ohiodems.org Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ohiodems.org/
Submission: On February 15 via api (February 15th 2022, 11:09:07 pm UTC) from DE — Scanned from DE

Summary HTTP 83 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 20 domains to perform 83 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is ohiodems.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2021. Valid for: a year.

This is the only time ohiodems.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:fb:... 2a02:26f0:fb:5a3::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	99.86.3.125 99.86.3.125	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:206... 2600:9000:206f:3200:12:303c:8700:21	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
7	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
4	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
1	2600:9000:214... 2600:9000:214f:9600:14:79be:a380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
83	26

16 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

ohiodems.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:fb:5a3::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-125.fra6.r.cloudfront.net

iwillvote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:206f:3200:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)

d3rse9xjbp8270.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:9600:14:79be:a380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js2.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	ohiodems.org ohiodems.org	2 MB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
9	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 591 syndication.twitter.com — Cisco Umbrella Rank: 840	212 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	237 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 maps.googleapis.com — Cisco Umbrella Rank: 349	172 KB
5	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1397 pbs.twimg.com — Cisco Umbrella Rank: 688 ton.twimg.com — Cisco Umbrella Rank: 5241	65 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	528 B
4	ngpvan.com profile.ngpvan.com — Cisco Umbrella Rank: 51749 secure.ngpvan.com — Cisco Umbrella Rank: 61239 fastaction.ngpvan.com — Cisco Umbrella Rank: 150624	4 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	221 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	173 KB
4	cloudfront.net d3rse9xjbp8270.cloudfront.net	372 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 stats.g.doubleclick.net — Cisco Umbrella Rank: 67	2 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610	77 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6342	548 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	verygoodvault.com js2.verygoodvault.com — Cisco Umbrella Rank: 65526	24 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 546	30 KB
1	iwillvote.com iwillvote.com — Cisco Umbrella Rank: 307144	1 KB
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 703	67 KB
83	20

	Domain	Requested by
16	ohiodems.org	ohiodems.org
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com ohiodems.org
7	platform.twitter.com	ohiodems.org platform.twitter.com
5	fonts.gstatic.com	fonts.googleapis.com
4	www.facebook.com	ohiodems.org
4	connect.facebook.net	ohiodems.org connect.facebook.net
4	www.googletagmanager.com	ohiodems.org d3rse9xjbp8270.cloudfront.net www.googletagmanager.com
4	maps.googleapis.com	ohiodems.org maps.googleapis.com
4	d3rse9xjbp8270.cloudfront.net	ohiodems.org d3rse9xjbp8270.cloudfront.net
2	ton.twimg.com	platform.twitter.com
2	pbs.twimg.com	ohiodems.org
2	syndication.twitter.com	1 redirects platform.twitter.com
2	secure.ngpvan.com	d3rse9xjbp8270.cloudfront.net ohiodems.org
2	www.google.com	ohiodems.org
2	maxcdn.bootstrapcdn.com	ohiodems.org maxcdn.bootstrapcdn.com
2	fonts.googleapis.com	ohiodems.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	fastaction.ngpvan.com	d3rse9xjbp8270.cloudfront.net
1	cdn.syndication.twimg.com	platform.twitter.com
1	www.google.de	ohiodems.org
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	js2.verygoodvault.com	d3rse9xjbp8270.cloudfront.net
1	profile.ngpvan.com	d3rse9xjbp8270.cloudfront.net
1	www.gstatic.com	www.google.com
1	code.jquery.com	ohiodems.org
1	iwillvote.com	ohiodems.org
1	cdn.optimizely.com	ohiodems.org
83	28

This site contains links to these domains. Also see Links.

