1bb83052-f861-11ee-8fa7-371e98051a3f/66199f9ac080f.preview.jpg?crop=1027%2C578%2C80%2C285&resize=300%2C169&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b101b3a310fb8f194c2c2ac068a7d732b22035cc7603e422d400bf001bdb6521

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 9937
cf-polished: degrade=85, origSize=13993, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 11552
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Apr 2024 20:54:51 GMT
server: cloudflare
x-vcache: MISS
etag: "3d59e75459f5d3089acd73c9b89000ea"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8748e45eddd89ba0-FRA
expires: Sun, 13 Apr 2025 13:15:26 GMT

GET
H2 200 6618de7900353.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/6/42/6426a7a0-f899-11ee-94dd-5f5453c52dec/ 11 KB
11 KB 84ms
83ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/6/42/6426a7a0-f899-11ee-94dd-5f5453c52dec/6618de7900353.preview.jpg?crop=1763%2C992%2C0%2C91&resize=300%2C169&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2afe3c5e7763199810359b9e0611d556c2a8bc624dbd7916b518b509fb122822

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 126404
cf-polished: origSize=11506, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 11303
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Apr 2024 07:10:49 GMT
server: cloudflare
x-vcache: MISS
etag: "8dc7c05c9c92af4b3806251f56845378"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8748e45eddda9ba0-FRA
expires: Sun, 13 Apr 2025 12:08:14 GMT

GET
H2 200 66187ed124b98.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/d/be/dbe74486-f793-11ee-80d4-7f283e78aa50/ 17 KB
17 KB 80ms
79ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/d/be/dbe74486-f793-11ee-80d4-7f283e78aa50/66187ed124b98.preview.jpg?crop=1429%2C804%2C255%2C11&resize=400%2C225&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

410798d1975918972fa414505ce0a4be520f05c965818b4980a8d9cc4f957b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 34752
cf-polished: origSize=17333, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Apr 2024 00:22:41 GMT
server: cloudflare
x-vcache: MISS
etag: "75e10b50de14364764c5661851a4cf95"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45edddb9ba0-FRA
expires: Sat, 12 Apr 2025 19:13:53 GMT

GET
H2 200 66199f9ac080f.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/1/bb/1bb83052-f861-11ee-8fa7-371e98051a3f/ 17 KB
17 KB 77ms
76ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6249f52961d95bfe0c57d7f1d2d5fb84d3a0e5e496ff7180c65488762dce718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 34753
cf-polished: qual=85, origFmt=jpeg, origSize=19739
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="66199f9ac080f.webp"
content-length: 17634
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Apr 2024 20:54:51 GMT
server: cloudflare
x-vcache: MISS
etag: "70272acd185e0b39ece9ae7384ffdf3c"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8748e45edddc9ba0-FRA
expires: Sun, 13 Apr 2025 12:14:03 GMT

GET
H2 200 6619f82798983.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/0/9c/09ce1900-f920-11ee-b179-6b73111ed48c/ 19 KB
19 KB 81ms
80ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3116e6545664afd49bbea1c908f0716a5aaf7a51ace680fa7ff52ba7ee7f870a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 34753
cf-polished: origSize=19513, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 13 Apr 2024 03:12:39 GMT
server: cloudflare
x-vcache: MISS
etag: "51071237caab747f672d783930a592ec"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e45eddde9ba0-FRA
expires: Sun, 13 Apr 2025 19:16:03 GMT

GET
BLOB 200
OK f044c5c3-20a9-4483-80c8-e82d67f4801e
https://democratherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://democratherald.com/f044c5c3-20a9-4483-80c8-e82d67f4801e
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK cbfeb077-28f5-4401-af62-ecaac2eb0cb7
https://democratherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://democratherald.com/cbfeb077-28f5-4401-af62-ecaac2eb0cb7
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 48f36b95-ff69-46d9-ad2c-a1a2b7287e98
https://democratherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://democratherald.com/48f36b95-ff69-46d9-ad2c-a1a2b7287e98
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 66ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 Apr 2024 01:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6506
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 15 Apr 2024 03:48:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 192 KB
68 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90bf2153c9c77b5789f35faa8fb517b225f84670d550a0d24f43d6f05cd52b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69833
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Apr 2024 03:36:34 GMT

