democratherald.com Open in urlscan Pro
192.104.182.209 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://democratherald.com/
Submission: On November 26 via api (November 26th 2024, 12:01:50 am UTC) from US — Scanned from DE

Summary HTTP 80 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 8 domains to perform 80 HTTP transactions. The main IP is 192.104.182.209, located in United States and belongs to LEE-ASN, US. The main domain is democratherald.com.
TLS certificate: Issued by WR1 on October 9th 2024. Valid for: 3 months.

This is the only time democratherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	192.104.182.209 192.104.182.209	10668 (LEE-ASN) (LEE-ASN)
45	104.16.133.24 104.16.133.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223c:6600:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.3.93 108.138.3.93	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
3	18.245.31.96 18.245.31.96	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:9c00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.66.102.13 18.66.102.13	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
80	13

11 192.104.182.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.us-midwest-1.vip.tn-cloud.net

democratherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:6600:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.3.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-93.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.245.31.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-96.fra56.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:9c00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.102.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-13.fra56.r.cloudfront.net

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	townnews.com bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 26052	883 KB
11	democratherald.com democratherald.com	90 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	629 KB
5	osano.com cmp.osano.com — Cisco Umbrella Rank: 5209	129 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2835	117 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	186 KB
2	gstatic.com www.gstatic.com	12 KB
1	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 347	85 KB
80	8

	Domain	Requested by
45	bloximages.chicago2.vip.townnews.com	democratherald.com bloximages.chicago2.vip.townnews.com
11	democratherald.com	democratherald.com
6	www.googletagmanager.com	democratherald.com cmp.osano.com
5	cmp.osano.com	democratherald.com cmp.osano.com
3	tagan.adlightning.com	democratherald.com cmp.osano.com
2	securepubads.g.doubleclick.net	cmp.osano.com
2	www.gstatic.com	democratherald.com
1	c.amazon-adsystem.com	democratherald.com
80	8

This site contains links to these domains. Also see Links.

Domain
subscriberservices.lee.net
gazettetimes.obituaries.com
www.stringr.com
autos.democratherald.com
www.google.com
www.gazettetimes.com
www.lebanon-express.com
www.democratherald.com
lee.net
bloxcms.com
bloxdigital.com

Subject Issuer	Validity	Valid
democratherald.com WR1	`2024-10-09` - `2025-01-07`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1	`2024-03-12` - `2025-04-12`	a year	crt.sh
*.osano.com Amazon RSA 2048 M02	`2024-09-17` - `2025-10-16`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M03	`2024-11-19` - `2025-12-18`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M02	`2024-07-30` - `2025-08-27`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://democratherald.com/
Frame ID: 90E6025F6DC0589D82F9EC7E228D7A90
Requests: 74 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: D8A1730947BB8AF66E07F30B05A923C6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Albany Democrat-Herald | Breaking News| | Read Albany, OR and Oregon breaking news. Get latest news, events and information on Oregon sports, weather, entertainment and lifestyles.

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

80
Requests

94 %
HTTPS

33 %
IPv6

8
Domains

8
Subdomains

13
IPs

3
Countries

2130 kB
Transfer

6044 kB
Size

1
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://subscriberservices.lee.net/subscriberservices/Content/paymentpagesingle.aspx?Domain=democratherald.com&SubscriberLevel=DOP&Return=https%3A%2F%2Fdemocratherald.com%2F#tracking-source=header&ir=true
Title: Subscribe $1 for 3 months

Search URL Search Domain Scan URL

URL: https://gazettetimes.obituaries.com/?utm_campaign=consumerdirect&utm_source=lee&utm_medium=np_s&utm_content=gazettetimes
Title: Share a story

Search URL Search Domain Scan URL

URL: https://www.stringr.com/xlEMW8wAzbW
Title: Share video

Search URL Search Domain Scan URL

URL: https://subscriberservices.lee.net/subscriberservices/Content/PaymentPagePromo.aspx?Domain=democratherald.com
Title: Gift Subscriptions

Search URL Search Domain Scan URL

URL: https://subscriberservices.lee.net/subscriberservices/Content/AccountStatus.aspx?Domain=democratherald.com
Title: My Subscription

Search URL Search Domain Scan URL

URL: https://autos.democratherald.com/

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//38757%20Highway%20226%2BScio%2BOR%2B97374
Title: 38757 Highway 226, Scio, OR 97374

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//351%20W%20PINE%20STREET%2BSWEET%20HOME%2BOR%2B97386
Title: 351 W PINE STREET, SWEET HOME, OR 97386

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//5335%20Sw%20Meadows%20Rd%20Ste%20190%2BLake%20Oswego%2BOR%2B97035
Title: 5335 Sw Meadows Rd Ste 190, Lake Oswego, OR 97035

Search URL Search Domain Scan URL

URL: http://www.gazettetimes.com/sports/beavers-sports
Title: Beavers Sports

Search URL Search Domain Scan URL

URL: http://www.gazettetimes.com/
Title: Corvallis Gazette-Times

Search URL Search Domain Scan URL

URL: http://www.lebanon-express.com/
Title: Lebanon Express

Search URL Search Domain Scan URL

URL: http://www.gazettetimes.com/online_features/
Title: Online Features

Search URL Search Domain Scan URL

URL: http://www.democratherald.com/app/images/advertising/rate-cards/ratecard.pdf
Title: Advertising Rates

Search URL Search Domain Scan URL

URL: http://lee.net/careers/opportunities/?utm_source=newspaper&utm_medium=blox&utm_campaign=workhere
Title: Work here

Search URL Search Domain Scan URL

URL: https://lee.net/advertise/tos/
Title: Advertising Terms of Use

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://bloxdigital.com/
Title: bloxdigital.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
democratherald.com/ 371 KB
50 KB 696ms
146ms Document
text/html 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.182.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.us-midwest-1.vip.tn-cloud.net

Software

Resource Hash

03df57a5603209dbaa243fc27aea0a73b23f2980e4a004a8ad5bddcca4c0e003

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 4790
cache-control: public, max-age=10
content-encoding: gzip
content-length: 49276
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 25 Nov 2024 22:41:45 GMT
etag: W/2e730e8e250d737a32897107442240d6
last-modified: Mon, 25 Nov 2024 22:41:44 GMT
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.0758030105fdd3a70dff03f4da4530e2.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.83.2; app6; 0.63s; 4.8M
x-ua-compatible: IE=edge
x-vcache: HIT
x-xrds-location: https://democratherald.com/tncms/xrds/
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
38 KB 563ms
170ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"60e609f2-1882c"
expires: Thu, 13 Mar 2025 19:21:47 GMT
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: application/x-javascript
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ad9efc444f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38456
server: cloudflare