Domain
act.ohiodems.org
store.ohiodems.org
secure.actblue.com
fastaction.ngpvan.com
iwillvote.com
www.facebook.com
votefromabroad.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
iwillvote.com Amazon	`2021-06-29` - `2022-07-28`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
platform.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-29` - `2022-07-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-25` - `2022-02-23`	3 months	crt.sh
*.ngpvan.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-30` - `2023-01-14`	a year	crt.sh
*.verygoodvault.com Amazon	`2021-03-19` - `2022-04-17`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://ohiodems.org/
Frame ID: 4F29A8EB270A46BAD89BD51416F24BE5
Requests: 75 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fohiodems.org
Frame ID: 93E24BEC0EE65FC8FDDD5384BD6FB668
Requests: 2 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1492095674103566340/AnOsKTUM?format=png&name=600x314
Frame ID: 5F839AD3F08696AE1DC87D16B736CDCA
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B808EA96B649207D3F1363B0DE3F6B66
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5A24FDD6040B592BC1CA505DB0A9E07C
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 9EF84AC2998498DF15618932008F0070
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ohio Democratic Party

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

83
Requests

100 %
HTTPS

80 %
IPv6

20
Domains

28
Subdomains

26
IPs

4
Countries

3438 kB
Transfer

7138 kB
Size

17
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://act.ohiodems.org/a/odp-truth-team
Title: Join the Truth Team

Search URL Search Domain Scan URL

URL: https://act.ohiodems.org/a/odp-volunteer
Title: Volunteer

Search URL Search Domain Scan URL

URL: https://store.ohiodems.org/
Title: Store

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/2021-support/?refcode=websign2021
Title: Donate

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/twitter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: https://iwillvote.com/register/?state=OH
Title: Take Action

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OHDems
Title: Ohio Democratic Party

Search URL Search Domain Scan URL

URL: http://votefromabroad.org/
Title: Vote from Abroad

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

83 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ohiodems.org/ 25 KB
9 KB 1120ms
940ms Document
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 671d88419af82873bfe7e2e3bf5431f74bd952e3f5473ec108e51ba5c5a61704

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 15 Feb 2022 23:09:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
link: <https://ohiodems.org/>; rel=shortlink
x-fw-server: Flywheel/4.1.0
x-fw-hash: exinsehpq5
x-cacheable: NO:Not Cacheable
x-fw-serve: TRUE
x-cache: MISS
x-fw-static: NO
x-fw-type: VISIT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObNC0dgC%2BWTltQAudZNPJulr38xeP5uUmGLnaBLiQXX8TMFC%2FFzgIzEVuX9c1X9jaY7R8rcPIGcr9tyJbgiaJnaX78c0fBWPSlLekH7bZ6pnZltq8acDGgTyigxHMgNkKY%2FbJI4Fu%2BN3WHE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6de2338b3b4483af-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 338944120.js Show response
cdn.optimizely.com/js/ 199 KB
67 KB 205ms
118ms Script
text/javascript 2a02:26f0:fb:5a3::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/338944120.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5a3::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7cd72a40e5b18c07a4946978ffad3205ef00f9411dac392f4989b35df4377f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: 9AYEqhUUMq5Oh9dXr9djn4dBDWYeHi_e
content-encoding: gzip
etag: "90c7ffd1e74889817b8577bb593867c0"
x-amz-request-id: DYAMV24T05A7SWPD
x-amz-meta-revision: 101
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="2a02:26f0:fb:5a3::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 67854
x-amz-id-2: bs/mOqL9RT1C5idEEm9q1P3YMi1dFBK8qJlNVExx39JaewAWuBKyGMKMA8nQJm3vERPJWAcZ0zw=
last-modified: Thu, 01 Mar 2018 22:07:04 GMT
server: AmazonS3
date: Tue, 15 Feb 2022 23:09:01 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 style.min.css
ohiodems.org/wp-includes/css/dist/block-library/ 79 KB
11 KB 158ms
156ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Wed, 12 Jan 2022 08:18:11 GMT
server: cloudflare
etag: W/"61de8ec3-13abe"
x-fw-hash: exinsehpq5
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHxuj%2Bt6w54hJM%2FPb%2BY%2Bbs3x3ppwPZ3mx3IoOd3hBoqq9zo%2F%2B3eABfOm5B8K4E3D04oqQfVqh0qZVqiYgS358VWbRtApKGPv1xYwc2OLUVGsKt3is2dRU5B5XlPTiT79IYszlJRQc7ny3gA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-fw-serve: TRUE
cache-control: public, max-age=2592000
cf-ray: 6de233913ad583af-MXP