GET
BLOB 200
OK ca36202e-3035-44db-812f-b325a4ec871b
https://democratherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://democratherald.com/ca36202e-3035-44db-812f-b325a4ec871b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 51893e7f-8a69-4f28-bd94-3d962667472d
https://democratherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://democratherald.com/51893e7f-8a69-4f28-bd94-3d962667472d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 262 KB
75 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f37b0bbdbf7d3a3c0fdbb40c9551ac3c90bdbc35de36a8d4f6291b472b11ee9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76856
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Apr 2024 03:36:34 GMT

GET
H2 200 icon.ico
democratherald.com/content/tncms/site/ 1 KB
2 KB 108ms
108ms Other
image/x-icon 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://democratherald.com/content/tncms/site/icon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 8c3bb297e9cc36c7653352198db7e81eaef176567954ca83b1a5fbe3fe1bd35e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 20:02:15 GMT
last-modified: Fri, 21 Aug 2009 20:37:40 GMT
x-vcache: HIT
age: 27259
etag: "4a8f0594-57e"
content-type: image/x-icon
cache-control: public, max-age=43200
accept-ranges: bytes
content-length: 1406

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
97 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X3VDDNG4PY&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a2338c81d9e398885adcd944faf0aedf4997b125552638d7c3c0bacdf863432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99577
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 Apr 2024 03:36:34 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
441 B 50ms
15ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://democratherald.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
BLOB 200
OK 20ed1a60-8b18-41db-981e-a811a823a3b3
https://democratherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://democratherald.com/20ed1a60-8b18-41db-981e-a811a823a3b3
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 65a379345c42c.image.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/1/3a/13ad4f11-67e2-522e-9d52-d580176cf1d3/ 25 KB
25 KB 17ms
16ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/1/3a/13ad4f11-67e2-522e-9d52-d580176cf1d3/65a379345c42c.image.jpg?crop=640%2C360%2C0%2C33&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f85ea6bbf47eb48229ea163737e1549060baf00f4ba96cf2a52558aff51154f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 34753
cf-polished: origSize=25557, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Sun, 14 Jan 2024 06:03:32 GMT
server: cloudflare
x-vcache: MISS
etag: "957ff8767a6cc9e7497af8f704dea09f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e460ef389ba0-FRA
expires: Mon, 14 Apr 2025 15:36:51 GMT

GET
H2 200 661b66f6a8bb1.preview.png
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/1/41/14165de8-46ce-555f-82e4-7738a6671c43/ 43 KB
43 KB 20ms
19ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/1/41/14165de8-46ce-555f-82e4-7738a6671c43/661b66f6a8bb1.preview.png?crop=620%2C349%2C0%2C0&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e261ff61b0624a4783206506ab40da86438cb9f8ed09877a4420ddbe590e18f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 34752
cf-polished: origFmt=png, origSize=76405
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="661b66f6a8bb1.webp"
cf-bgj: imgq:85,h2pri
last-modified: Sun, 14 Apr 2024 05:17:42 GMT
server: cloudflare
x-vcache: MISS
etag: "5ae041289fbb3a0b3fd8c5c15ea2037b"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e460ef3a9ba0-FRA
expires: Mon, 14 Apr 2025 08:32:56 GMT

GET
H2 200 66187a35c49f2.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/d/45/d4591dcc-f85e-11ee-a96b-8bae80c5f60d/ 12 KB
12 KB 23ms
22ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/d/45/d4591dcc-f85e-11ee-a96b-8bae80c5f60d/66187a35c49f2.preview.jpg?crop=1440%2C810%2C0%2C75&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60892d7e7ecaf1df08330da66c77aa24c38e716131298390fcb19f9753849d5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 34753
cf-polished: qual=85, origFmt=jpeg, origSize=12814
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="66187a35c49f2.webp"
content-length: 12206
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Apr 2024 00:03:02 GMT
server: cloudflare
x-vcache: MISS
etag: "ef7867d59a5ae102485056908885b0d2"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8748e460ef3b9ba0-FRA
expires: Sun, 13 Apr 2025 20:53:37 GMT

GET
H2 200 6610d7b120cbf.image.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/f/81/f81f0ae4-6da3-5398-89b0-774993393f1d/ 25 KB
25 KB 18ms
18ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/f/81/f81f0ae4-6da3-5398-89b0-774993393f1d/6610d7b120cbf.image.jpg?crop=640%2C360%2C0%2C24&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