GET
H2 200 user.js Show response
democratherald.com/shared-content/art/tncms/user/ 4 KB
2 KB 292ms
288ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://democratherald.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: 8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"6740ec95-ee3"
age: 39
accept-ranges: bytes
content-length: 1658
date: Tue, 26 Nov 2024 00:00:56 GMT
last-modified: Fri, 22 Nov 2024 20:41:57 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
13 KB 674ms
288ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5d726a23-9bd8"
expires: Tue, 24 Jun 2025 11:10:11 GMT
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: application/x-javascript
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ada181544f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12719
server: cloudflare

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 33 KB
14 KB 674ms
289ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"671917af-841f"
expires: Fri, 07 Nov 2025 08:40:21 GMT
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: application/x-javascript
last-modified: Wed, 23 Oct 2024 15:35:11 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ada181344f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14189
server: cloudflare

GET
H2 200 tnt.ee95c0b6f1daceb31bf5ef84353968c6.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 11 KB
4 KB 670ms
284ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6734b374-2d77"
expires: Fri, 21 Nov 2025 04:06:30 GMT
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Nov 2024 14:11:00 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ada181b44f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4260
server: cloudflare

GET
H2 200 application.0758030105fdd3a70dff03f4da4530e2.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 673ms
288ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.0758030105fdd3a70dff03f4da4530e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f4049e8923ddb3b759697aebae3d69181b42fa677abba4d875f4a1ba7beff89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6707d183-1166"
expires: Wed, 15 Oct 2025 19:01:05 GMT
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: application/x-javascript
last-modified: Thu, 10 Oct 2024 13:07:15 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ada181444f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1636
server: cloudflare

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
1 KB 668ms
283ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"667d97d2-9b8"
expires: Thu, 03 Jul 2025 14:00:04 GMT
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: application/x-javascript
last-modified: Thu, 27 Jun 2024 16:48:18 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ada181844f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 910
server: cloudflare

GET
H2 200 bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
21 KB 555ms
170ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"666b3497-1ac2e"
expires: Tue, 24 Jun 2025 11:53:52 GMT
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: text/css
last-modified: Thu, 13 Jun 2024 18:04:07 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ad9efbe44f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21439
server: cloudflare

GET
H2 200 layout.4f2008879f13ddd758050a76c1e8672c.css
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 155 KB
34 KB 636ms
252ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.4f2008879f13ddd758050a76c1e8672c.css

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

252904bb838e1fb52a44c23792b4f5395783fae0ce1e9fa1d02f307c7657d1b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f1b7c5-26de1"
expires: Wed, 01 Oct 2025 19:01:08 GMT
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: text/css
last-modified: Mon, 23 Sep 2024 18:47:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ad9efc044f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34470
server: cloudflare

GET
H2 200 lee.ds.css
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ 98 KB
20 KB 555ms
171ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1730880032

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

962f88b62b18780a0b6cf19d5d529db54986db8635f6db5d778a5f3b76a6e78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"672b2220-187ab"
expires: Thu, 06 Nov 2025 08:06:26 GMT
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: text/css
last-modified: Wed, 06 Nov 2024 08:00:32 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ad9efbf44f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20739
server: cloudflare

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 896ms
511ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66925-183e"
expires: Thu, 13 Mar 2025 18:04:22 GMT
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: text/css
last-modified: Wed, 21 Feb 2024 21:20:37 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ad9efbc44f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1979
server: cloudflare

GET
H2 200 owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 5 KB
1 KB 634ms
251ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b93740066fadbde00a03ff560765bd25b8e9ca74f7774a4633f61ce44b332991

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66925-12c4"
expires: Thu, 13 Mar 2025 15:40:17 GMT
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: text/css
last-modified: Wed, 21 Feb 2024 21:20:37 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ad9efbd44f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1376
server: cloudflare

GET
H2 200 osano.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 426 KB
91 KB 1032ms
241ms Script
application/javascript 2600:9000:223c:6600:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

22df440276ff65997f69631be302f9a7f9385225b82a5b2ad1ae1818ba7cb019

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

content-encoding: br
etag: "0ca2090488ecdcb36890cce853a22c25"
age: 4644
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: kHAtdwRtvI3_wVOZlEarsKroih9iPDERrnRsCYuEsxq1FGvN_WedrA==
date: Mon, 25 Nov 2024 22:44:12 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 11 Nov 2024 20:14:44 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
content-length: 92656
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P2
server: CloudFront

GET
H2 200 csrf.js Show response
democratherald.com/shared-content/art/tncms/api/ 940 B
763 B 238ms
216ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://democratherald.com/shared-content/art/tncms/api/csrf.js
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: 9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://democratherald.com
Referer: https://democratherald.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"6740ec95-3ac"
age: 229
accept-ranges: bytes
content-length: 537
date: Mon, 25 Nov 2024 23:57:46 GMT
last-modified: Fri, 22 Nov 2024 20:41:57 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 access.3e0b8030b6000aa9a609.js Show response
democratherald.com/shared-content/art/tncms/api/ 71 KB
29 KB 664ms
642ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://democratherald.com/shared-content/art/tncms/api/access.3e0b8030b6000aa9a609.js
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://democratherald.com
Referer: https://democratherald.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"67214290-11c3d"
age: 272
accept-ranges: bytes
content-length: 29787
date: Mon, 25 Nov 2024 23:57:03 GMT
last-modified: Tue, 29 Oct 2024 20:16:16 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 345 KB
85 KB 1081ms
291ms Script
application/javascript 108.138.3.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"f4218dbb17ff2c3421282ef9135e5375"
age: 319
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront), 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: Rr1T0pg8uzrHBQOzkTLWsNRp7tWMUW1rU_a1KT7JoDiQkQQ-I9ylQg==
date: Mon, 25 Nov 2024 23:56:18 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 22:51:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
x-amz-server-side-encryption: AES256

GET
H2 200 democratherald.com.v2.js Show response
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/ 1 KB
644 B 546ms
251ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/democratherald.com.v2.js?_dc=1732574504

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7626999cc4d0fae2d315ea204bb13ca262a805f6368caaac2c6487ef966601dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: MISS
etag: W/"67441293-471"
expires: Wed, 26 Nov 2025 00:01:36 GMT
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Nov 2024 06:00:51 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ad9efc344f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 512
server: cloudflare

GET
H2 200 owl.carousel.50dc41fa734414148ce4b489fd904c5f.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 41 KB
13 KB 579ms
284ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/owl.carousel.50dc41fa734414148ce4b489fd904c5f.js

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3386bb5a79ff2284d6557313c0ddd06b0a64b9bfb6daf9631aaf6d2343d219cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6734b376-a55f"
expires: Fri, 21 Nov 2025 05:02:26 GMT
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Nov 2024 14:11:02 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ada181e44f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12674
server: cloudflare

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
2 KB 326ms
312ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66921-dbe"
expires: Thu, 13 Mar 2025 15:38:07 GMT
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ae6abce44f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1322
server: cloudflare

GET
H2 200 tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
2 KB 326ms
312ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66921-1baf"
expires: Thu, 13 Mar 2025 18:04:22 GMT
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ae6abcf44f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2388
server: cloudflare