GET
H2 200 pum-site-styles.css
ohiodems.org/wp-content/uploads/pum/ 17 KB
4 KB 156ms
154ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/uploads/pum/pum-site-styles.css?generated=1643200408&ver=1.16.4
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d73b5c8b676dee3c1f8bd272a3151a4ff784ff4bba93fda28c4942c2edab5a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Wed, 26 Jan 2022 12:33:28 GMT
server: cloudflare
etag: W/"61f13f98-44ce"
x-fw-hash: exinsehpq5
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UV9YnLC9tKCyUgeo5S2S7CeTi4aVOnEwkUesKprxQtSSREUH2xy9hYokhFuZ0%2FwDFvNcqAkBqoeXKOXZWthGW7Q9J9VR3qJD%2BvwroGYCywjU3YeYnMnm9ydIutI0rJX6h32QeW2HIfRqDQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-fw-serve: TRUE
cache-control: public, max-age=2592000
cf-ray: 6de233913adb83af-MXP

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 43ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6fffc6df3e955cb0426d46fecba4ffd23e605f1da2055b9212bb652a1440dc65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 23:09:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 23:09:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 23:09:01 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/ 28 KB
7 KB 66ms
27ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 25829984
cdn-cachedat: 2021-04-23 01:05:48
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 4bc378fd9dd3577443ae5d67f41a8056
cf-ray: 6de233916a22f923-MXP
cdn-requestcountrycode: IT
cdn-requestpullsuccess: True

GET
H2 200 main-48ef26500a.css
ohiodems.org/wp-content/themes/ohiodems/dist/styles/ 196 KB
31 KB 146ms
144ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/ohiodems/dist/styles/main-48ef26500a.css
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39e923cd9b7b0e8f56dcb069a582132aa850d546ddf5ad9477e5b029dfca96b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Mon, 14 Jun 2021 20:29:47 GMT
server: cloudflare
etag: W/"60c7bc3b-31152"
x-fw-hash: exinsehpq5
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zNeI1bDGlJpYkdCt46W596KIIQaqatEchb1mnx18HT4JGdQTp1bnebwNP3lBc%2F6BetNw468JXqjYB9Y6KOpxjy1tFnFkY2sEGFJRH6l0DzXjyDh%2FZKt%2FU77LAv1KDgG0L6bY6xCjDPsSuc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-fw-serve: TRUE
cache-control: public, max-age=2592000
cf-ray: 6de233913ae183af-MXP

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
966 B 36ms
16ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eacfa8f55b323cbd47190382a9851e359181aae709d172d52b4da9303e86c56d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Tue, 15 Feb 2022 23:09:01 GMT

GET
H2 200 widget-v2.css
iwillvote.com/locate/ 3 KB
1 KB 45ms
7ms Stylesheet
text/css 99.86.3.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://iwillvote.com/locate/widget-v2.css
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-125.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08dd67a1f23a1f0929ab6aecb2ae6bba654fedc2e1fb4c52a685e67a23a122c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 22:21:05 GMT
content-encoding: gzip
last-modified: Tue, 15 Feb 2022 22:20:00 GMT
server: AmazonS3
age: 2877
etag: W/"521f174c960c58b357e753b9e2d5d9b2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: htxImbA-KJOV6I2LkxRuRYgLevWE7T8x1serwd4TZxJk9YBVi2luWw==

GET
H2 200 at.js Show response
d3rse9xjbp8270.cloudfront.net/ 843 KB
240 KB 34ms
8ms Script
application/javascript 2600:9000:206f:3200:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3200:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e76025b2e383dbf713da145d8adc3f1e2bc9e75704105b506e1c77d48118ece