921c1303b5e7f52681dae234de9df4dd54cd98704672d6be7526d241ced0a2df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 34752
cf-polished: origSize=25546, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 25432
cf-bgj: imgq:85,h2pri
last-modified: Sat, 06 Apr 2024 05:03:45 GMT
server: cloudflare
x-vcache: MISS
etag: "5d932a9b9fd1617d68bf3c397cdfc558"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8748e460ef3c9ba0-FRA
expires: Sun, 13 Apr 2025 12:35:45 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 279 KB
95 KB 17ms
16ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8eacd585901b705f27b75a376951f4fb8a1c0d4f80248084ce3296d441530141

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97298
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 Apr 2024 03:36:34 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
370 B 147ms
15ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Apr 2024 03:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://democratherald.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2

200

challenge
democratherald.com/_services/v1/client_captcha/
Redirect Chain

https://democratherald.com/tncms/tracking/business/block/?i=c89a830c-6609-5bb2-b863-033b715353b8,92e696f5-14e6-5efc-8a9f-07d8a0838a35,ae04e627-3ffa-5297-bdb2-e84d6b22f5f1,
https://democratherald.com/_services/v1/client_captcha/challenge?request=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE3MTMxNTI0OTUsImlhdCI6MTcxMzE1MjE5NSwicmVkaXJlY3QiOiIvdG5jbXMvdHJhY2tpbmcvYnV...

3 KB
3 KB

109ms
108ms

Ping
text/html

192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://democratherald.com/_services/v1/client_captcha/challenge?request=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE3MTMxNTI0OTUsImlhdCI6MTcxMzE1MjE5NSwicmVkaXJlY3QiOiIvdG5jbXMvdHJhY2tpbmcvYnVzaW5lc3MvYmxvY2svP2k9Yzg5YTgzMGMtNjYwOS01YmIyLWI4NjMtMDMzYjcxNTM1M2I4LDkyZTY5NmY1LTE0ZTYtNWVmYy04YTlmLTA3ZDhhMDgzOGEzNSxhZTA0ZTYyNy0zZmZhLTUyOTctYmRiMi1lODRkNmIyMmY1ZjEsIiwic2VydmljZSI6Il9sYl9yYXRlX2ZvcmVpZ24iLCJzaXRlIjoiZGVtb2NyYXRoZXJhbGQuY29tIn0.H0RcQ7IBdKc4wlNk5tShh4NqIEzZ72beEalVzuW9U8E
Protocol: H2
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: fc35b79029e5aa48e768a8219fe80b88e18155adeb3c64b24e8293e5e1d8006f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://democratherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Apr 2024 03:36:35 GMT
cache-control: no-cache
age: 0
content-length: 3340
content-type: text/html; charset=utf-8

Redirect headers

location: /_services/v1/client_captcha/challenge?request=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE3MTMxNTI0OTUsImlhdCI6MTcxMzE1MjE5NSwicmVkaXJlY3QiOiIvdG5jbXMvdHJhY2tpbmcvYnVzaW5lc3MvYmxvY2svP2k9Yzg5YTgzMGMtNjYwOS01YmIyLWI4NjMtMDMzYjcxNTM1M2I4LDkyZTY5NmY1LTE0ZTYtNWVmYy04YTlmLTA3ZDhhMDgzOGEzNSxhZTA0ZTYyNy0zZmZhLTUyOTctYmRiMi1lODRkNmIyMmY1ZjEsIiwic2VydmljZSI6Il9sYl9yYXRlX2ZvcmVpZ24iLCJzaXRlIjoiZGVtb2NyYXRoZXJhbGQuY29tIn0.H0RcQ7IBdKc4wlNk5tShh4NqIEzZ72beEalVzuW9U8E
date: Mon, 15 Apr 2024 03:36:35 GMT
cache-control: no-cache, no-store
content-length: 17

GET
H2 200 65bbbf047b9a3.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/2/1e/21e908b0-c117-11ee-8e2e-6ff56ed6817f/ 10 KB
10 KB 30ms
30ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/2/1e/21e908b0-c117-11ee-8e2e-6ff56ed6817f/65bbbf047b9a3.preview.jpg?crop=356%2C200%2C22%2C0&resize=356%2C200&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c54f715edf9249bf772aff639099ea986b918174090c7974ec35accb8b3ec9f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:35 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 1405641
cf-polished: qual=85, origFmt=jpeg, origSize=11204
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="65bbbf047b9a3.webp"
content-length: 9938
cf-bgj: imgq:85,h2pri
last-modified: Thu, 01 Feb 2024 15:55:48 GMT
server: cloudflare
x-vcache: MISS
etag: "d56915123b9d111a0ee16b4936f8e40e"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8748e4666a7c9ba0-FRA
expires: Thu, 13 Mar 2025 19:55:11 GMT