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 415ms
56ms Script
text/javascript 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

content-encoding: gzip
age: 462785
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 15:28:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 15:28:33 GMT
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3945
x-xss-protection: 0
server: sffe

GET
H3 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
8 KB 415ms
57ms Script
text/javascript 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

content-encoding: gzip
age: 1415
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 23:38:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 23:38:03 GMT
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8653
x-xss-protection: 0
server: sffe

GET
H2 200 messaging662.js Show response
democratherald.com/shared-content/art/tncms/api/ 2 KB
1 KB 494ms
480ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://democratherald.com/shared-content/art/tncms/api/messaging662.js
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: fe9d3c399cfab2beae377ccb7ebd0e90cc65bd98aa0172e82e21e4cdb57ef597

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"6740ec95-9ce"
age: 41
accept-ranges: bytes
content-length: 891
date: Tue, 26 Nov 2024 00:00:56 GMT
last-modified: Fri, 22 Nov 2024 20:41:57 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 207 B
304 B 579ms
284ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"667d97d4-cf"
expires: Thu, 03 Jul 2025 13:27:49 GMT
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: application/x-javascript
last-modified: Thu, 27 Jun 2024 16:48:20 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ada181c44f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 176
server: cloudflare

GET
H2 200 tracking.js Show response
democratherald.com/shared-content/art/tncms/ 3 KB
1 KB 1031ms
1010ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://democratherald.com/shared-content/art/tncms/tracking.js
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"6740ec95-a3a"
age: 183
accept-ranges: bytes
content-length: 1157
date: Mon, 25 Nov 2024 23:58:32 GMT
last-modified: Fri, 22 Nov 2024 20:41:57 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 prebid9.18.0.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 254 KB
98 KB 579ms
284ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/prebid9.18.0.js?_dc=1732003230

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f62065769ce7d8df88cc0d6357889ac8b8aef08d565d2773cfaf2a10e45c129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"673c459e-3f75c"
expires: Wed, 19 Nov 2025 08:05:34 GMT
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: application/x-javascript
last-modified: Tue, 19 Nov 2024 08:00:30 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ada181f44f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 100156
server: cloudflare

GET
H2 200 lee.common.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ 11 KB
4 KB 546ms
251ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/lee.common.js?_dc=1730880032

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffead3e4f6561930d9686d5c69e2e146b59fedf602473117e42a80d3571ede95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"672b2220-2c45"
expires: Thu, 06 Nov 2025 08:06:26 GMT
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 08:00:32 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ad9efc244f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3556
server: cloudflare

GET
H2 200 fontawesome.48f6e778a25162f5c4a6977fb556155b.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 277 KB
115 KB 248ms
235ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.48f6e778a25162f5c4a6977fb556155b.js

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66e19e2e-45518"
expires: Wed, 17 Sep 2025 19:01:31 GMT
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: application/x-javascript
last-modified: Wed, 11 Sep 2024 13:42:06 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ae6abd044f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 117608
server: cloudflare

GET
H2 200 tracker.js Show response
democratherald.com/shared-content/art/stats/common/ 9 KB
3 KB 1011ms
1002ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://democratherald.com/shared-content/art/stats/common/tracker.js
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"66f6f794-2200"
age: 119
accept-ranges: bytes
content-length: 3224
date: Mon, 25 Nov 2024 23:59:37 GMT
last-modified: Fri, 27 Sep 2024 18:21:08 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 77f60d1c-381f-11ec-896b-83aba96013e0.png
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/custom/image/ 5 KB
5 KB 278ms
122ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/custom/image/77f60d1c-381f-11ec-896b-83aba96013e0.png

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9611b3effeae4872a95f3a4620e5be2b35b5c61af16a3d0ae9a197f1d877b74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "617af032-1668"
cf-cache-status: HIT
expires: Fri, 20 Jun 2025 18:11:57 GMT
cf-polished: origFmt=png, origSize=5736
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: image/webp
content-disposition: inline; filename="77f60d1c-381f-11ec-896b-83aba96013e0.webp"
vary: Accept
last-modified: Thu, 28 Oct 2021 18:47:14 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859adc9a2944f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4970
server: cloudflare

GET
H2 200 user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ 978 B
1 KB 247ms
234ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "551dba72-e1a"
cf-cache-status: HIT
expires: Tue, 25 Nov 2025 15:38:02 GMT
cf-polished: origFmt=png, origSize=3610
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: image/webp
content-disposition: inline; filename="user_no_avatar.webp"
vary: Accept
last-modified: Thu, 02 Apr 2015 21:53:54 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ae6abd244f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 978
server: cloudflare

GET
H2 200 newsplus_white.png
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 4 KB
4 KB 372ms
216ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/newsplus_white.png?_dc=1730880032

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55c986d4797a19819c545e7ab2874ec5a1f68f19a54885b770a7344924fb7379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "672b2220-2106"
cf-cache-status: HIT
expires: Fri, 21 Nov 2025 18:28:44 GMT
cf-polished: origFmt=png, origSize=8454
date: Tue, 26 Nov 2024 00:01:36 GMT
content-type: image/webp
content-disposition: inline; filename="newsplus_white.webp"
vary: Accept
last-modified: Wed, 06 Nov 2024 08:00:32 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859adc9a2b44f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4248
server: cloudflare

GET
H2 200 logo-tagline.png
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 5 KB
5 KB 633ms
592ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/logo-tagline.png?_dc=1730880032

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "672b2220-2ac5"
cf-cache-status: HIT
expires: Sat, 22 Nov 2025 16:50:35 GMT
cf-polished: origFmt=png, origSize=10949
date: Tue, 26 Nov 2024 00:01:37 GMT
content-type: image/webp
content-disposition: inline; filename="logo-tagline.webp"
vary: Accept
last-modified: Wed, 06 Nov 2024 08:00:32 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859adefc4344f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5302
server: cloudflare

GET
H2 200 chat-icon.png
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 7 KB
8 KB 243ms
231ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/chat-icon.png?_dc=1730880032

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5f137312b1d4bdc91f95cf45b49598ea4a652a4569a623ea5bc4a1ff26b49c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "672b2220-3c6f"
cf-cache-status: HIT
expires: Tue, 25 Nov 2025 12:30:31 GMT
cf-polished: origFmt=png, origSize=15471
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: image/webp
content-disposition: inline; filename="chat-icon.webp"
vary: Accept
last-modified: Wed, 06 Nov 2024 08:00:32 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ae6abd344f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7600
server: cloudflare

