urlscan.io logo urlscan.io
SecurityTrails logo

www.heralddemocrat.com Open in urlscan Pro
74.84.144.198  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.heralddemocrat.com//2022//10//13//entertainment/-news/-107//
Effective URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Submission: On September 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 2 countries across 12 domains to perform 95 HTTP transactions. The main IP is 74.84.144.198, located in Ashburn, United States and belongs to HOPONE-GLOBAL, US. The main domain is www.heralddemocrat.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 30th 2024. Valid for: 8 months.
This is the only time www.heralddemocrat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

32    74.84.144.198 (Ashburn, United States)

ASN14361 (HOPONE-GLOBAL, US)
www.heralddemocrat.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    13.35.58.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-32.fra60.r.cloudfront.net
cdn-gateflipp.flippback.com
2    207.228.225.157 (Ashburn, United States)

ASN14361 (HOPONE-GLOBAL, US)
analytics.cherryroad.com
2    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2400:52e0:1e00::1079:1 (Germany)

ASN60068 (CDN77 _, GB)
api.maxaccess.io
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.66.147.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-37.fra60.r.cloudfront.net
p.flipp.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
9    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
eb2e1040fab4d5f41b0fbf27aa298863.safeframe.googlesyndication.com
3    172.67.155.203 (United States)

ASN13335 (CLOUDFLARENET, US)
maworkerapi.maxaccess.io
26    2400:52e0:1e00::1080:1 (Germany)

ASN60068 (CDN77 _, GB)
scripts-cdn.maxaccess.io
2    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2606:4700:3036::6815:50f7 (United States)

ASN13335 (CLOUDFLARENET, US)
apib.maxaccess.io
3    2400:52e0:1e00::1081:1 (Germany)

ASN60068 (CDN77 _, GB)
tb-cdn.maxaccess.io
1    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
34 maxaccess.io
api.maxaccess.io — Cisco Umbrella Rank: 89964
maworkerapi.maxaccess.io — Cisco Umbrella Rank: 91703
scripts-cdn.maxaccess.io — Cisco Umbrella Rank: 119336
apib.maxaccess.io — Cisco Umbrella Rank: 308040
tb-cdn.maxaccess.io — Cisco Umbrella Rank: 119903
288 KB
32 heralddemocrat.com
www.heralddemocrat.com
625 KB
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
eb2e1040fab4d5f41b0fbf27aa298863.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 162
233 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213
182 KB
2 cherryroad.com
analytics.cherryroad.com — Cisco Umbrella Rank: 983194
2 KB
2 flippback.com
cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 11479
60 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3310
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 476
98 B
1 flipp.com
p.flipp.com — Cisco Umbrella Rank: 11472
1 gstatic.com
fonts.gstatic.com
32 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
90 KB
95 12
Domain Requested by
32 www.heralddemocrat.com 1 redirects www.heralddemocrat.com
26 scripts-cdn.maxaccess.io www.heralddemocrat.com
9 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.heralddemocrat.com
pagead2.googlesyndication.com
3 tb-cdn.maxaccess.io api.maxaccess.io
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 maworkerapi.maxaccess.io api.maxaccess.io
2 securepubads.g.doubleclick.net www.heralddemocrat.com
securepubads.g.doubleclick.net
2 analytics.cherryroad.com www.heralddemocrat.com
analytics.cherryroad.com
2 cdn-gateflipp.flippback.com www.heralddemocrat.com
2 fonts.googleapis.com www.heralddemocrat.com
client
1 apib.maxaccess.io api.maxaccess.io
1 eb2e1040fab4d5f41b0fbf27aa298863.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 idsync.rlcdn.com www.heralddemocrat.com
1 p.flipp.com cdn-gateflipp.flippback.com
1 fonts.gstatic.com fonts.googleapis.com
1 api.maxaccess.io www.heralddemocrat.com
1 www.googletagmanager.com www.heralddemocrat.com
95 18
Subject Issuer Validity Valid
agjournalonline.com
Sectigo RSA Domain Validation Secure Server CA		 2024-04-30 -
2025-01-12		 8 months crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
flippback.com
Amazon RSA 2048 M02		 2024-08-18 -
2025-09-16		 a year crt.sh
*.cherryroad.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-10 -
2024-11-06		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
api.maxaccess.io
R11		 2024-08-14 -
2024-11-12		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
flipp.com
Amazon RSA 2048 M02		 2024-06-30 -
2025-07-28		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
maxaccess.io
WE1		 2024-07-30 -
2024-10-28		 3 months crt.sh
scripts-cdn.maxaccess.io
R10		 2024-08-24 -
2024-11-22		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
tb-cdn.maxaccess.io
R11		 2024-08-24 -
2024-11-22		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Frame ID: 71F283C2925E49DE6B7B42EE731F7A42
Requests: 83 HTTP requests in this frame

Frame: https://eb2e1040fab4d5f41b0fbf27aa298863.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BDC789B2CDD9A671EDA525504539336C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssAtPkyRYBXqQdj-pb-v8bRXBz3PowkHE81ZXldtyrSCp5OTl-WRb9bMWXvfn8v2BlxXBA-_eHV_EQgUtqANYwCmFVDdBKKj-gXteot69EsswpL7kVecrfVytjG_WYSBNeZGFFsz9avJdeB2-8CnGFDyRtnR_YEw-X5LG9wJWtT8obj995g-AvmMVkyB2xOTXgB7NUdK_12E8VvlJAaQueQ0_9efCcqWDsopFvgOtyW4VKeWws6-WJ0FwekJsESHTQ649vXbdk1H1pOhQbpvpU616ePb7PivtZlIkN1ebn8t1DUzLBMa7MMv4Tt3sbt1UKg2Au9qheAoBh0k6f_pSGp2qNM74V-n8xhxT3Zq5ooBDDGVhxIvzZm541FZeK6NOxzo6sUXw&sig=Cg0ArKJSzFmZ4Affp9NTEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 26BD43BBF121954A6AE99ACABC43B5EC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0D09AA10415D7E50FAFB1DE041DD4936
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page not found - Herald Democrat

Page URL History Show full URLs

  1. http://www.heralddemocrat.com//2022//10//13//entertainment/-news/-107// HTTP 307
    https://www.heralddemocrat.com//2022//10//13//entertainment/-news/-107// HTTP 301
    https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

95
Requests

96 %
HTTPS

58 %
IPv6

12
Domains

18
Subdomains

20
IPs

2
Countries

1512 kB
Transfer

3114 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.heralddemocrat.com//2022//10//13//entertainment/-news/-107// HTTP 307
    https://www.heralddemocrat.com//2022//10//13//entertainment/-news/-107// HTTP 301
    https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

95 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Redirect Chain
  • http://www.heralddemocrat.com//2022//10//13//entertainment/-news/-107//
  • https://www.heralddemocrat.com//2022//10//13//entertainment/-news/-107//
  • https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
73 KB
73 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
e036850c54c75d39ef007312c0270739af109ddefcbe57f8220bb4048d7907d9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, must-revalidate, max-age=0
connection
close
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Mon, 16 Sep 2024 01:59:31 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://www.heralddemocrat.com/wp-json/>; rel="https://api.w.org/"
pragma
no-cache
server
nginx
strict-transport-security
max-age=16000000; includeSubDomains; preload;
transfer-encoding
chunked
x-content-type-options
nosniff