GET
H2 200 65dd7e8101924.image.png
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/4/4c/44c1c523-3b61-5877-9a37-f05e3ffa56ea/ 85 KB
85 KB 31ms
30ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/4/4c/44c1c523-3b61-5877-9a37-f05e3ffa56ea/65dd7e8101924.image.png?crop=600%2C338%2C0%2C31&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c36f795e3725cc63308f0ccdd6cbe4472f1ddec1ad5c8acfb3c1dc0257896ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:35 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 500175
cf-polished: origFmt=png, origSize=110407
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="65dd7e8101924.webp"
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Feb 2024 06:17:38 GMT
server: cloudflare
x-vcache: MISS
etag: "ef865a2c45259274f4e7b8ecd0109dba"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e4666a7d9ba0-FRA
expires: Fri, 04 Apr 2025 05:26:44 GMT

GET
H2 200 64c0abe3e21ed.image.png
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/f/29/f296f229-a311-5b92-ad0e-24c7fe62a927/ 15 KB
15 KB 455ms
454ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/f/29/f296f229-a311-5b92-ad0e-24c7fe62a927/64c0abe3e21ed.image.png?crop=600%2C338%2C0%2C31&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f65079c7844584bf156ebb99949a883280f65cc817eab327c170d766c2a4fa5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:35 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=18498
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="64c0abe3e21ed.webp"
content-length: 15462
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Jul 2023 05:15:16 GMT
server: cloudflare
x-vcache: MISS
etag: "890ca208d27e479ae4133d55f8323302"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8748e4666a7e9ba0-FRA
expires: Sun, 16 Mar 2025 05:17:15 GMT

GET
H2 200 6581352736a6f.image.png
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/f/75/f755d9fe-8904-5d66-ab3e-79272d0f6d05/ 82 KB
82 KB 128ms
128ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/f/75/f755d9fe-8904-5d66-ab3e-79272d0f6d05/6581352736a6f.image.png?crop=600%2C338%2C0%2C31&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a99245df61a2a7eb3b0e69dee8ec6c5f1f33d51f2e58b24ec67ffff2929b4a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://democratherald.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 03:36:35 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=109875
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="6581352736a6f.webp"
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Dec 2023 06:16:08 GMT
server: cloudflare
x-vcache: MISS
etag: "0c82c2a272254f2268ceb9e8b4968356"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8748e4666a7f9ba0-FRA
expires: Thu, 03 Apr 2025 05:31:31 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.democratherald.com/	1970-01-20 19:52:35	Name: AMP_TOKEN Value: %24NOT_FOUND