GET
H2 200 op.js Show response
tagan.adlightning.com/leeenterprises/ 14 KB
7 KB 883ms
671ms Script
application/javascript 18.245.31.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/op.js
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-96.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 643cbd7853a7f813c34d88c6df4c5d4701d1c09902d0cc14c783588e2556ada3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

content-encoding: gzip
x-amz-version-id: 7A0NQqatKgLBPbwV1OKcC_tAr.pExbMW
etag: "2758f04da2f0d9d8b1040a3ce1c44fec"
age: 2165
x-cache: Hit from cloudfront
x-amz-cf-id: i2FAcriMpFCFTbjPkuA_MKkuYBSPjCHHTOZv0HD7qaiV9FDnXtJTKw==
date: Mon, 25 Nov 2024 23:27:24 GMT
content-type: application/javascript
vary: accept-encoding
last-modified: Mon, 25 Nov 2024 18:45:30 GMT
cache-control: max-age=3600
via: 1.1 383422f03bfc9d77974d0ac637421c22.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 6630
x-amz-meta-git_commit: bde0e05
x-amz-cf-pop: FRA56-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 democratherald.com.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/ 3 KB
861 B 244ms
229ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/democratherald.com.js?_dc=1732003230

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fae96a781afa3d6d7994f7a11448be56362d5554cbef0e36af541cf8407660e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"673c459e-d34"
expires: Wed, 19 Nov 2025 08:05:34 GMT
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: application/x-javascript
last-modified: Tue, 19 Nov 2024 08:00:30 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ae6abca44f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 712
server: cloudflare

GET
H2 200 dfp.lazy.ozone.js Show response
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 20 KB
6 KB 247ms
232ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/dfp.lazy.ozone.js?_dc=1732003230

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74d15ee53e91b5f294115b9067074bfac984c9bf85db7dc65eefcc9a2a29adf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"673c459e-50a8"
expires: Wed, 19 Nov 2025 08:05:35 GMT
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: application/x-javascript
last-modified: Tue, 19 Nov 2024 08:00:30 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ae6abcd44f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5579
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 226 KB
78 KB 446ms
50ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f9e603a7a7572daf41ab396339500cc3c3f39ab3dde66d945df667cbe20e75c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 26 Nov 2024 00:01:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 79641
x-xss-protection: 0
server: Google Tag Manager

GET cc6e41c7-7ec1-4b78-ad33-ec1b372ee47e
https://democratherald.com/ Frame 0
0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 109 KB
34 KB 455ms
77ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73b15066725de3da8098914129385cd56c859995bff9afa3389d9f1e2d154b92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

content-encoding: br
etag: 889 / 20053 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 00:01:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33816
x-xss-protection: 0
server: cafe

GET
H2 200 tracker.gif
democratherald.com/shared-content/art/stats/common/ 0
145 B 281ms
281ms Image
image/gif 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://democratherald.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1732579298525320320160012001048752597523&tnms_dt=Albany%20Democrat-Herald%20%7C%20Breaking%20News%7C%20%7C%20Read%20Albany%2C%20OR%20and%20Oregon%20breaking%20news.%20Get%20latest%20news%2C%20events%20and%20information%20on%20Oregon%20sports%2C%20weather%2C%20entertainment%20and%20lifestyles.&tnms_upage=1&tnms_do=democratherald.com&tnms_uri=/&tnms_ref=&rt=1732579298525
Requested by: Host: democratherald.com
URL: https://democratherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-vcache: MISS
cache-control: no-cache, no-store
etag: "48f79fed-0"
age: 0
accept-ranges: bytes
content-length: 0
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: image/gif
last-modified: Thu, 16 Oct 2008 20:11:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 592 KB
154 KB 195ms
123ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55adc8a12655c689528669a2122b3e45302e6685bf44b97ddf75e90b3f0d69aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 26 Nov 2024 00:01:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 157215
x-xss-protection: 0
server: Google Tag Manager

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 serif-ds.woff2
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 26 KB
26 KB 256ms
163ms Font
application/font-woff2 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/serif-ds.woff2

Requested by

Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1730880032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://democratherald.com
Referer: https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1730880032

Response headers

x-robots-tag: noarchive
cf-cache-status: HIT
etag: "672b2220-6634"
expires: Thu, 06 Nov 2025 11:52:10 GMT
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: application/font-woff2
last-modified: Wed, 06 Nov 2024 08:00:32 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ae9ede4e506-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26164
server: cloudflare

GET
H2 200 6744d6fe00914.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/4/b4/4b4f2cd8-ab55-11ef-a095-dbe5cbe30508/ 75 KB
75 KB 1240ms
1219ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/4/b4/4b4f2cd8-ab55-11ef-a095-dbe5cbe30508/6744d6fe00914.preview.jpg?crop=1748%2C983%2C5%2C27&resize=750%2C422&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4381a77f9636bc0d0e9c711acb7bc87f4bf48a712885eec824fbb4ca59c90739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "bc5f535a5f4446fdcf26f60e06b929e9"
cf-cache-status: HIT
expires: Tue, 25 Nov 2025 21:56:18 GMT
cf-polished: degrade=85, origSize=77612, status=webp_bigger
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 19:58:56 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ae96e7144f2-TXL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 6742212359537.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/2/53/253a8548-a9c9-11ef-a9a1-57ea56edc0b1/ 9 KB
9 KB 1219ms
1199ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/2/53/253a8548-a9c9-11ef-a9a1-57ea56edc0b1/6742212359537.preview.jpg?crop=1763%2C992%2C0%2C91&resize=300%2C169&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f05ac507749c8d65ccee77419998cce6393f3e4ac561d4ddcb339a5ae69ff71d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "a21ea047545c49944e1d00788e7adb1f"
cf-cache-status: HIT
expires: Tue, 25 Nov 2025 15:27:12 GMT
cf-polished: degrade=85, origSize=9660, status=webp_bigger
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: image/jpeg
last-modified: Sat, 23 Nov 2024 18:38:29 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ae96e7244f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9424
server: cloudflare

GET
H2 200 6740e796839c4.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/f/de/fde288bc-a90d-11ef-a612-b3911022a055/ 10 KB
10 KB 1236ms
1216ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/f/de/fde288bc-a90d-11ef-a612-b3911022a055/6740e796839c4.preview.jpg?crop=1763%2C992%2C0%2C91&resize=300%2C169&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b8029ff77e78b7d7e169d7601cc15dda745f4a2aa25fbec490e502d01d01900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "aa4298c4a0af4ad173f1938c5a1065f1"
cf-cache-status: HIT
expires: Tue, 25 Nov 2025 15:15:11 GMT
cf-polished: degrade=85, origSize=13378, status=webp_bigger
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: image/jpeg
last-modified: Fri, 22 Nov 2024 20:20:41 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ae96e7344f2-TXL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 674415923aa2d.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/2/85/285b0cac-aaeb-11ef-ba44-e3f7ed678ddb/ 13 KB
13 KB 1232ms
1212ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/2/85/285b0cac-aaeb-11ef-ba44-e3f7ed678ddb/674415923aa2d.preview.jpg?crop=954%2C537%2C209%2C93&resize=300%2C169&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5489928449a9e413eed5cd6385d4e6645d32f38e7a3acdd1099e8fb1802953dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "a1bdd000b783a37b872ff4ff9a67cc9e"
cf-cache-status: HIT
expires: Tue, 25 Nov 2025 15:11:43 GMT
cf-polished: degrade=85, origSize=15611, status=webp_bigger
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 06:13:38 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ae96e7444f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12802
server: cloudflare