Redirect headers

cache-control
max-age=3600
connection
close
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Mon, 16 Sep 2024 01:59:31 GMT
expires
Mon, 16 Sep 2024 02:59:31 GMT
location
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
pragma
no-cache
server
nginx
strict-transport-security
max-age=16000000; includeSubDomains; preload;
transfer-encoding
chunked
x-content-type-options
nosniff
x-fastcgi-cache
BYPASS
x-redirect-by
WordPress
global.css
www.heralddemocrat.com/wp-content/uploads/sites/109/blocksy/css/ 		19 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/uploads/sites/109/blocksy/css/global.css?ver=51361
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
4922c56e3c6327e2745c06e658633fcbd828473fbfdc66f8cdd39a9182fa0d24
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:32 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Fri, 13 Sep 2024 18:16:01 GMT
server
nginx
etag
"66e48161-4b3d"
content-type
text/css
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
19261
expires
Thu, 31 Dec 2037 23:55:55 GMT
wsp-front-preloader.css
www.heralddemocrat.com/wp-content/plugins/wp-smart-preloader/assets/css/ 		546 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/plugins/wp-smart-preloader/assets/css/wsp-front-preloader.css?ver=1.15.2
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
342a41482120c9c5dbdc32a6d962e6ec54814a4d0b6466ba132827ae655187e7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:32 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Fri, 13 Sep 2024 16:24:04 GMT
server
nginx
etag
"66e46724-222"
content-type
text/css
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
546
expires
Thu, 31 Dec 2037 23:55:55 GMT
wsp-smart-preload-style.css
www.heralddemocrat.com/wp-content/plugins/wp-smart-preloader/assets/css/ 		12 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/plugins/wp-smart-preloader/assets/css/wsp-smart-preload-style.css?ver=1.15.2
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
762eefe0f35eb617b648d3dc5c22b6e373b98ac738fdbf6dddb0fddf344b01dd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:32 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Fri, 13 Sep 2024 16:24:04 GMT
server
nginx
etag
"66e46724-3045"
content-type
text/css
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
12357
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.min.css
www.heralddemocrat.com/wp-includes/css/dist/block-library/ 		110 KB
110 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:32 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Fri, 30 Aug 2024 02:06:50 GMT
server
nginx
etag
"66d1293a-1b723"
content-type
text/css
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
112419
expires
Thu, 31 Dec 2037 23:55:55 GMT
croad-style.css
www.heralddemocrat.com/wp-content/plugins/cherryroad-media-paywall/public/assets/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/plugins/cherryroad-media-paywall/public/assets/css/croad-style.css?ver=6.6.1
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
7da4e91d1592e385fb96fb72f675882485fd9eb2a12a08fc8d59865a9e9a4239
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:32 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Fri, 21 Jun 2024 04:58:07 GMT
server
nginx
etag
"6675085f-1369"
content-type
text/css
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
4969
expires
Thu, 31 Dec 2037 23:55:55 GMT
plans.css
www.heralddemocrat.com/wp-content/plugins/cherryroad-media-paywall/public/assets/css/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/plugins/cherryroad-media-paywall/public/assets/css/plans.css?ver=6.6.1
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
6164ee10fb6499724b98e75fea2b2a11913abc2487c22a8cab39825876441ed7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:32 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Tue, 12 Mar 2024 15:57:43 GMT
server
nginx
etag
"65f07b77-2317"
content-type
text/css
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
8983
expires
Thu, 31 Dec 2037 23:55:55 GMT
checkout.css
www.heralddemocrat.com/wp-content/plugins/cherryroad-media-paywall/public/assets/css/ 		23 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/plugins/cherryroad-media-paywall/public/assets/css/checkout.css?ver=6.6.1
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
0ef9fed5b8cfa9525555cced28bcadb4285d6c83e2fb9ff06d178d054f7bbac2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:32 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Fri, 21 Jun 2024 04:58:34 GMT
server
nginx
etag
"6675087a-5df8"
content-type
text/css
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
24056
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
www.heralddemocrat.com/wp-content/themes/blocksy-child/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/themes/blocksy-child/style.css?ver=6.6.1
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
1da9d7a10b2834bd35a28a56a929fe231bdb39a564612fd3441c6df817d8a0a8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:32 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Thu, 11 May 2023 17:45:59 GMT
server
nginx
etag
"645d29d7-fa4"
content-type
text/css
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
4004
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
www.heralddemocrat.com/wp-content/themes/blocksy/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/themes/blocksy/style.css?ver=6.6.1
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
9cbcfda550ddf192c70e21c1d57cc4e9a7b9937f2a1a73ed067a8bd1fd9536c4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:32 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Wed, 11 Sep 2024 02:11:32 GMT
server
nginx
etag
"66e0fc54-55f"
content-type
text/css
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
1375
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.min.css
www.heralddemocrat.com/wp-content/themes/blocksy/static/bundle/ 		101 KB
102 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/themes/blocksy/static/bundle/main.min.css?ver=2.0.66
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
12848ab44634232badfacb5c2d14f7a92c4757a39697c34e4fac187d0150619a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:33 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Wed, 11 Sep 2024 02:11:30 GMT
server
nginx
etag
"66e0fc52-193ec"
content-type
text/css
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
103404
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.min.css
www.heralddemocrat.com/wp-content/plugins/blocksy-companion-pro/framework/premium/extensions/mega-menu/static/bundle/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/plugins/blocksy-companion-pro/framework/premium/extensions/mega-menu/static/bundle/main.min.css?ver=2.0.66
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
72ace6e9e63c775077be571f274a862fcc3d9913e43621a4bb4c6653a9b9d67c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:33 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Wed, 11 Sep 2024 02:15:22 GMT
server
nginx
etag
"66e0fd3a-1011"
content-type
text/css
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
4113
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ 		2 KB
829 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Albert%20Sans:wght@500;600&display=swap
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6680003a1d0db62147e52513b937e06f155f7bcc3a2e38563fa8cc547f96f833
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Sep 2024 01:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Sep 2024 00:08:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Sep 2024 01:59:32 GMT
page-title.min.css
www.heralddemocrat.com/wp-content/themes/blocksy/static/bundle/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/themes/blocksy/static/bundle/page-title.min.css?ver=2.0.66
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
340b0576fb30f8672a3a8b464aa173d54cb1f28329d39b3a27d0ee0aa6e1db69
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:33 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Wed, 11 Sep 2024 02:11:30 GMT
server
nginx
etag
"66e0fc52-551"
content-type
text/css
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
1361
expires
Thu, 31 Dec 2037 23:55:55 GMT
stackable.min.css
www.heralddemocrat.com/wp-content/themes/blocksy/static/bundle/ 		346 B
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/themes/blocksy/static/bundle/stackable.min.css?ver=2.0.66
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
f87767aa5d828116087b0e4c504f7cc7903d9b032572b2d2cd585301ccf03afc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:33 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Wed, 11 Sep 2024 02:11:30 GMT
server
nginx
etag
"66e0fc52-15a"
content-type
text/css
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
346
expires
Thu, 31 Dec 2037 23:55:55 GMT
wpforms.min.css
www.heralddemocrat.com/wp-content/themes/blocksy/static/bundle/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/themes/blocksy/static/bundle/wpforms.min.css?ver=2.0.66
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
f561b0ce92b0ef732c3b4a2ed775a156db5c2ac04843c39a069b196cdd57d6d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:33 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Wed, 11 Sep 2024 02:11:30 GMT
server
nginx
etag
"66e0fc52-79d"
content-type
text/css
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
1949
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
www.heralddemocrat.com/wp-includes/js/jquery/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:33 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Thu, 11 Jan 2024 02:59:19 GMT
server
nginx
etag
"659f5987-15601"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
87553
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
www.heralddemocrat.com/wp-includes/js/jquery/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:33 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Fri, 18 Aug 2023 02:57:13 GMT
server
nginx
etag
"64dede09-3509"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
13577
expires
Thu, 31 Dec 2037 23:55:55 GMT
wsp-main-script.js
www.heralddemocrat.com/wp-content/plugins/wp-smart-preloader/assets/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/plugins/wp-smart-preloader/assets/js/wsp-main-script.js?ver=1.15.2
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
2fd918dff436fa938f8cc0de7fd3b89afe5c78df720658d54233099a9aded3cb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:33 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Fri, 13 Sep 2024 16:24:04 GMT
server
nginx
etag
"66e46724-c13"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
3091
expires
Thu, 31 Dec 2037 23:55:55 GMT
croad-auth.js
www.heralddemocrat.com/wp-content/plugins/cherryroad-media-paywall/public/assets/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/plugins/cherryroad-media-paywall/public/assets/js/croad-auth.js?ver=6.6.1
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
4a616448e18a137dd26b1297bc5cbf93a26dce6bff1993bc7f1b9351a45af9fa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:33 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Tue, 11 Jun 2024 04:46:31 GMT
server
nginx
etag
"6667d6a7-cf8"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
3320
expires
Thu, 31 Dec 2037 23:55:55 GMT
checkout.js
www.heralddemocrat.com/wp-content/plugins/cherryroad-media-paywall/public/assets/js/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/plugins/cherryroad-media-paywall/public/assets/js/checkout.js?ver=6.6.1
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
6e212282ea85debb0036d1829094614d25044655149499710e57365b78a8aa61
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:33 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Tue, 28 May 2024 18:55:44 GMT
server
nginx
etag
"665628b0-4653"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
18003
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		253 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8Y10R17R20
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
885543b46bfe1fa326e9c69c7e659dc2b3224e6f4751a4c389db1f81c17201af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91480
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Sep 2024 01:59:34 GMT
flipptag.js
cdn-gateflipp.flippback.com/tag/js/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201256590
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-32.fra60.r.cloudfront.net
Software
envoy /
Resource Hash
e2d949342e41fbc250d2e6505c28f0f5ca9ce0bd5c74bd202ac1c456cac065c8

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
content-encoding
gzip
via
1.1 13c8b9a0a39ad1238a922185ad5547fc.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA60-P10
vary
Origin,Origin, Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-store
x-envoy-upstream-service-time
4
x-amz-cf-id
45Li0NEwvpnIWqxt1TVxGQMHSY_SAG-61_zBvtRNZt1IDuINkAGjEQ==
flipptag.js
cdn-gateflipp.flippback.com/tag/js/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201256591
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-32.fra60.r.cloudfront.net
Software
envoy /
Resource Hash
e2d949342e41fbc250d2e6505c28f0f5ca9ce0bd5c74bd202ac1c456cac065c8