Request headers

Referer: https://ohiodems.org/
Origin: https://ohiodems.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 15:32:53 GMT
content-encoding: gzip
age: 27369
x-cache: Hit from cloudfront
content-length: 245382
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 15:32:38 GMT
server: AmazonS3
etag: "b167a28d3e1606c83b71fdf2244090ba"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: rUFRrwRrDl1v0p5PvSYY6zi6Hzbk5LQGMqu0uOOCJyzDUzUanDMZMg==

GET
H2 200 at.min.css
d3rse9xjbp8270.cloudfront.net/ 111 KB
21 KB 34ms
7ms Stylesheet
text/css 2600:9000:206f:3200:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3200:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b42dbcc039746e0c556f667db409901aab984fe70c0decbc86485b061e756c86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 15:32:53 GMT
content-encoding: gzip
age: 27369
x-cache: Hit from cloudfront
content-length: 20668
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 15:32:38 GMT
server: AmazonS3
etag: "9ec59e44c19b2aa4c81ee4db9cdd7896"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: MgWXmMGOkEZGlrJo_JJ7kkme-UY2NXM45OEp6etFOEUlux1Eo5T2lw==

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 58ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1644966541.dop009.ml1.t,1644966541.cds215.ml1.hn,1644966541.cds012.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 core.min.js Show response
ohiodems.org/wp-includes/js/jquery/ui/ 20 KB
7 KB 133ms
132ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Wed, 12 Jan 2022 08:18:11 GMT
server: cloudflare
etag: W/"61de8ec3-5133"
x-fw-hash: exinsehpq5
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYNX9Z3lIRwyb7o6DttQYoih%2BUwzxWEou0XUXogwsTyP0fX8jzmuHECHX%2B8%2FqGXBnCYtqgpI00ZeErnRgMewRz8PzkZX2x38Co%2BTguxytWqbkU9WR74HUmH26PyebMprUoPNDReNNxXhStw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=2592000
cf-ray: 6de233913ae583af-MXP

GET
H2 200 pum-site-scripts.js Show response
ohiodems.org/wp-content/uploads/pum/ 68 KB
18 KB 138ms
137ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1643200408&ver=1.16.4
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90950dfae87dbc6b6d4af0bce7e15ae8794ab9203b09cd3336dd380bd1f209ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Wed, 26 Jan 2022 12:33:28 GMT
server: cloudflare
etag: W/"61f13f98-1101b"
x-fw-hash: exinsehpq5
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSJVOIDVoBPG1JghWepSHjp5XKDsaqMBmWzQdLJO4rwAWhud7PCQTzFn9ESoRAiKovZFQ25Y48eipsRYefFSEAhSfmyjElhtCiGnR3jBgIk7MvqFNZwgsIcb1%2BXFwKsTlDiRfTvSlmjtXf0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=2592000
cf-ray: 6de233913ae683af-MXP

GET
H2 200 modernizr-8895641e34.js Show response
ohiodems.org/wp-content/themes/ohiodems/dist/scripts/ 11 KB
5 KB 137ms
136ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/ohiodems/dist/scripts/modernizr-8895641e34.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 370f049a2458c34f7dc8d6eda8bc03c3a0f2ce147ceaab3e9dac9cae4a6109ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Mon, 14 Jun 2021 20:29:47 GMT
server: cloudflare
etag: W/"60c7bc3b-2af0"
x-fw-hash: exinsehpq5
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0o5uE82KMMq040Uh%2BsWx6KR%2Byy%2BfdqOjk9k3IPvPl%2FxPbXfNTWRL9mqooc6eF1iLtzu68LRbjV5q%2B1mI0tVgEXYMWlIW68Inj1szMzOMjl6dOXkFGHbI3kxjrcMa2dnZvZE2chRf8KHejE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=2592000
cf-ray: 6de233913aea83af-MXP