GET
H2 200 6741f03316372.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/6/8c/68c8c49b-be12-506a-83dd-e6be2a4c0da0/ 11 KB
11 KB 1225ms
1205ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/6/8c/68c8c49b-be12-506a-83dd-e6be2a4c0da0/6741f03316372.preview.jpg?crop=1763%2C992%2C0%2C92&resize=300%2C169&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65cbe1f4d862c64cd5e8ff90ecc770b0c3f3f5d23bc8be40a0d2bd671617ece8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "f9674f5c253e838beacc8ffe4c43b4fb"
cf-cache-status: HIT
expires: Tue, 25 Nov 2025 13:43:18 GMT
cf-polished: origSize=11704, status=webp_bigger
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: image/jpeg
last-modified: Sat, 23 Nov 2024 15:09:44 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ae96e7544f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11097
server: cloudflare

GET
H2 200 6741a24302b3c.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/f/c8/fc855538-a97d-11ef-9822-4bffcec77b24/ 12 KB
13 KB 1223ms
1203ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/f/c8/fc855538-a97d-11ef-9822-4bffcec77b24/6741a24302b3c.preview.jpg?crop=1763%2C992%2C0%2C91&resize=300%2C169&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53286b733d0c283d0e640ff9a320b1a396b56aa761332b7ff00df526bdccc889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "4b305d852e491e5adc5e1f6cbb10984b"
cf-cache-status: HIT
expires: Sun, 23 Nov 2025 14:50:22 GMT
cf-polished: degrade=85, origSize=15892, status=webp_bigger
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: image/jpeg
last-modified: Sat, 23 Nov 2024 09:37:08 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ae96e7644f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12754
server: cloudflare

GET
H2 200 674117c9a951a.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/d/a8/da8825f8-a92a-11ef-adf5-8ff83224df12/ 15 KB
16 KB 1226ms
1207ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/d/a8/da8825f8-a92a-11ef-adf5-8ff83224df12/674117c9a951a.preview.jpg?crop=1656%2C932%2C6%2C314&resize=300%2C169&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfd26d508c362a971b9f13f4b7873b14632e32415ed57a299cfd93daa4c491d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "4239bee15676581c7afb8967595eab74"
cf-cache-status: HIT
expires: Mon, 24 Nov 2025 17:49:28 GMT
cf-polished: degrade=85, origSize=15978, status=webp_bigger
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: image/jpeg
last-modified: Fri, 22 Nov 2024 23:46:20 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ae96e7744f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15835
server: cloudflare

GET
H2 200 6742212359537.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/2/53/253a8548-a9c9-11ef-a9a1-57ea56edc0b1/ 16 KB
16 KB 1236ms
1218ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a69ed6943a64cbfd0dec355b1391b12027d8bfc527d655608d1f02b653d8695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "6a97e8617b3a38ec708b58428525852b"
cf-cache-status: HIT
expires: Tue, 25 Nov 2025 15:45:41 GMT
cf-polished: degrade=85, origSize=16142, status=webp_bigger
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: image/jpeg
last-modified: Sat, 23 Nov 2024 18:38:29 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ae96e7844f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16019
server: cloudflare

GET
H2 200 6740e796839c4.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/f/de/fde288bc-a90d-11ef-a612-b3911022a055/ 17 KB
18 KB 1232ms
1214ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d015a6cc63d97284bdd10ccc09724e6546422550aedc5cba5baa1a04b6b5450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "d00445d82b6550f143bbf627e95d1750"
cf-cache-status: HIT
expires: Tue, 25 Nov 2025 15:19:15 GMT
cf-polished: degrade=85, origSize=20369, status=webp_bigger
date: Tue, 26 Nov 2024 00:01:38 GMT
content-type: image/jpeg
last-modified: Fri, 22 Nov 2024 20:20:41 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859ae96e7944f2-TXL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 b-bde0e05-a31c1d91.js Show response
tagan.adlightning.com/leeenterprises/ 73 KB
27 KB 112ms
62ms Script
application/javascript 18.245.31.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-bde0e05-a31c1d91.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-96.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cae430a258ffde47a171258a1656d9c05d184bb95be9a89e331c6e6a50276117

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

content-encoding: gzip
etag: "5c6b86c4d2321f349148adf02b0546d4"
x-amz-version-id: rbp0uFbJnECSpK.o.xqEX.XBrh5lX2ZH
age: 1670754
x-cache: Hit from cloudfront
x-amz-cf-id: UuKJ0HOCgYsRBpW9pluBE9bl0dI7Hm308aE8RLflCHDOhtkd37Uw4Q==
date: Wed, 06 Nov 2024 15:55:46 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 15:55:09 GMT
cache-control: max-age=31536000
via: 1.1 383422f03bfc9d77974d0ac637421c22.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 27274
x-amz-meta-git_commit: bde0e05
x-amz-cf-pop: FRA56-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 bl-903bc3c-3863d4e4.js Show response
tagan.adlightning.com/leeenterprises/ 229 KB
83 KB 277ms
243ms Script
application/javascript 18.245.31.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/bl-903bc3c-3863d4e4.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-96.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 79b1e96bbcd2b88631c02da8bed54be51ec02acea151393098cb2d591b60ea6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

content-encoding: gzip
etag: "cf912f1074863e832cfc5f26029fa6f1"
x-amz-version-id: CdZALDAF8j3JjTxxGwRdQQsWGc5afeiD
age: 16584
x-cache: Hit from cloudfront
x-amz-cf-id: VFHMBxRXL-BbvhSRz4-km1tSbIeAAl2ipn9IV3oFCLQ40bm1BbinsA==
date: Mon, 25 Nov 2024 19:25:16 GMT
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 18:45:18 GMT
cache-control: max-age=31536000
via: 1.1 383422f03bfc9d77974d0ac637421c22.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 84187
x-amz-meta-git_commit: 903bc3c
x-amz-cf-pop: FRA56-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET e8dcde6c-7838-41be-90ad-1ff028aa7c3d
https://democratherald.com/ Frame 0
0

GET 798236e2-3f05-4b7c-8c56-f6f51d0c6bfd
https://democratherald.com/ Frame 0
0

GET
H2 200 /
cmp.osano.com/ Frame D8A1 0
0 218ms
52ms Document
text/html 2600:9000:223c:9c00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:9c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://democratherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 74849
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Mon, 25 Nov 2024 03:14:11 GMT
etag: W/"a0cbc82c3c7bce3b368e2118b3cb29d3"
last-modified: Mon, 19 Aug 2024 22:15:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: accept-encoding Origin
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-id: OFbreFaqmvLjW1-Km0laDQRic-Q5-4IiYRZH4qCVUJfbGuwFTWHxow==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: IV.sz0dqhMjQD06H4vRdCjcmpoMDLZ8n
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 osano-ui.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 101 KB
26 KB 220ms
206ms Script
application/javascript 2600:9000:223c:6600:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano-ui.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