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
content-encoding
gzip
via
1.1 13c8b9a0a39ad1238a922185ad5547fc.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA60-P10
vary
Origin,Origin, Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-store
x-envoy-upstream-service-time
3
x-amz-cf-id
KHiJO8yS6TaNU0Fpwn0mrcFpmZWV6H4ZnqvaECQ_ES3m7MzDBMLOFA==
plausible.js
analytics.cherryroad.com/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.cherryroad.com/js/plausible.js
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.228.225.157 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 16 Sep 2024 01:59:34 GMT
x-content-type-options
nosniff
Server
nginx
Content-Type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
1346
Herald-Democrat-2048x273.jpg
www.heralddemocrat.com/wp-content/uploads/sites/109/2023/09/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heralddemocrat.com/wp-content/uploads/sites/109/2023/09/Herald-Democrat-2048x273.jpg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
850c6e0d5906fa6f52c6a562884cca45e6570b2d0abd55d86dd2f5b8815fcef5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:33 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Wed, 06 Sep 2023 13:29:17 GMT
server
nginx
etag
"64f87ead-b6b4"
content-type
image/jpeg
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
46772
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		105 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9b990b6fa6925bb08e5c192f93156c1fddaa84c014eba26a40f7b8eb053362b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32564
x-xss-protection
0
server
cafe
etag
613 / 19982 / 31087006 / config-hash: 6381089854016581128
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 Sep 2024 01:59:33 GMT
jquery.clicker.js
www.heralddemocrat.com/wp-content/plugins/adrotate/library/ 		373 B
955 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/plugins/adrotate/library/jquery.clicker.js
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
84cd0fb32bf843e30cc16d02263c6105d6c3acf7526ef55faea1afaadcd57b64
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:33 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 09 Sep 2024 13:22:38 GMT
server
nginx
etag
"66def69e-175"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
373
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
www.heralddemocrat.com/wp-content/themes/blocksy/static/bundle/ 		32 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.66
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
3ca8950cd767ead3a700e3c568e9350fad0f6653565d13418140ca5408c38ea1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Wed, 11 Sep 2024 02:11:30 GMT
server
nginx
etag
"66e0fc52-81e2"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
33250
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
www.heralddemocrat.com/wp-content/plugins/blocksy-companion-pro/framework/extensions/cookies-consent/static/bundle/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/plugins/blocksy-companion-pro/framework/extensions/cookies-consent/static/bundle/main.js?ver=2.0.66
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
9c04ae62036bd323c78d2357d2446e3cef0e115bff1f8217808d81cf126b6511
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Wed, 11 Sep 2024 02:15:21 GMT
server
nginx
etag
"66e0fd39-1567"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
5479
expires
Thu, 31 Dec 2037 23:55:55 GMT
cr_dep_best_of_widget.js
www.heralddemocrat.com/wp-content/plugins/cr-dep-best-of-wp-plugin//scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/plugins/cr-dep-best-of-wp-plugin//scripts/cr_dep_best_of_widget.js?ver=6.6.1
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
e13491499f5b076127246b7d73d8a4e086307134f138d0bf66655bd26eacc7a0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 03 Apr 2023 14:16:34 GMT
server
nginx
etag
"642adfc2-4eb"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
1259
expires
Thu, 31 Dec 2037 23:55:55 GMT
cr_dep_contests_and_sharing_widget.js
www.heralddemocrat.com/wp-content/plugins/cr-dep-contests-and-sharing-wp-plugin//scripts/ 		915 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/plugins/cr-dep-contests-and-sharing-wp-plugin//scripts/cr_dep_contests_and_sharing_widget.js?ver=6.6.1
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
413b625283ac8d78c57b6fa93c1a0fc87e33e4e543691a73e8150af4d849a9a4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Tue, 13 Feb 2024 15:46:23 GMT
server
nginx
etag
"65cb8ecf-393"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
915
expires
Thu, 31 Dec 2037 23:55:55 GMT
qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8
api.maxaccess.io/scripts/toolbar/ 		801 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.maxaccess.io/scripts/toolbar/qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
bd9a74c61bb542366a8b3a959447594562a99b1d53297585e376515ac8ec1aec

Request headers

Referer
https://www.heralddemocrat.com/
Origin
https://www.heralddemocrat.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
G0DJAP97PQ05E8B2
x-amz-server-side-encryption
AES256
cdn-cachedat
09/16/2024 00:20:32
cdn-pullzone
1640439
x-amz-id-2
1L1g4j3nLh4c6EQqEvy/5Jg7jYErfmZECmsTb/Zq959zejjcwsxOLLHnbjyp58GQazrUvrrMqrM=
last-modified
Fri, 13 Sep 2024 20:52:32 GMT
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"3e4f61de60585ecf8a90856a628c2120"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
cdn-requestid
336a4a854f44c0a55f38750d9da5ac60
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
i7dOIFdwYjGaAMFtZd_QA1ZbYFc.woff2
fonts.gstatic.com/s/albertsans/v1/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/albertsans/v1/i7dOIFdwYjGaAMFtZd_QA1ZbYFc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Albert%20Sans:wght@500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7372b629e997f9980d46c4dea3a384f8d1c9f2fcb21ad395711d14f80fda8c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heralddemocrat.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 12:15:41 GMT
x-content-type-options
nosniff
age
481433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32208
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 18:26:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Sep 2025 12:15:41 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409110101/ 		480 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409110101/pubads_impl.js?cb=31087006
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
d72bb9bb78332c65fa76e41498792ef6a1b87f65fdd702e39758d6501d57a45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 14:24:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
41716
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153463
x-xss-protection
0
server
cafe
etag
8412016981113913088
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 15 Sep 2025 14:24:18 GMT
beacons
p.flipp.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p.flipp.com/beacons
Requested by
Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201256591
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-37.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA60-P4
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.heralddemocrat.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
x-amz-cf-id
pBPb5UdJGDTKmPEmIhEaL91nfIx8Ccq4d2s8tKKiIsjw3GN0UuhBjA==
712559.gif
idsync.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/712559.gif?partner_uid=61190547-86f2-46f2-a48f-9986863e3996
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8Y10R17R20&gtm=45je4990v9112395372za200&_p=1726451973871&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1226174900.1726451974&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1726451974&sct=1&seg=0&dl=https%3A%2F%2Fwww.heralddemocrat.com%2F2022%2F10%2F13%2Fentertainment%2F-news%2F-107%2F&dt=Page%20not%20found%20-%20Herald%20Democrat&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4168
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8Y10R17R20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 01:59:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heralddemocrat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ 		71 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=2983694753227062&correlator=3955416180749802&eid=31079957%2C31086814%2C31087006&output=ldjh&gdfp_req=1&vrg=202409110101&ptt=17&impl=fifs&iu_parts=22655122517%2Cheralddem_ros_footer&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C970x90&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1726451974211&lmt=1726451974&adxs=640&adys=1005&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.heralddemocrat.com%2F2022%2F10%2F13%2Fentertainment%2F-news%2F-107%2F&vis=1&psz=320x50&msz=320x50&fws=4&ohw=320&td=1&egid=965&tan=908f166a-d625-4ad1-b9f4-0b5d02c59857&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1726451972279&idt=1910&adks=1414856592&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409110101/pubads_impl.js?cb=31087006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8876848363abe59b8e584bc50463d111e858b778e100fb96e94224598a2fd858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26519
x-xss-protection
0
google-lineitem-id
6328353072
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138436677369
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heralddemocrat.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eb2e1040fab4d5f41b0fbf27aa298863.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BDC7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2e1040fab4d5f41b0fbf27aa298863.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409110101/pubads_impl.js?cb=31087006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Sep 2024 01:59:34 GMT
expires
Mon, 16 Sep 2024 01:59:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8
maworkerapi.maxaccess.io/api/stats/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://maworkerapi.maxaccess.io/api/stats/qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8?domain=www.heralddemocrat.com&pro=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heralddemocrat.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=86400
cf-cache-status
DYNAMIC
cf-ray
8c3d42087ab217ad-EWR
content-length
26
content-type
text/plain; charset=utf-8
date
Mon, 16 Sep 2024 01:59:34 GMT
etag
W/"1a-XYL/gxIJHtnRkms0WFZnrj+mxPo"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dmTVCrGxpWF1YMro18O0HGXLWuV3RlMw7x1s4jmcAFleed0i8OhLkCLB8huokL3a5%2FuflpEFGnFKovkxst9pnKzl%2Bc1pYlYRNb1l4eKDbJBptNXW10H7Kwm1UVhftAqiDGyzf2kcIRlRrsA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
Express
css
fonts.googleapis.com/ 		3 KB
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans|PT+Serif
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d08e23dada04fc175fd186e20a2e08465b44b0162f1faed065cda8989a871859
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Sep 2024 01:59:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Sep 2024 01:59:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Sep 2024 01:59:34 GMT
qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8
maworkerapi.maxaccess.io/api/stats/ 		74 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maworkerapi.maxaccess.io/api/stats/qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8?domain=www.heralddemocrat.com&pro=true
Requested by
Host: api.maxaccess.io
URL: https://api.maxaccess.io/scripts/toolbar/qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4e3029b0c0a6d9dee17f136571e949dec2f26852128a8e218aa5eb711fbb3734

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"4a-y8GGA62tNO8nUJ+bGHv8NPwld2c"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZZ7IVvKrWZeGBLlbyIyDXBgc1aFDSZcGlw2hqhbuo9M9Hu%2Bjam9Udm5huHzWvRmpzGEojwalNiRug4s%2Fqn456et%2FM8AgEzzwe1tyPSAfdJvFBtoxva9zFsge1%2BsW4c7Mo8Al7li01i1ZrY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public,max-age=86400
cf-ray
8c3d4209cbf017ad-EWR
access-control-allow-headers
*
ae.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		262 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/ae.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
09943e355944d6870f74093d858503de204f02ca78f70122a5a7d74897134b6d