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 157 KB
52 KB 61ms
37ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

2fed36ffa9e506d580253524c7dcbbb96a1d0771d77b59b66b5578d598ca1d3b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52482
x-xss-protection: 0
expires: Tue, 15 Feb 2022 23:39:01 GMT

GET
H2 200 main-a16b202eb3.js Show response
ohiodems.org/wp-content/themes/ohiodems/dist/scripts/ 197 KB
53 KB 165ms
164ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/ohiodems/dist/scripts/main-a16b202eb3.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2470c6c388ac442808a285250328ffd6f010a2d3dacde4a41dc45fafefc2c97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Mon, 14 Jun 2021 20:29:47 GMT
server: cloudflare
etag: W/"60c7bc3b-3125f"
x-fw-hash: exinsehpq5
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdgqc%2F65eAvgJdgTmNQjB6eX11xr360n%2Bzf1k87huS6ZUE3xoKO6K0jygGIKuJWH648xTGfAr5iuegsI5L%2BWfs%2FVYjRHCm1uuz6quotohOhUSivP1TMBo0SpJEcOhvgDj5Mw4YMlutU2Kdk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=2592000
cf-ray: 6de233913aed83af-MXP

GET
H2 200 widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 36ms
6ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 20:03:56 GMT
etag: "94840c3a0697481258cd2b28513e7509+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=1800
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 29179
tw-cdn: FT
x-served-by: cache-iad-kjyo7100177-IAD, cache-fra19165-FRA

GET
H3 200 css
fonts.googleapis.com/ 2 KB
525 B 32ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/wp-content/uploads/pum/pum-site-styles.css?generated=1643200408&ver=1.16.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e9fbf3d824fd46e5a95966458246d1f26baae0e47d3dc732e2ce0f51b14d772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 21:45:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 23:09:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 23:09:01 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ 357 KB
142 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
Origin: https://ohiodems.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 22:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144562
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 22:10:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 74 KB
30 KB 53ms
31ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TR2MNXD

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

602ba01c63639a9753453e10ed7a0befc13fb678d09540e4405f4f4028739a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29910
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 22:23:30 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Feb 2022 23:09:01 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 25ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: ORl06+85wm/QX/umrwqRw8mBgqwuGmIB/Vj1AROrbke7pv/oCQR5tIfBzZkAmvIsvvtxONWK+eSNvwk31jgQPg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 15 Feb 2022 23:09:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
41 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5N8X83

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4442c0ffa4cb991b479b25a932bddab6ef2a12bd0ae4b131dd80b3d573354b1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42039
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 22:23:30 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Feb 2022 23:09:01 GMT

GET
H3 200 logo.png
ohiodems.org/wp-content/themes/ohiodems/dist/images/ 4 KB
5 KB 126ms
125ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/themes/ohiodems/dist/images/logo.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/wp-content/themes/ohiodems/dist/styles/main-48ef26500a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4f722d770732e5a7a11518982ec3339298bf91fe1eaf4ebfc310e280cbc98b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/wp-content/themes/ohiodems/dist/styles/main-48ef26500a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 15 Feb 2022 23:09:01 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4354
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Mon, 14 Jun 2021 20:29:46 GMT
server: cloudflare
x-fw-hash: exinsehpq5
etag: "60c7bc3a-1102"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tycNJDXHMJpXG6FuIRxdIxIKK0Na2iYrjFJHAYv%2FwDhb1v5Ix2G5IKpaCZsOC1d4DtbBCsUdlpgfBwUGEjuzntGyEcCm4CltndsJYCVSxAkgW0JNZ2Xc7I8kXtsMxWlrOj4ab%2B47T0Mm1rU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6de233932d090f4e-MXP