48af5d9ed16d117848118b9945ee5383025d8c9d0e1437037267f54a5f8bb5c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

content-encoding: br
x-amz-version-id: IyWvuliR.6Rhu.7zxAgG9pUuvcL02h36
etag: W/"9e767e1f14dbe8559610a67f76ae4cd2"
age: 70090
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: wMLHRCKIOlntzVdFoY4-81opvPZ93UlpemRRMj3dvVIxqo4YA1BZhg==
date: Mon, 25 Nov 2024 04:33:30 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Mon, 11 Nov 2024 20:14:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=86400, no-transform, public
referrer-policy: strict-origin-when-cross-origin
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 de.json Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 35 KB
11 KB 92ms
78ms XHR
application/json 18.66.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/de.json

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.102.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-13.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4c6f22d4825c1840fafaaaa15167e1cc2239f734ea73f60885b7b10635fbb598

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://democratherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

access-control-expose-headers: *
content-encoding: br
x-amz-version-id: mVYwpPsTzIiqf2FWin1SKEJXfGsRcTw.
etag: W/"fb63007425642594f63868fb87ab3810"
age: 66999
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 3RD-VHShSo1EdbwxoxMmpKi-Ma6x-fxBobMCwMSRUw3TIw1bBjyGzA==
date: Mon, 25 Nov 2024 05:25:02 GMT
content-type: application/json
vary: accept-encoding
last-modified: Mon, 11 Nov 2024 20:14:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=86400, no-transform, public
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

OPTIONS
H3 200 de.json
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ Frame 0
0 411ms
349ms Preflight 18.66.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.102.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-13.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://democratherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 26 Nov 2024 00:01:41 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-id: ahf-HGcF6eLwD-v0wYEodvMpwzeH7wgk1BIqIpn0NNEVOBd7bGm3Wg==
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 492 KB
152 KB 67ms
62ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 12111
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 20:39:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 25 Nov 2024 20:39:49 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET cdc34fea-fcfd-44b0-b0d7-2e2ccd1fdb10
https://democratherald.com/ Frame 0
0

GET
H2 200 /
democratherald.com/tncms/csrf/token/ 0
0 155ms
155ms Fetch
text/html 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://democratherald.com/tncms/csrf/token/

Requested by

Host: democratherald.com
URL: https://democratherald.com/shared-content/art/tncms/api/csrf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.182.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.us-midwest-1.vip.tn-cloud.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
age: 0
x-content-type-options: nosniff
date: Tue, 26 Nov 2024 00:01:40 GMT
content-type: text/html; charset=UTF-8
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
x-frame-options: SAMEORIGIN
x-vcache: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
x-tncms: 1.83.2; app13; 0.01s; 1.9M
content-security-policy: upgrade-insecure-requests
cache-control: private, no-cache, no-store, max-age=0
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
content-length: 20
x-xss-protection: 1; mode=block

GET
H2 200 6741f03316372.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/6/8c/68c8c49b-be12-506a-83dd-e6be2a4c0da0/ 18 KB
18 KB 173ms
172ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfe17c1f02efc0de30224c7a71b1904829c78d327013e5a284a4665de3ea90d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "e91a53db028d37be885156f85e3d8ba8"
cf-cache-status: HIT
expires: Tue, 25 Nov 2025 13:24:40 GMT
cf-polished: origSize=19185, status=webp_bigger
date: Tue, 26 Nov 2024 00:01:40 GMT
content-type: image/jpeg
last-modified: Sat, 23 Nov 2024 15:09:44 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859af4b95544f2-TXL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 219 KB
77 KB 71ms
70ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer&gtm=45He4bk0v72758733za200

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

44f86854c2ec06635a869bb2adbb3435a21e6f2582020b3f299571b0fab95a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 26 Nov 2024 00:01:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 00:01:40 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 78360
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 305 KB
86 KB 61ms
60ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer&gtm=45He4bk0v72758733za200

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

812de29068946e1d1dbb2258e8a8008a2b7f290f6be48a646276f9fc486b447f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 26 Nov 2024 00:01:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 00:01:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 88053
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 402 KB
130 KB 77ms
77ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X3VDDNG4PY&l=dataLayer&cx=c&gtm=45He4bk0v6749731za200

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

44e01e3e7732107a1d179e2c29a44c12ab71ee87f009eda4fde152e1d595e59c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 26 Nov 2024 00:01:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 00:01:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 132717
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 674415f3dee4b.preview.png
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/4/06/40678094-529b-507a-a232-6f77378c93a1/ 43 KB
43 KB 270ms
220ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/4/06/40678094-529b-507a-a232-6f77378c93a1/674415f3dee4b.preview.png?crop=620%2C349%2C0%2C0&resize=400%2C225&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e261ff61b0624a4783206506ab40da86438cb9f8ed09877a4420ddbe590e18f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "67e4b45a9c404495aa016afd469da8c3"
cf-cache-status: HIT
expires: Tue, 25 Nov 2025 16:12:37 GMT
cf-polished: origFmt=png, origSize=76405
date: Tue, 26 Nov 2024 00:01:41 GMT
content-type: image/webp
content-disposition: inline; filename="674415f3dee4b.webp"
vary: Accept
last-modified: Mon, 25 Nov 2024 06:15:16 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859af87c8944f2-TXL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 6742c1ee5e449.preview.png
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/b/6c/b6c1d006-795f-57b2-8d22-dbce17fe56cf/ 43 KB
43 KB 267ms
218ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/b/6c/b6c1d006-795f-57b2-8d22-dbce17fe56cf/6742c1ee5e449.preview.png?crop=620%2C349%2C0%2C0&resize=400%2C225&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e261ff61b0624a4783206506ab40da86438cb9f8ed09877a4420ddbe590e18f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "087df672513fb5d79a4ec83c3bdf641e"
cf-cache-status: HIT
expires: Mon, 24 Nov 2025 10:16:34 GMT
cf-polished: origFmt=png, origSize=76405
date: Tue, 26 Nov 2024 00:01:41 GMT
content-type: image/webp
content-disposition: inline; filename="6742c1ee5e449.webp"
vary: Accept
last-modified: Sun, 24 Nov 2024 06:04:30 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859af87c8b44f2-TXL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 67425f63ed4a0.image.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/9/e2/9e233681-7115-5f11-b06f-a9217420320f/ 14 KB
14 KB 274ms
225ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/9/e2/9e233681-7115-5f11-b06f-a9217420320f/67425f63ed4a0.image.jpg?resize=400%2C225