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1079
x-amz-request-id
ZJZ1V3FR9JTBSVY3
cdn-cachedat
03/26/2024 21:01:58
cdn-pullzone
1649454
x-amz-id-2
NfTUvoKaghh/+9ttH3pzfGDaVNQY2tTPd9BZ3Qi2/77DvFkaNejTxXqmQArz9JkNMDdQyZ2Foz0=
last-modified
Mon, 28 Jun 2021 17:45:03 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"7847726d0663899a3e31b3e21b6d2b68"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
252e5291af66cc33daf1a7b54f09e9a0
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
cn.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		743 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/cn.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
ab9a2dc6b1aaeaa7017b96904b7a760517ac9e57ee589ee6dd1238c7754bd8f6

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
A22FC44R1DAK8GEG
cdn-cachedat
06/16/2024 15:48:23
cdn-pullzone
1649454
x-amz-id-2
laqqTq3xgZVvE7hcvNI/0pJuPeCdWsnSp9yaIRKitLGrBURlkbRSJnpBgBvjBjtJ2aZDwGT+BQI=
last-modified
Mon, 28 Jun 2021 17:45:01 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"a94c93941a4d8907fc2be5a61841c2b9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
278d4020edf2fd09e518b8d971629a7c
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
dk.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		235 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/dk.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
feeb27682ce93b2e5fe14a32a67aa7141f505725daf8b6018864b0bbec103469

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
B5VHPXS04EJHV7JM
cdn-cachedat
12/18/2023 22:10:45
cdn-pullzone
1649454
x-amz-id-2
CxEghStDVhKXlqLhMJiWlJti279PWU15nOQY7tqZuz0drsdm1foGFb0H7HqMBUdRcYpvoseBcJQ=
last-modified
Mon, 28 Jun 2021 17:44:41 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"d046fb5b6363db6e655b3c1011c6f779"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
9ceb6e01aff9e711f9d252e5278601a9
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
nl.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		228 B
981 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/nl.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
426beba2bc0a7ae4079c8586509f6902dc9a6082f4a0ec7c71520572ac3f86c2

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
B5VHX05HHVJ57AA4
cdn-cachedat
12/18/2023 22:10:45
cdn-pullzone
1649454
x-amz-id-2
8TnWXBXOBteDRsB4LwJ+UoxbMBs+gU7yqPnzidrJvrGmw2pa0u4W5V4rPH6FqEH8/qe1xIqHYWY=
last-modified
Mon, 28 Jun 2021 17:42:24 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"390aa40fd896fda40718cf28e5b20ba5"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
af4a5987c9255d3f6b55886cc1620e40
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
au.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/au.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
dfc984d3a89cfdcaf4417482af869ee04c6d0399aa2905c7d3b5d09d5af4aa5a

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
B5VJE6AKSABVPP9K
cdn-cachedat
12/18/2023 22:10:45
cdn-pullzone
1649454
x-amz-id-2
BTFErlzMblaiF4DoEZ+89zBzm7+8yUq/m08hfZm1sVBWi49stwidUt4DiSoGkkPOH1Hm17FptPw=
last-modified
Mon, 28 Jun 2021 17:45:10 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"9b18ee0449e1b5cd1c783fda310eed4f"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
8c05d79244a46c79a6e26c053db39127
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gb.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		541 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/gb.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
6ce6ebb0c16f1f4aa74a78a5db382783545d1ca28f2b6133b6228b4dff0340f0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
B5VW6F1HWHKGQEWB
cdn-cachedat
12/18/2023 22:10:45
cdn-pullzone
1649454
x-amz-id-2
LwENHHaM8v+hGHtBNfwxpXZ+cpAtZQuNuR2zzjXE+AYm8Yjy1ue0R9uRrL1LAx+uWh6tZxGidXI=
last-modified
Mon, 28 Jun 2021 17:44:30 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"5db9fea0ec9e05cfb98e7387be5d0aa7"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
40245fa1f097650c6a61b39ca7bc2ab9
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
in.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/in.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
dd68b8ac425f8b0e1a479337e4fb6e8c647241f5042e63ba4cd9853e5e3b661b

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
B5VQS844VCFMS9CE
cdn-cachedat
12/18/2023 22:10:45
cdn-pullzone
1649454
x-amz-id-2
JL9TjYZ83V0Aaus4A94DFXrXI2rnIHL3KTmNQ5nNXHaeqwAaDZiSvoXaQ9EFxqW//iba+oISHNw=
last-modified
Mon, 28 Jun 2021 17:43:08 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"209ae8e9585774eb4fe32c001f7c63cc"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
3ac39ec5145031abc6332e3f0307366d
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
us.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/us.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
c4ffd0455cf50bc1683646dc77e7263d81cffad51f36d3c39b85a9848fb5a196

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
B5VQBYNP38WZXKH6
cdn-cachedat
12/18/2023 22:10:45
cdn-pullzone
1649454
x-amz-id-2
2+dcc7RaL93j2+MOG4YQBPuToTUMt/DDNp8NhouPCTPL/yHUGaPMECpIjLM23QL9Mj3Ca43vp7Q=
last-modified
Mon, 28 Jun 2021 17:42:09 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"8ec583188aba7e9426580350312d97a5"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
b841fd7094f1410a4882f4cde30bfba7
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
fr.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		292 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/fr.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
5d247ee39647a05667b52e04510b76ae465c009da242ff8d98637d138ea410ff

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
B5VX03J83410RMFC
cdn-cachedat
12/18/2023 22:10:45
cdn-pullzone
1649454
x-amz-id-2
66m+DWmDkMtajixBpZN0Ej0nh9di8niQztth6sp84DNxK1WAWHcKKUMReGDTatFBeWBfw2iR5yU=
last-modified
Mon, 28 Jun 2021 17:44:27 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"f8952213641bba462c7314007909d394"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
73ac5481bb2d659ba5bc5fb37a65898f
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ca.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		708 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/ca.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
85ee89fa698c2efcad4817723fac44311ca520da3be63f52a10e21c3f65e8fad

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1079
x-amz-request-id
3A99MER8MAY9WY39
cdn-cachedat
04/26/2024 02:24:41
cdn-pullzone
1649454
x-amz-id-2
Osips08I9tk4Vt0XAobzorStXSCTlIQFCrI9a5f61frl+E2ac5yHIi8GPXKK+fvPv7uwCCWiO5M=
last-modified
Mon, 28 Jun 2021 17:44:56 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"8678fc67f7ebd50a5fc7c12a39ab93a2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
9530957fee69a2945a6dbd779a1e7b84
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
de.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		221 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/de.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
d7cc619b1c880981e17adba3bd44cb8addfff1d63e7cb2b4d59a88abe5ff31e0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
SAKCHGBR2ANBFF8H
cdn-cachedat
09/04/2024 11:13:23
cdn-pullzone
1649454
x-amz-id-2
x8+eOrP0ZrUFNmoTXiL4i45ZfGGFN/vqekehHkOioX0cteyurTwKUDMUtiUeOIx/j1XeUkf4E3QsUZsc7Bokknxi2uj0FMbEsCPWWim1iUA=
last-modified
Mon, 28 Jun 2021 17:44:40 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"4d7bac3b0b9ab578b009c54fecd5d06f"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
d12e72da2f7a2e668556886562aea3b6
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
is.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		532 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/is.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
2f1d30b23f1853e23923474b0fb9c038922af236afff111bb58d29c251f78fdb

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
B5VPK8YBFMHE3JPJ
cdn-cachedat
12/18/2023 22:10:45
cdn-pullzone
1649454
x-amz-id-2
n5hEQzYAAHx8jQeBETXSytC9H2n+jxGBfcTB/48DRFlqlbqD7OHBzlYnhhzgZaHIS7SV8qW2cNs=
last-modified
Mon, 28 Jun 2021 17:43:10 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"d41b2a812ef802de9e1a104e9faee10d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
b01b211bb0efad812bc14387785fe88d
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
it.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		292 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/it.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
28a4339b1dc59c4e776f6bf07f51117de9fade0a8a749492e478764b8bd8c2f2

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1079
x-amz-request-id
ZJZEA2WVQR2XBKRX
cdn-cachedat
03/26/2024 21:01:58
cdn-pullzone
1649454
x-amz-id-2
kCi4z+gC7/fFqwRmHhREsUXKN3h+OLZ6PtThEOlhJ+oqDfDeclww9vfcd1esu4s6y/KhYPxAa04=
last-modified
Mon, 28 Jun 2021 17:43:11 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"22b99ae704f3de63285bc9b9411c5031"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
0034c9b7bc2ab9fdb8781de36d76f563
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
jp.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		490 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/jp.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
6a891f06b60c5a190e82bdda8f3cd41f9b6348dddc06a7624910e60a34ea314c