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampcid.google.com
ampcid.google.de
bloximages.chicago2.vip.townnews.com
c.amazon-adsystem.com
cmp.osano.com
democratherald.com
lebanon-express.com
tagan.adlightning.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
104.16.133.24
142.250.186.40
18.173.154.88
18.173.187.86
192.104.182.109
192.104.182.209
2600:9000:26db:8a00:3:b7e:8940:93a1
2600:9000:26db:d400:3:b7e:8940:93a1
2a00:1450:4001:80b::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::200e
52.84.198.126
001625a85ac9e2a1f653050ca30a99b5b7190f63fa95c7dbd00217f029709478
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a
1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec
1c75500024a3c8c767aafcfe7f9855172d55a13fb1abcb1c05d3995be3d49e6d
1e2538ddd14fe3225b3349e4c508da448b0ac8df11ebead50b55662b2f3df076
1e261ff61b0624a4783206506ab40da86438cb9f8ed09877a4420ddbe590e18f
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
2afe3c5e7763199810359b9e0611d556c2a8bc624dbd7916b518b509fb122822
2ff935902351dc0f959c9c43a94e82f7e3a5ba6b58759b4315537d9281090ab7
3116e6545664afd49bbea1c908f0716a5aaf7a51ace680fa7ff52ba7ee7f870a
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4
3386bb5a79ff2284d6557313c0ddd06b0a64b9bfb6daf9631aaf6d2343d219cd
396ca2636486b58db2de9b053351ff677ae8eb0e796b0878c305f99d6c36b856
3be4062dcffa71f30502d5aa870b05c34c7a494a44cb1cf2aaed563bb76ec97a
410798d1975918972fa414505ce0a4be520f05c965818b4980a8d9cc4f957b76
449a67275ac4fcd1b665053f5a238970e5d343945f587bdb8449e58e24c0902f
455366da943213aaaeab2c41c15fee94b115a07720f811aca8d0c5dd267826d5
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09
54acdadb35598b38fb51076dee4b5c2fcc7d6afb2e1b69f89bf8a38d871e556b
58517e014b1eeea18720ea6a8b99d533429519353f2654200aab406d1b190013
5f85ea6bbf47eb48229ea163737e1549060baf00f4ba96cf2a52558aff51154f
60892d7e7ecaf1df08330da66c77aa24c38e716131298390fcb19f9753849d5b
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
7c36f795e3725cc63308f0ccdd6cbe4472f1ddec1ad5c8acfb3c1dc0257896ba
7c3dd71e488780e2b4deb361906f9f252dad9bfbc04900b826bf090e5b5be420
8a2338c81d9e398885adcd944faf0aedf4997b125552638d7c3c0bacdf863432
8c3bb297e9cc36c7653352198db7e81eaef176567954ca83b1a5fbe3fe1bd35e
8e0f17e1025030186fe22c812defa110babe03657af3a2cbbdee46fc6b923df1
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365
8eacd585901b705f27b75a376951f4fb8a1c0d4f80248084ce3296d441530141
90bf2153c9c77b5789f35faa8fb517b225f84670d550a0d24f43d6f05cd52b90
921c1303b5e7f52681dae234de9df4dd54cd98704672d6be7526d241ced0a2df
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9c447506df9ed73c4d2bab46a1477c2858588c62ac4e81606b139e04b94e3ef3
a2032bc49e7d6fd3f29f4e141353f8152fc44ce8b23e2c3b4fd4a6c572292286
a6249f52961d95bfe0c57d7f1d2d5fb84d3a0e5e496ff7180c65488762dce718
a99245df61a2a7eb3b0e69dee8ec6c5f1f33d51f2e58b24ec67ffff2929b4a3a
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
ac2a2c07e9f50abf3c0bcd1b80336df238efd56ffbc399b8a9cee0aa7dd7b01b
adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e
b101b3a310fb8f194c2c2ac068a7d732b22035cc7603e422d400bf001bdb6521
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b3aa684f3f61f7763aec38dac34a5e14daf7ac2117b88717194efa0e871d516d
b93740066fadbde00a03ff560765bd25b8e9ca74f7774a4633f61ce44b332991
b9611b3effeae4872a95f3a4620e5be2b35b5c61af16a3d0ae9a197f1d877b74
ba5c6c108f4ad44c395e3e1d7ee3a8181181ef6d2ea850aae2d1651eb29d1df2
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
c2008966819bb51e24bb6cbf82ef28efeb4d678e20c3b61fc02bb5d45b45e74e
c28851e461db14990f6e74be12dcee8004e3c2658a175d315f84759bb0221679
c54f715edf9249bf772aff639099ea986b918174090c7974ec35accb8b3ec9f0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
d19fa38b5a5d309d4616cdeabd3bc17f6320cf7fb4172e9195e26c5bd22b69e1
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e16763a0552a1cadd3c2225e18ff241a47c1e95e001eae3e6abc682e96ee3744
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f37b0bbdbf7d3a3c0fdbb40c9551ac3c90bdbc35de36a8d4f6291b472b11ee9e
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f65079c7844584bf156ebb99949a883280f65cc817eab327c170d766c2a4fa5f
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
fc35b79029e5aa48e768a8219fe80b88e18155adeb3c64b24e8293e5e1d8006f
fddd2ed73572baeb3831eaac01ff205faf623df9d7aae4d6359d054e45a0ab93

democratherald.com Open in urlscan Pro 192.104.182.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

86 %HTTPS

50 %IPv6

11 Domains

11 Subdomains

14 IPs

3 Countries

1766 kBTransfer

5169 kBSize

1 Cookies

19 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

democratherald.com Open in urlscan Pro
192.104.182.209 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

86 %
HTTPS

50 %
IPv6

11
Domains

11
Subdomains

14
IPs

3
Countries

1766 kB
Transfer

5169 kB
Size

1
Cookies

86 HTTP transactions
2 data transactions