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d29cad45fb9472085128f735df454b548fdd94bb2d5410d2b8aea5e5d6699b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "84a5e0dd4b5f0c78c9bed4541f5b35d5"
cf-cache-status: HIT
expires: Sun, 23 Nov 2025 23:22:04 GMT
cf-polished: origSize=15186, status=webp_bigger
date: Tue, 26 Nov 2024 00:01:41 GMT
content-type: image/jpeg
last-modified: Sat, 23 Nov 2024 23:04:04 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859af87c8c44f2-TXL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 67416fae03d94.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/3/78/378a041d-2ab9-5eed-8660-9dacca27a82f/ 16 KB
16 KB 755ms
706ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/3/78/378a041d-2ab9-5eed-8660-9dacca27a82f/67416fae03d94.preview.jpg?crop=640%2C360%2C0%2C33&resize=400%2C225&order=crop%2Cresize

Requested by

Host: democratherald.com
URL: https://democratherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca5787e990b7e62b8de95f3888cf2d3d644d606d564ae54fba9c01caf5dd2636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "a2424974f28b2812697d44af6641bead"
cf-cache-status: HIT
expires: Sun, 23 Nov 2025 15:30:45 GMT
cf-polished: origSize=17391, status=webp_bigger
date: Tue, 26 Nov 2024 00:01:41 GMT
content-type: image/jpeg
last-modified: Sat, 23 Nov 2024 06:01:18 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859af87c8d44f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16556
server: cloudflare

GET 25c1ae18-a97b-4748-aa13-4011c94c73de
https://democratherald.com/ Frame 0
0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
104 KB 57ms
55ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He4bk0v861227858za200zb72758733

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6c2aeb48b5f818c3a7aec2002d9ab780d997da7615e5f1c3cd5596feef8b9ca0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 26 Nov 2024 00:01:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 00:01:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106499
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 /
democratherald.com/tncms/tracking/business/block/ 0
153 B 336ms
335ms Ping
application/octet-stream 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://democratherald.com/tncms/tracking/business/block/?i=995e00fb-158e-58ac-94bc-d2dedc209626,dc14fbe9-f1dc-5fb3-b2ac-df1ea6ee02fb,dfaaf75a-7ccc-5d53-b11b-4bb74009ef2a,
Requested by: Host: democratherald.com
URL: https://democratherald.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-vcache: MISS
cache-control: s-maxage=0, private, no-cache
content-length: 0
real-hostname: democratherald.com
date: Tue, 26 Nov 2024 00:01:42 GMT
age: 0
content-type: application/octet-stream

GET
H2 200 icon.ico
democratherald.com/content/tncms/site/ 1 KB
2 KB 284ms
284ms Other
image/x-icon 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://democratherald.com/content/tncms/site/icon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: 8c3bb297e9cc36c7653352198db7e81eaef176567954ca83b1a5fbe3fe1bd35e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-vcache: HIT
cache-control: public, max-age=43200
etag: "4a8f0594-57e"
age: 35976
accept-ranges: bytes
content-length: 1406
date: Mon, 25 Nov 2024 14:02:05 GMT
last-modified: Fri, 21 Aug 2009 20:37:40 GMT
content-type: image/x-icon

GET
H2 200 65bbbf047b9a3.preview.jpg
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/2/1e/21e908b0-c117-11ee-8e2e-6ff56ed6817f/ 10 KB
10 KB 149ms
149ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/2/1e/21e908b0-c117-11ee-8e2e-6ff56ed6817f/65bbbf047b9a3.preview.jpg?crop=356%2C200%2C22%2C0&resize=356%2C200&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c54f715edf9249bf772aff639099ea986b918174090c7974ec35accb8b3ec9f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "d56915123b9d111a0ee16b4936f8e40e"
cf-cache-status: HIT
expires: Sat, 15 Nov 2025 00:14:09 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=12345
date: Tue, 26 Nov 2024 00:01:42 GMT
content-type: image/webp
content-disposition: inline; filename="65bbbf047b9a3.webp"
vary: Accept
last-modified: Thu, 01 Feb 2024 15:55:48 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859afe694844f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9938
server: cloudflare

GET
H2 200 6487feff4f2f9.image.png
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/e/50/e509c317-4364-56c1-b985-05d4c99b87ad/ 19 KB
20 KB 158ms
158ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/e/50/e509c317-4364-56c1-b985-05d4c99b87ad/6487feff4f2f9.image.png?crop=600%2C338%2C0%2C31&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90f12440261787faf6d33c267b1a572654b50f6017a844b0173947dba2bad8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "33b7f50928cb8e64bf3cd86d626581f6"
cf-cache-status: HIT
expires: Mon, 10 Nov 2025 06:29:44 GMT
cf-polished: origFmt=png, origSize=23331
date: Tue, 26 Nov 2024 00:01:42 GMT
content-type: image/webp
content-disposition: inline; filename="6487feff4f2f9.webp"
vary: Accept
last-modified: Tue, 13 Jun 2023 05:30:39 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859afe694944f2-TXL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 64c0abe3e21ed.image.png
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/f/29/f296f229-a311-5b92-ad0e-24c7fe62a927/ 15 KB
15 KB 159ms
158ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/f/29/f296f229-a311-5b92-ad0e-24c7fe62a927/64c0abe3e21ed.image.png?crop=600%2C338%2C0%2C31&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f65079c7844584bf156ebb99949a883280f65cc817eab327c170d766c2a4fa5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "890ca208d27e479ae4133d55f8323302"
cf-cache-status: HIT
expires: Thu, 20 Nov 2025 03:24:47 GMT
cf-polished: origFmt=png, origSize=18483
date: Tue, 26 Nov 2024 00:01:42 GMT
content-type: image/webp
content-disposition: inline; filename="64c0abe3e21ed.webp"
vary: Accept
last-modified: Wed, 26 Jul 2023 05:15:16 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859afe694b44f2-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15462
server: cloudflare

GET
H2 200 6581352736a6f.image.png
bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/f/75/f755d9fe-8904-5d66-ab3e-79272d0f6d05/ 82 KB
82 KB 252ms
251ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/democratherald.com/content/tncms/assets/v3/editorial/f/75/f755d9fe-8904-5d66-ab3e-79272d0f6d05/6581352736a6f.image.png?crop=600%2C338%2C0%2C31&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a99245df61a2a7eb3b0e69dee8ec6c5f1f33d51f2e58b24ec67ffff2929b4a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://democratherald.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "0c82c2a272254f2268ceb9e8b4968356"
cf-cache-status: HIT
expires: Tue, 25 Nov 2025 20:43:28 GMT
cf-polished: origFmt=png, origSize=109875
date: Tue, 26 Nov 2024 00:01:42 GMT
content-type: image/webp
content-disposition: inline; filename="6581352736a6f.webp"
vary: Accept
last-modified: Tue, 19 Dec 2023 06:16:08 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8e859afe694c44f2-TXL
access-control-allow-origin: *
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: democratherald.com
URL: blob:https://democratherald.com/cc6e41c7-7ec1-4b78-ad33-ec1b372ee47e