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
B5VQW5PE28WG2R02
cdn-cachedat
12/18/2023 22:10:45
cdn-pullzone
1649454
x-amz-id-2
HQ8o0Dcp3vMvF/HNuxwI+Ocud6BUBguCo+UsBEbEuCX3SvAjfTdJ8ZjV36P7xTJwhjtka5L7F5E=
last-modified
Mon, 28 Jun 2021 17:42:48 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"29a38a76d5729998577fcebdc3a8994d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
fc9b018500e3862f9e0acb7c50c73b3d
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
kr.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/kr.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
187537637e279af49ec4726a470979363d9df711adb00ae2e638b4ebfe640c33

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
B5VSVY69F64EBCDB
cdn-cachedat
12/18/2023 22:10:45
cdn-pullzone
1649454
x-amz-id-2
oVDcte9J7qaT9n5LXtjR0PDAAUm2LfpR2wjaA9JmQ22ThB3zI0twfoltTy06iF9m7+4SwbolomA=
last-modified
Mon, 28 Jun 2021 17:42:52 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"9a31f1e10481e962f43b91dc9ce63b02"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
cad6c62fd2aa5537912b54f82c213c9a
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
no.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		321 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/no.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
567df11f5e12f95a4c707234127ad878db61c286cfdd034dbcab8c4222c4af25

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1079
x-amz-request-id
ZJZFN0RFKX5HTSX4
cdn-cachedat
03/26/2024 21:01:58
cdn-pullzone
1649454
x-amz-id-2
694qYi/lc465siLSySBkl+6TOhEB23t+bJG0eV+c+jkX0ELweVMUXhS8tNY7WB/DKcJhNSPzUsU=
last-modified
Mon, 28 Jun 2021 17:42:25 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"b7a21f544f617a59abff3dac02d9101b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
291e754e13abe2a9eb27870007750545
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
pl.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		222 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/pl.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
d7c4aadb69ef13492016a7b2995020f9d754d128f9354dd742c32d420c3340ad

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
XPCKPGA1MN1DPJ52
cdn-cachedat
08/04/2024 11:05:06
cdn-pullzone
1649454
x-amz-id-2
a8PdgO6ML8HVw9nOcOWothv9eI22ytcZ/HXFbn/C03PB9l5TEPRIsd3J7OTngY5i1ghYRBusq+o=
last-modified
Mon, 28 Jun 2021 17:42:31 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"3fe3bd51a504e4239ca5adaeb17a1651"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
4f1111a7f290bb73334b1240df1bd7c1
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
br.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/br.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
38e5114c9912eb4f5f1944b4e43eeb96791ef552d855a2f16e177ce7ce145d5e

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1079
x-amz-request-id
EYDP48ZXVA9XEPN6
cdn-cachedat
08/30/2024 10:36:32
cdn-pullzone
1649454
x-amz-id-2
zToJ4GKfPxPeVkpzwTPv8Q5R9sOCcFwvkeSxsfyXCECsJ3R9E0oCa1NDlurPmE4qL1TUjobQDxQ=
last-modified
Mon, 28 Jun 2021 17:44:53 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"ef701aba4f5dc68beb3166d7a19c8787"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
6c9fbd54ad137cebcab111b19243602f
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ro.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		305 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/ro.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
da9e0ce1ebd0f466ff68500173fe067212d304b8f4594f54bd61bd3e5409c7a9

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
726RNP7FSQPH5W9N
cdn-cachedat
05/18/2024 20:57:12
cdn-pullzone
1649454
x-amz-id-2
CEVdNBY1oUbJzotkmpN9FazN//UK4IoTOWVeoAjV0hNEccqAUzRrQCRTqkK7j/bk71yQm9PJN44=
last-modified
Mon, 28 Jun 2021 17:42:11 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"22278e1314d8e81440639fe8d1e6061a"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
3e0a5126d98b2dc121860920b1906f15
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ru.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		290 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/ru.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
bb2782a916b1a28eb081895afa90f4ed5dca5df320b9cc95f867bc2a26e29064

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1079
x-amz-request-id
ZJZ9VTD04VSB4B7A
cdn-cachedat
03/26/2024 21:01:58
cdn-pullzone
1649454
x-amz-id-2
K+UEieg0q63K5ikdzI2wg1cxupWQfmtOGz+36b/Er3lTvruEXlAuPEWLDt61esFgrY8S6YHF6Cg=
last-modified
Mon, 28 Jun 2021 17:42:12 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"e3ee3b099783ef393f2f4dabdc75d5bc"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
b04255df601abea24f6be0b11e06a1b4
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
es.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		90 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/es.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
bfe2d95adf69f339badcf901e33d12c0b6146d7d16a1100b12c3abc13dc3521c

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
HNMJHJ0BFA8Z3C9C
cdn-cachedat
07/07/2024 10:08:48
cdn-pullzone
1649454
x-amz-id-2
KGoWXg4SNOd+0oR2664mAcYIfrAfvZ+DYqA21YpeP3ZTRl94gTlKDofvlJWWBqqUpAhNysUInVo=
last-modified
Mon, 28 Jun 2021 17:44:47 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"afff247381e7ebe7d31b609f33eca644"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
859fc096dd81661a3115867006b8c36b
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
mx.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		88 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/mx.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
b67b689c0045cb4e8a4d5a439adbbf4c471cc090cbeb7ba7b2aed0eeabdbef3e

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
B5VXJXH1M3RJ8KKV
cdn-cachedat
12/18/2023 22:10:45
cdn-pullzone
1649454
x-amz-id-2
w97ZFjWn9XrDZ3Hc6KVoWzDFe31VqNo1CBJoDHcQlPj7V8CrFTtyB2u5Owx3AKZp/P4DR8SzQnI=
last-modified
Mon, 28 Jun 2021 17:42:45 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"3aa223c8cc48eba75fbb57fcc20ce7cc"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
429ed6eec7b77886712e6ad1073339f9
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
se.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		239 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/se.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
e4880df5da3ea0b17c33b51e3bd7be5ccd92223fdece894c8aee107f43ad3393

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1079
x-amz-request-id
B5FHZJZSW1WXX241
cdn-cachedat
07/17/2024 07:23:24
cdn-pullzone
1649454
x-amz-id-2
nffl05HRvJcXL3I9bxskSLYua7s1kU+BlY07Ci7ZZ/PIIxXSY0BZHwf9HrOfsuX8IXBjlcKuC3c=
last-modified
Mon, 28 Jun 2021 17:42:15 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"92c66d8396d5604a9b8fc05153e9163e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
76b7281093bc31698533c307c7efbbd3
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
tr.svg
scripts-cdn.maxaccess.io/assets/flags/1x1/ 		575 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/flags/1x1/tr.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
74e60d09369c164cc245d49d109c78ea322a117e0fe58945c380b65a71c691ae

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
BEPAD56BYZYF0YKW
cdn-cachedat
03/31/2024 14:03:10
cdn-pullzone
1649454
x-amz-id-2
+hzfKz/QnunX5/wtop3ORQ57A0RR54FGhN6ImwbmEYKBF7XqO8eTHTBbwusxo0NlFwmQOQePUJc=
last-modified
Mon, 28 Jun 2021 17:42:04 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"ce2e2e8e0650cfed7548dd59c2c184c5"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
29c404b3a51ce11b5b96f22d858dfe2e
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec71eac0910169551730a7706d5405cc9a3e7f996fbd7f1571f4f69d0003d1b4

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
universal-access.svg
scripts-cdn.maxaccess.io/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/icons/universal-access.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
467de2817c74e4ddc78a4308d0e28a2225fbc699cda3cada0f66af4202ebb4bf

Request headers

Referer
https://www.heralddemocrat.com/
Origin
https://www.heralddemocrat.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
M7JAZFC889GMNVQ0
cdn-cachedat
12/18/2023 22:08:37
cdn-pullzone
1649454
x-amz-id-2
g6HwGjAN4gMUhfK1ptWc8MI4dpDV5DbBkvGZ1I/dKxHLOcf8Y/VCSLkviio+rqApnVj9aUjyzSw=
last-modified
Wed, 17 Mar 2021 18:29:29 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"bf429b3f98f6c7cd988636f31ab3c474"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
2d6a121b8a40283e4ceaf0e6c0522e01
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
circle.svg
scripts-cdn.maxaccess.io/assets/icons/ 		410 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts-cdn.maxaccess.io/assets/icons/circle.svg
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
9636ad386a6fd6e7952cc5332a01e49b1afbc233deb5d729b49a6fa2756f50ac

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-amz-version-id
null
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
790XKPT80Y30Y4TJ
cdn-cachedat
08/22/2024 09:20:59
cdn-pullzone
1649454
x-amz-id-2
cHP50+vPOdNmT0bmq3REON1m2KpWRDjNmV4Q0bJIIWErP9lVjpgxpDVMLlPGzg/Kd9oLBPmMnJI=
last-modified
Wed, 17 Mar 2021 18:29:33 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"a1a927f3916903b931f9cfd57071523d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
02f2fc2b41347c031977f03336239120
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
admin-ajax.php
www.heralddemocrat.com/wp-admin/ 		617 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-admin/admin-ajax.php
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/wp-content/plugins/blocksy-companion-pro/framework/extensions/cookies-consent/static/bundle/main.js?ver=2.0.66
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
51be0a98db8028986cf943d431281a576573c14b735ac3df43471509e43d3540
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryP3yHHoWZp0Ss9vVZ