Domain: democratherald.com
URL: blob:https://democratherald.com/e8dcde6c-7838-41be-90ad-1ff028aa7c3d

Domain: democratherald.com
URL: blob:https://democratherald.com/798236e2-3f05-4b7c-8c56-f6f51d0c6bfd

Domain: democratherald.com
URL: blob:https://democratherald.com/cdc34fea-fcfd-44b0-b0d7-2e2ccd1fdb10

Domain: democratherald.com
URL: blob:https://democratherald.com/25c1ae18-a97b-4748-aa13-4011c94c73de

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.democratherald.com/	1969-12-31 23:59:59	Name: tncms_csrf_token Value: 8243319bffa3affc461777ec56baa9423f9df28628fc6cde9ead5e4254b49193.1606e9e5938c4ce99fb1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bloximages.chicago2.vip.townnews.com
c.amazon-adsystem.com
cmp.osano.com
democratherald.com
securepubads.g.doubleclick.net
tagan.adlightning.com
www.googletagmanager.com
www.gstatic.com
democratherald.com
104.16.133.24
108.138.3.93
142.250.184.200
142.250.186.131
142.250.186.34
18.245.31.96
18.66.102.13
192.104.182.209
2600:9000:223c:6600:3:b7e:8940:93a1
2600:9000:223c:9c00:3:b7e:8940:93a1
2a00:1450:4001:81d::2008
2a00:1450:4001:827::2002
03df57a5603209dbaa243fc27aea0a73b23f2980e4a004a8ad5bddcca4c0e003
0d015a6cc63d97284bdd10ccc09724e6546422550aedc5cba5baa1a04b6b5450
0f62065769ce7d8df88cc0d6357889ac8b8aef08d565d2773cfaf2a10e45c129
1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec
1e261ff61b0624a4783206506ab40da86438cb9f8ed09877a4420ddbe590e18f
22df440276ff65997f69631be302f9a7f9385225b82a5b2ad1ae1818ba7cb019
252904bb838e1fb52a44c23792b4f5395783fae0ce1e9fa1d02f307c7657d1b6
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
2f9e603a7a7572daf41ab396339500cc3c3f39ab3dde66d945df667cbe20e75c
3386bb5a79ff2284d6557313c0ddd06b0a64b9bfb6daf9631aaf6d2343d219cd
3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc
4381a77f9636bc0d0e9c711acb7bc87f4bf48a712885eec824fbb4ca59c90739
44e01e3e7732107a1d179e2c29a44c12ab71ee87f009eda4fde152e1d595e59c
44f86854c2ec06635a869bb2adbb3435a21e6f2582020b3f299571b0fab95a5b
48af5d9ed16d117848118b9945ee5383025d8c9d0e1437037267f54a5f8bb5c8
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4c6f22d4825c1840fafaaaa15167e1cc2239f734ea73f60885b7b10635fbb598
4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09
53286b733d0c283d0e640ff9a320b1a396b56aa761332b7ff00df526bdccc889
5489928449a9e413eed5cd6385d4e6645d32f38e7a3acdd1099e8fb1802953dc
55adc8a12655c689528669a2122b3e45302e6685bf44b97ddf75e90b3f0d69aa
55c986d4797a19819c545e7ab2874ec5a1f68f19a54885b770a7344924fb7379
5b8029ff77e78b7d7e169d7601cc15dda745f4a2aa25fbec490e502d01d01900
643cbd7853a7f813c34d88c6df4c5d4701d1c09902d0cc14c783588e2556ada3
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
65cbe1f4d862c64cd5e8ff90ecc770b0c3f3f5d23bc8be40a0d2bd671617ece8
69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938
6a69ed6943a64cbfd0dec355b1391b12027d8bfc527d655608d1f02b653d8695
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
6c2aeb48b5f818c3a7aec2002d9ab780d997da7615e5f1c3cd5596feef8b9ca0
73b15066725de3da8098914129385cd56c859995bff9afa3389d9f1e2d154b92
74d15ee53e91b5f294115b9067074bfac984c9bf85db7dc65eefcc9a2a29adf5
7626999cc4d0fae2d315ea204bb13ca262a805f6368caaac2c6487ef966601dc
79b1e96bbcd2b88631c02da8bed54be51ec02acea151393098cb2d591b60ea6c
7f4049e8923ddb3b759697aebae3d69181b42fa677abba4d875f4a1ba7beff89
7fae96a781afa3d6d7994f7a11448be56362d5554cbef0e36af541cf8407660e
812de29068946e1d1dbb2258e8a8008a2b7f290f6be48a646276f9fc486b447f
8c3bb297e9cc36c7653352198db7e81eaef176567954ca83b1a5fbe3fe1bd35e
8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a
90f12440261787faf6d33c267b1a572654b50f6017a844b0173947dba2bad8c9
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
962f88b62b18780a0b6cf19d5d529db54986db8635f6db5d778a5f3b76a6e78f
9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4
a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f
a99245df61a2a7eb3b0e69dee8ec6c5f1f33d51f2e58b24ec67ffff2929b4a3a
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07
b93740066fadbde00a03ff560765bd25b8e9ca74f7774a4633f61ce44b332991
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
b9611b3effeae4872a95f3a4620e5be2b35b5c61af16a3d0ae9a197f1d877b74
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bfe17c1f02efc0de30224c7a71b1904829c78d327013e5a284a4665de3ea90d8
c54f715edf9249bf772aff639099ea986b918174090c7974ec35accb8b3ec9f0
ca5787e990b7e62b8de95f3888cf2d3d644d606d564ae54fba9c01caf5dd2636
cae430a258ffde47a171258a1656d9c05d184bb95be9a89e331c6e6a50276117
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
d29cad45fb9472085128f735df454b548fdd94bb2d5410d2b8aea5e5d6699b44
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
dfd26d508c362a971b9f13f4b7873b14632e32415ed57a299cfd93daa4c491d2
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f137312b1d4bdc91f95cf45b49598ea4a652a4569a623ea5bc4a1ff26b49c2
f05ac507749c8d65ccee77419998cce6393f3e4ac561d4ddcb339a5ae69ff71d
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f65079c7844584bf156ebb99949a883280f65cc817eab327c170d766c2a4fa5f
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
fe9d3c399cfab2beae377ccb7ebd0e90cc65bd98aa0172e82e21e4cdb57ef597
ffead3e4f6561930d9686d5c69e2e146b59fedf602473117e42a80d3571ede95

democratherald.com Open in urlscan Pro 192.104.182.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

94 %HTTPS

33 %IPv6

8 Domains

8 Subdomains

13 IPs

3 Countries

2130 kBTransfer

6044 kBSize

1 Cookies

18 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

democratherald.com Open in urlscan Pro
192.104.182.209 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

94 %
HTTPS

33 %
IPv6

8
Domains

8
Subdomains

13
IPs

3
Countries

2130 kB
Transfer

6044 kB
Size

1
Cookies

80 HTTP transactions
1 data transactions