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
transfer-encoding
chunked
connection
close
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.heralddemocrat.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
view
pagead2.googlesyndication.com/pcs/ Frame 26BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssAtPkyRYBXqQdj-pb-v8bRXBz3PowkHE81ZXldtyrSCp5OTl-WRb9bMWXvfn8v2BlxXBA-_eHV_EQgUtqANYwCmFVDdBKKj-gXteot69EsswpL7kVecrfVytjG_WYSBNeZGFFsz9avJdeB2-8CnGFDyRtnR_YEw-X5LG9wJWtT8obj995g-AvmMVkyB2xOTXgB7NUdK_12E8VvlJAaQueQ0_9efCcqWDsopFvgOtyW4VKeWws6-WJ0FwekJsESHTQ649vXbdk1H1pOhQbpvpU616ePb7PivtZlIkN1ebn8t1DUzLBMa7MMv4Tt3sbt1UKg2Au9qheAoBh0k6f_pSGp2qNM74V-n8xhxT3Zq5ooBDDGVhxIvzZm541FZeK6NOxzo6sUXw&sig=Cg0ArKJSzFmZ4Affp9NTEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240911/r20110914/ Frame 26BD 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240911/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409110101/pubads_impl.js?cb=31087006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
489fdeca9d256e68e9c4ea924a5509aa8ef8036f8c12a0fde16db8f4c830105d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 14:06:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
42811
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9262
x-xss-protection
0
server
cafe
etag
14810470635004434988
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Sep 2024 14:06:03 GMT
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240911/r20110914/client/ Frame 26BD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240911/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409110101/pubads_impl.js?cb=31087006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 14:06:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
42811
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Sep 2024 14:06:03 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 26BD 		207 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409110101/pubads_impl.js?cb=31087006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
992418da8591a4996a90951007267ea04646d24db772dd9a6d8670b7c39a9d75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:09:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
2982
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65687
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-7
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 Sep 2024 02:09:52 GMT
8043687546331039049
tpc.googlesyndication.com/simgad/ Frame 26BD 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8043687546331039049
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409110101/pubads_impl.js?cb=31087006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ffaf8890e3a5a3f7d9bf96f7c7d5169dde76f09cd7364058aaef751f30b60ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Tue, 10 Sep 2024 13:57:22 GMT
x-content-type-options
nosniff
age
475332
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115206
x-xss-protection
0
last-modified
Fri, 16 Jun 2023 19:29:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 10 Sep 2025 13:57:22 GMT
truncated
/ Frame 26BD 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51ff266da4d6f06954aec1c94c3ebc314cf18aedc793f3d946bce2a298209dbe

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
view
pagead2.googlesyndication.com/pcs/ Frame 26BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsul9jz-Ee22XKOjBcWiXmfPgumGfWSsL1uLDjJXgos4rzT5qEjSdwTNmTXg-A17a5NOCq826gTGh_6pEdzBADijCOmXvTaJJHKNQQuedqWH5jEk11jLCftLCTxWznNdodJHnEYwZGkrdxQQaw6F0Tilm-idbGMeebJ5B00NkoOUFtrPIc3KzgyJJdSQltJkOLuWAQL6431cikxl_4NU7hnje93T3NmQEZ7kuOSZUWMk93xMQ0tm3is5lxZFGE7lFdaFAlh3k_yUTKAKwCsEVg-lbj-0I5knYe0IyZQUJ8S1ZLeZ3bWcCzUg6AVY8yS9kq6vL30AIQDqkOQv_Q07qR_P6LnxpZKGY4t4hFVkiJHTL5AGwTW0tSL_nlrPiaxNQ1Hc2_TerT5E&sig=Cg0ArKJSzDNDfML8OeePEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 26BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 01:59:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.min.css
www.heralddemocrat.com/wp-content/plugins/blocksy-companion-pro/framework/extensions/cookies-consent/static/bundle/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/plugins/blocksy-companion-pro/framework/extensions/cookies-consent/static/bundle/main.min.css
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.66
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
e1afe2abb1332ec6af0bcd1713aeeb2c7e4abbbbbe8ab70bc1fa5cd98359e7d4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:35 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Wed, 11 Sep 2024 02:15:21 GMT
server
nginx
etag
"66e0fd39-92a"
content-type
text/css
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
2346
expires
Thu, 31 Dec 2037 23:55:55 GMT
event
analytics.cherryroad.com/api/ 		2 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.cherryroad.com/api/event
Requested by
Host: analytics.cherryroad.com
URL: https://analytics.cherryroad.com/js/plausible.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.228.225.157 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 16 Sep 2024 01:59:35 GMT
Server
nginx
Content-Type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
2
x-request-id
F_WW7KQg0x6FkWAgd0My
qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8
maworkerapi.maxaccess.io/api/fetch-cache/ 		0
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maworkerapi.maxaccess.io/api/fetch-cache/qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8?file=qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8-5ab3f57e27645070b0c0e13643fcde0c&bucket=https://tb-cdn.maxaccess.io/
Requested by
Host: api.maxaccess.io
URL: https://api.maxaccess.io/scripts/toolbar/qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
is-custom-cache
false
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
server
cloudflare
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JAdBuH%2FJQl7o2BsvCV10CIfaKCTwLfXBb18%2BhYO1iCzTZGbq8n7dEmxsf0mYqEYmo9HDgTp7RbfwoGSyoklpIjwANOymda8UEF7YNYsg0ofnBDYluktcGAF6a1SuO0Ttgvebu2x5BxuqN3c%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
is-custom-cache
cache-control
no-cache, no-store, must-revalidate
cf-ray
8c3d420c0dd617ad-EWR
access-control-allow-headers
*
expires
0
921.ea5565c86a4be1f7d88d.js
www.heralddemocrat.com/wp-content/themes/blocksy/static/bundle/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/themes/blocksy/static/bundle/921.ea5565c86a4be1f7d88d.js
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.66
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
d4bf98188e2531d6d5d412e054d77071677be60c823ab6489c5093874c2c74c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:35 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Wed, 11 Sep 2024 02:11:30 GMT
server
nginx
etag
"66e0fc52-1873"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
6259
expires
Thu, 31 Dec 2037 23:55:55 GMT
68.88f643c8b4c9266a5fc7.js
www.heralddemocrat.com/wp-content/themes/blocksy/static/bundle/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/themes/blocksy/static/bundle/68.88f643c8b4c9266a5fc7.js
Requested by
Host: www.heralddemocrat.com
URL: https://www.heralddemocrat.com/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.66
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
08d81744a97b4660060edf8ef700c18612c8d8c4357c2978666abd7e5c150f2d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:35 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Wed, 11 Sep 2024 02:11:30 GMT
server
nginx
etag
"66e0fc52-211b"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
8475
expires
Thu, 31 Dec 2037 23:55:55 GMT
queueSaveCache
apib.maxaccess.io/api/cache/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apib.maxaccess.io/api/cache/queueSaveCache
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:50f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heralddemocrat.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8c3d420e9b47924d-FRA
content-length
6350
content-type
text/html; charset=UTF-8
date
Mon, 16 Sep 2024 01:59:35 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GAB8yoDxNw0BwOpME1ZLaZX%2BVL4FetIgWRGtXjntN0%2Ba9F4cyZ6VtzUMBW2Rb28gwj7x6DngQySQBkf9H4O8eZIqn7o3MS2zsnodQnNS7W%2Bekfnkc1PQtIv%2BAKM%2FHHqjdl1z6O5fxQH%2BS3KCteLW0g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
updates.json
tb-cdn.maxaccess.io/dashboard/2357963b7c0522112299d2caf96e6445/arias/ 		2 B
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tb-cdn.maxaccess.io/dashboard/2357963b7c0522112299d2caf96e6445/arias/updates.json
Requested by
Host: api.maxaccess.io
URL: https://api.maxaccess.io/scripts/toolbar/qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cdn-edgestorageid
1080
x-amz-request-id
tx00000f66429ebfa6bb116-0066e4bee8-b9ece81-sfo2b
cdn-cachedat
09/13/2024 22:38:32
cdn-pullzone
1660872
content-length
2
last-modified
Tue, 07 May 2024 20:00:10 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"d751713988987e9331980363e24189ce"
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
x-rgw-object-type
Normal
cdn-requestid
d9d4e6e8cbbb3a13c1bcb43750d145e1
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
queueSaveCache
apib.maxaccess.io/api/cache/ 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202409110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409110101/pubads_impl.js?cb=31087006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
12e8a4b4fcbb0b4b379e0d17432999df4a6ec3224e4def9eb4d11262ad637d56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12954
x-xss-protection
0
cropped-cropped-cherryroad_logo_compact-150x150.png
www.heralddemocrat.com/wp-content/uploads/sites/109/2022/10/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heralddemocrat.com/wp-content/uploads/sites/109/2022/10/cropped-cropped-cherryroad_logo_compact-150x150.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.84.144.198 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
f8ed283eba26affe166aeb20e20ed027690bfd9e8c253f6a56a544bef6492682
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:35 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
last-modified
Wed, 06 Sep 2023 13:27:09 GMT
server
nginx
etag
"64f87e2d-42b2"
content-type
image/png
cache-control
max-age=315360000, private
connection
close
accept-ranges
bytes
content-length
17074
expires
Thu, 31 Dec 2037 23:55:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409110101/pubads_impl.js?cb=31087006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 Sep 2024 01:59:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0D09 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
22206
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 Sep 2024 19:49:29 GMT
expires
Mon, 15 Sep 2025 19:49:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8-93029caf3ea208f1108eb65201cb5c5e.json
tb-cdn.maxaccess.io/arias/ 		252 B
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tb-cdn.maxaccess.io/arias/qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8-93029caf3ea208f1108eb65201cb5c5e.json
Requested by
Host: api.maxaccess.io
URL: https://api.maxaccess.io/scripts/toolbar/qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
bacef4f1ae49020377dea448df83c7b736050f3321b981858ee3c4df5562ddcc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
tx0000092e218ad27fe0b36-0066e79107-b9ef01a-sfo2b
cdn-cachedat
09/16/2024 01:59:35
cdn-pullzone
1660872
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
403
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=0
cdn-requestid
c51b1148d5332deb79cbffd9be1632e5
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
403
cdn-requestpullsuccess
True
activeview
pagead2.googlesyndication.com/pcs/ Frame 26BD 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstc3zvhSsfksOH-i99XeSmlC6C1p3ggR78QwTnC0Yq7z4uijRFwjyiXdS5wtI3vyLZQ1LO8t9peKjmNh_oiptkJxTnBBlx9KETJgl8_h4r6w6adNRm2NjNMVnECJAGr4Qn6YoAP4JB5O7xm3SQ24srNe9dAroggpUjUd-E0vYM4YA&sig=Cg0ArKJSzE_Z_VpHwAq0EAE&id=lidar2&mcvt=1000&p=964,436,1054,1164&tm=1006.6999998092651&tu=7.199999809265137&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240911&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1414856592&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2238477400&rst=1726451974412&rpt=205&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 01:59:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
updates.json
tb-cdn.maxaccess.io/dashboard/2357963b7c0522112299d2caf96e6445/arias/ 		2 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://tb-cdn.maxaccess.io/dashboard/2357963b7c0522112299d2caf96e6445/arias/updates.json
Requested by
Host: api.maxaccess.io
URL: https://api.maxaccess.io/scripts/toolbar/qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.heralddemocrat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 01:59:35 GMT
cdn-edgestorageid
1080
x-amz-request-id
tx00000f66429ebfa6bb116-0066e4bee8-b9ece81-sfo2b
cdn-cachedat
09/13/2024 22:38:32
cdn-pullzone
1660872
content-length
2
last-modified
Tue, 07 May 2024 20:00:10 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"d751713988987e9331980363e24189ce"
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
08fddb31-4013-41f7-b5a6-f020ea91bed3
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
x-rgw-object-type
Normal
cdn-requestid
d9d4e6e8cbbb3a13c1bcb43750d145e1
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
saveAriaCache
apib.maxaccess.io/api/cache/ Frame 		0
0
saveAriaCache
apib.maxaccess.io/api/cache/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
apib.maxaccess.io
URL
https://apib.maxaccess.io/api/cache/queueSaveCache
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202409110101&jk=2983694753227062&bg=!j4yljMPNAAbpMHvgyTA7ADQBe5WfOBSLVAtfy4-u58pwp4r6cJaxK6sc6VWlHgcVbBC9qZIr_T6oSUS8S9JjVLco8V7gAgAAAD5SAAAAAmgBB34ANtHjiuHRnt2D2ZrmBvpLf3Fh2ePFzfdniJvci7XLxoUTYEBi-k0vgGiDyixCg2WdzF4Tb0XXZAoAA5ZOsJkCncjnqiLK8qlICkMT3eHkLqQqzflgi6ZfocEemoE4f6Fm9xoohv8vZ6iwolbQp0Dr1kOe_hd27NWVAqbQiPAL2xcgGfjNVis2rSMo-UPjFF-ByzucifyfgQjq52IP2tdJK-Dsx5Y3kXTK6Di_n_2W21V5f01deURMhQaJRahCJkQI1GMcoj98BuqW5hhfsngyinb3wHiKlyrq6V4iD66RQ89LN-dL6pZ6G2FGyNanKdPSdZqKiPoT51T0PO9AnEk-hJXinDM7PaYqQFCgJEVC5rRuDn1KlE8hdVqYbyIl4IqF1aMcjdWZQxFOvB52_4fKkuT0yQxI4s85WUNdQlR4kzjt-UlzUI9XjhDU35fU423j67M-Dzuf2fc4w2fXtUGtBCdK1PHlgHj9aZKLjLoXOkqKYStFeWRuqOGjtxTrwOqQ6cJu2TpaMklYLzmWZp2A6ZBu3pqIyaU7btcnV3AwtZGVa_KBO26LsSZveQdQuElp8jIhSaxzPIyAvB7fzW-CWWkJO4C9AfdJphoL4Vf5sWgSLo6xBHF7zul-XWHy5C9EBtnS8umCNUls7VYjQsKCIftf312WRZxALGngZKpx0tgE2XnucUhn3Kdxi85I7g1Mw9PCtpsRO6p60Zl2ej7ITQhNelY8BI1gxUEpchAyvXJnIIJ_MyX-_ZfRLGbT-OzoqQRgOOwFlxkKmBgeN6BKIUEgEMD8NKig4ZtiuqdKY9D8dmFs18L5UGGrK-gkeLIRRMk5rHNCaNueuFSKGpk3tj4mjUrHsi2hwHip4-1_5Tq4Ylq_hkrt1VBiJRw91DNfYV5409UuumozJmav8EduauQ59t45NFSP3bguYJk4mYUpcKBsa6xvxw21D6UvIyrhwgnA6CgFd3OPQzbg5w
Domain
apib.maxaccess.io
URL
https://apib.maxaccess.io/api/cache/saveAriaCache
Domain
apib.maxaccess.io
URL
https://apib.maxaccess.io/api/cache/saveAriaCache

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| oada_ma_license_key string| oada_ma_license_url object| a object| m function| jQuery object| wsp_obj function| gtag object| dataLayer object| flippxp object| googletag object| click_object object| ct_localizations object| ggeac object| google_tag_data object| google_js_reporting_queue function| handleMessageFromNative object| google_tag_manager object| gaGlobal object| google_reactive_ads_global_state number| google_unique_id object| oada_maxaccess_options_raw object| regeneratorRuntime boolean| OADA_ARIA_COMPLETE boolean| OADA_IMAGES_COMPLETE object| oada_maxaccess_options object| oada_maxaccess_customizations object| oada_URL object| oada_container string| oada_ma_version boolean| oada_toolbar_loaded string| oada_ma_flags string| oada_ma_icons string| oada_ma_api object| oada_user_script_assets string| oada_worker_url object| aria_manager object| tab_manager object| oada_user object| oada_parser object| SkipToAccessibilityToolbar function| $f function| Froogaloop object| OADA_TOOLBAR object| blocksyJsonP object| ctEvents object| ctFrontend string| domain string| base_url function| setIframeHeight function| getWordpressDomain function| setBestOfWidgetURL object| params function| plausible object| oada_cache_copy object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
www.heralddemocrat.com/ Name: PHPSESSID
Value: adti5nr2kgqp16mkhag9ap849d
www.heralddemocrat.com/ Name: flipp-uid
Value: 61190547-86f2-46f2-a48f-9986863e3996
.heralddemocrat.com/ Name: _ga_8Y10R17R20
Value: GS1.1.1726451974.1.0.1726451974.0.0.0
.heralddemocrat.com/ Name: _ga
Value: GA1.1.1226174900.1726451974
www.heralddemocrat.com/ Name: adatb_user
Value: {%22options%22:{%22contrast%22:{%22label%22:%22Default%22%2C%22class%22:%22ll-at-contrast-default%22}%2C%22fontSize%22:{%22label%22:%22Default%22%2C%22class%22:%22ll-at-fontsize-default%22}%2C%22fontFamily%22:{%22label%22:%22Default%22%2C%22class%22:%22ll-at-fontfamily-default%22}%2C%22clickTTS%22:{%22enabled%22:false}%2C%22language%22:false%2C%22profile%22:false%2C%22highlight_links%22:false%2C%22highlight_titles%22:false%2C%22monochrome%22:false%2C%22high_saturation%22:false%2C%22low_saturation%22:false%2C%22high_contrast%22:false%2C%22mute_all%22:false%2C%22hide_images%22:false%2C%22stop_animations%22:false%2C%22highlight_hover%22:false%2C%22big_cursor%22:false}%2C%22uid%22:%227kaifj9dsw3cyewpibf1sa%22}
.heralddemocrat.com/ Name: __eoi
Value: ID=ca687c585d9140ec:T=1726451974:RT=1726451974:S=AA-AfjaNOsN9ugXl6pIX4X1DpuGf
.p.flipp.com/ Name: gid
Value: "ASdzXAABQ6uYpbmtCMtt1Q=="

5 Console Messages

Source Level URL
Text
network error URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://idsync.rlcdn.com/712559.gif?partner_uid=61190547-86f2-46f2-a48f-9986863e3996
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://www.heralddemocrat.com/2022/10/13/entertainment/-news/-107/
Message:
Access to XMLHttpRequest at 'https://apib.maxaccess.io/api/cache/queueSaveCache' from origin 'https://www.heralddemocrat.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://apib.maxaccess.io/api/cache/queueSaveCache
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://tb-cdn.maxaccess.io/arias/qn8u4NEQyKTWKBMWs2GuBBKZfYtWahIx4aVMvhLJtydlQ5tof8-93029caf3ea208f1108eb65201cb5c5e.json
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.cherryroad.com
api.maxaccess.io
apib.maxaccess.io
cdn-gateflipp.flippback.com
eb2e1040fab4d5f41b0fbf27aa298863.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
idsync.rlcdn.com
maworkerapi.maxaccess.io
p.flipp.com
pagead2.googlesyndication.com
region1.google-analytics.com
scripts-cdn.maxaccess.io
securepubads.g.doubleclick.net
tb-cdn.maxaccess.io
tpc.googlesyndication.com
www.googletagmanager.com
www.heralddemocrat.com
apib.maxaccess.io
pagead2.googlesyndication.com
13.35.58.32
142.250.186.66
172.67.155.203
18.66.147.37
2001:4860:4802:32::36
207.228.225.157
216.58.206.34
2400:52e0:1e00::1079:1
2400:52e0:1e00::1080:1
2400:52e0:1e00::1081:1
2606:4700:3036::6815:50f7
2a00:1450:4001:800::2001
2a00:1450:4001:802::2001
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
35.244.174.68
74.84.144.198
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
08d81744a97b4660060edf8ef700c18612c8d8c4357c2978666abd7e5c150f2d
09943e355944d6870f74093d858503de204f02ca78f70122a5a7d74897134b6d
0ef9fed5b8cfa9525555cced28bcadb4285d6c83e2fb9ff06d178d054f7bbac2
12848ab44634232badfacb5c2d14f7a92c4757a39697c34e4fac187d0150619a
12e8a4b4fcbb0b4b379e0d17432999df4a6ec3224e4def9eb4d11262ad637d56
187537637e279af49ec4726a470979363d9df711adb00ae2e638b4ebfe640c33
1da9d7a10b2834bd35a28a56a929fe231bdb39a564612fd3441c6df817d8a0a8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28a4339b1dc59c4e776f6bf07f51117de9fade0a8a749492e478764b8bd8c2f2
2f1d30b23f1853e23923474b0fb9c038922af236afff111bb58d29c251f78fdb
2fd918dff436fa938f8cc0de7fd3b89afe5c78df720658d54233099a9aded3cb
340b0576fb30f8672a3a8b464aa173d54cb1f28329d39b3a27d0ee0aa6e1db69
342a41482120c9c5dbdc32a6d962e6ec54814a4d0b6466ba132827ae655187e7
38e5114c9912eb4f5f1944b4e43eeb96791ef552d855a2f16e177ce7ce145d5e
3ca8950cd767ead3a700e3c568e9350fad0f6653565d13418140ca5408c38ea1
413b625283ac8d78c57b6fa93c1a0fc87e33e4e543691a73e8150af4d849a9a4
426beba2bc0a7ae4079c8586509f6902dc9a6082f4a0ec7c71520572ac3f86c2
467de2817c74e4ddc78a4308d0e28a2225fbc699cda3cada0f66af4202ebb4bf
489fdeca9d256e68e9c4ea924a5509aa8ef8036f8c12a0fde16db8f4c830105d
4922c56e3c6327e2745c06e658633fcbd828473fbfdc66f8cdd39a9182fa0d24
4a616448e18a137dd26b1297bc5cbf93a26dce6bff1993bc7f1b9351a45af9fa
4e3029b0c0a6d9dee17f136571e949dec2f26852128a8e218aa5eb711fbb3734
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51be0a98db8028986cf943d431281a576573c14b735ac3df43471509e43d3540
51ff266da4d6f06954aec1c94c3ebc314cf18aedc793f3d946bce2a298209dbe
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
567df11f5e12f95a4c707234127ad878db61c286cfdd034dbcab8c4222c4af25
5d247ee39647a05667b52e04510b76ae465c009da242ff8d98637d138ea410ff
5ffaf8890e3a5a3f7d9bf96f7c7d5169dde76f09cd7364058aaef751f30b60ed
6164ee10fb6499724b98e75fea2b2a11913abc2487c22a8cab39825876441ed7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6680003a1d0db62147e52513b937e06f155f7bcc3a2e38563fa8cc547f96f833
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
6a891f06b60c5a190e82bdda8f3cd41f9b6348dddc06a7624910e60a34ea314c
6ce6ebb0c16f1f4aa74a78a5db382783545d1ca28f2b6133b6228b4dff0340f0
6e212282ea85debb0036d1829094614d25044655149499710e57365b78a8aa61
72ace6e9e63c775077be571f274a862fcc3d9913e43621a4bb4c6653a9b9d67c
74e60d09369c164cc245d49d109c78ea322a117e0fe58945c380b65a71c691ae
762eefe0f35eb617b648d3dc5c22b6e373b98ac738fdbf6dddb0fddf344b01dd
7da4e91d1592e385fb96fb72f675882485fd9eb2a12a08fc8d59865a9e9a4239
84cd0fb32bf843e30cc16d02263c6105d6c3acf7526ef55faea1afaadcd57b64
850c6e0d5906fa6f52c6a562884cca45e6570b2d0abd55d86dd2f5b8815fcef5
85ee89fa698c2efcad4817723fac44311ca520da3be63f52a10e21c3f65e8fad
885543b46bfe1fa326e9c69c7e659dc2b3224e6f4751a4c389db1f81c17201af
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
8876848363abe59b8e584bc50463d111e858b778e100fb96e94224598a2fd858
9636ad386a6fd6e7952cc5332a01e49b1afbc233deb5d729b49a6fa2756f50ac
992418da8591a4996a90951007267ea04646d24db772dd9a6d8670b7c39a9d75
9b990b6fa6925bb08e5c192f93156c1fddaa84c014eba26a40f7b8eb053362b5
9c04ae62036bd323c78d2357d2446e3cef0e115bff1f8217808d81cf126b6511
9cbcfda550ddf192c70e21c1d57cc4e9a7b9937f2a1a73ed067a8bd1fd9536c4
ab9a2dc6b1aaeaa7017b96904b7a760517ac9e57ee589ee6dd1238c7754bd8f6
b67b689c0045cb4e8a4d5a439adbbf4c471cc090cbeb7ba7b2aed0eeabdbef3e
b7372b629e997f9980d46c4dea3a384f8d1c9f2fcb21ad395711d14f80fda8c4
bacef4f1ae49020377dea448df83c7b736050f3321b981858ee3c4df5562ddcc
bb2782a916b1a28eb081895afa90f4ed5dca5df320b9cc95f867bc2a26e29064
bd9a74c61bb542366a8b3a959447594562a99b1d53297585e376515ac8ec1aec
bfe2d95adf69f339badcf901e33d12c0b6146d7d16a1100b12c3abc13dc3521c
c4ffd0455cf50bc1683646dc77e7263d81cffad51f36d3c39b85a9848fb5a196
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d08e23dada04fc175fd186e20a2e08465b44b0162f1faed065cda8989a871859
d4bf98188e2531d6d5d412e054d77071677be60c823ab6489c5093874c2c74c2
d72bb9bb78332c65fa76e41498792ef6a1b87f65fdd702e39758d6501d57a45c
d7c4aadb69ef13492016a7b2995020f9d754d128f9354dd742c32d420c3340ad
d7cc619b1c880981e17adba3bd44cb8addfff1d63e7cb2b4d59a88abe5ff31e0
da9e0ce1ebd0f466ff68500173fe067212d304b8f4594f54bd61bd3e5409c7a9
dd68b8ac425f8b0e1a479337e4fb6e8c647241f5042e63ba4cd9853e5e3b661b
dfc984d3a89cfdcaf4417482af869ee04c6d0399aa2905c7d3b5d09d5af4aa5a
e036850c54c75d39ef007312c0270739af109ddefcbe57f8220bb4048d7907d9
e13491499f5b076127246b7d73d8a4e086307134f138d0bf66655bd26eacc7a0
e1afe2abb1332ec6af0bcd1713aeeb2c7e4abbbbbe8ab70bc1fa5cd98359e7d4
e2d949342e41fbc250d2e6505c28f0f5ca9ce0bd5c74bd202ac1c456cac065c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4880df5da3ea0b17c33b51e3bd7be5ccd92223fdece894c8aee107f43ad3393
ec71eac0910169551730a7706d5405cc9a3e7f996fbd7f1571f4f69d0003d1b4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f561b0ce92b0ef732c3b4a2ed775a156db5c2ac04843c39a069b196cdd57d6d0
f87767aa5d828116087b0e4c504f7cc7903d9b032572b2d2cd585301ccf03afc
f8ed283eba26affe166aeb20e20ed027690bfd9e8c253f6a56a544bef6492682
feeb27682ce93b2e5fe14a32a67aa7141f505725daf8b6018864b0bbec103469