GET
H3 200 video-still.jpg
ohiodems.org/wp-content/uploads/2018/10/ 389 KB
390 KB 187ms
186ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2018/10/video-still.jpg
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53d10ba372155a0657ebd8cefe2c76f1a6bb8e27dcfd04bb1401f457cf926a6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 15 Feb 2022 23:09:01 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 398647
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Tue, 16 Oct 2018 18:43:46 GMT
server: cloudflare
x-fw-hash: exinsehpq5
etag: "5bc63162-61537"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMJH4BOZ8g6tqpjB%2BdIoUs3%2BHMOj%2F7NUXesPIu0GeS4Dk3FCSqh1zeT0skw53oIVE%2FRflAVotOzalCYJdCWRAT%2FNrQW0Fg9CudSHuFgWi3mdtfCq2CzgcFNAYLtzdoyOT65s3xPPB0BL55I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6de233932d0c0f4e-MXP

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 37ms
12ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiodems.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 537029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 17:58:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 38ms
13ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiodems.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 537162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 17:56:19 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 31ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiodems.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 531510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 19:30:31 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v22/ 24 KB
24 KB 40ms
15ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiodems.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:54:55 GMT
x-content-type-options: nosniff
age: 530046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24448
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 19:54:55 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/ 69 KB
70 KB 80ms
60ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
Origin: https://ohiodems.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-06-08 21:26:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70728
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 2f79e1d9d0fef4fa3e75535680e22401
accept-ranges: bytes
cf-ray: 6de233935c5e599b-MXP
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 meta-runforoffice-295x115.png
ohiodems.org/wp-content/uploads/2015/09/ 48 KB
48 KB 154ms
154ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2015/09/meta-runforoffice-295x115.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bab7e59de498e1e76a05252c66d7fe1e32b1d73fecad8708970b4e693146c51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 15 Feb 2022 23:09:01 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48923
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 05 Sep 2019 16:02:16 GMT
server: cloudflare
x-fw-hash: exinsehpq5
etag: "5d713188-bf1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efAmaVqwPqEG9VFXOeOh9XX7qVtc95CQru12DSWhNkMRhq%2FCpGre10FgMQOlwGuFyOmStWY23p8uPgoopavucZGATrgDt%2BYXrsTzyx7dp67KJlLeUmzQU7OilRdXKuVDcDnBf99Xapb16Nw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6de233937d6d0f4e-MXP

GET
H3 200 UPDATEDmask-295x115.png
ohiodems.org/wp-content/uploads/2018/10/ 23 KB
24 KB 205ms
204ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2018/10/UPDATEDmask-295x115.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8499f481f7d550511361c4b6978f2a14fb1dbc3c24554355da84600715d6e130

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 15 Feb 2022 23:09:01 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23848
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Wed, 03 Jun 2020 14:49:05 GMT
server: cloudflare
x-fw-hash: exinsehpq5
etag: "5ed7b861-5d28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xb4MtY3NwdPusfhzG4X%2FcSkP4lxl86RQosb1vHucvvxAaYlPlwBvh%2Fk6JU10tZxNstd%2FAUsVwMlqCcz0e2yRAsZ%2BLeO5fkrf0lFq%2F2Bh%2BMM7Y2LgJA1uwQ152cD3vdWaI%2BvoU2%2Bta%2BRUfKM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6de233937d6e0f4e-MXP

GET
H3 200 DSC_0011-1-295x115.png
ohiodems.org/wp-content/uploads/2019/09/ 67 KB
68 KB 206ms
189ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2019/09/DSC_0011-1-295x115.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3037e5f992beda4fda32b590e897a0806fe95aeb592114396e9b222668f1208

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 15 Feb 2022 23:09:01 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68703
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 09 Jul 2020 23:56:37 GMT
server: cloudflare
x-fw-hash: exinsehpq5
etag: "5f07aeb5-10c5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywZctW3aQRQ5RNXVpce0S38qb0%2BeYrxd7w7aWK8jH74QULPOHDznxgpTmXrEfolBPjsL%2BteA7FwKfx5RDuGt78wh3Mp8Zla6LhvuomF%2FY1a0x6RfYzEl%2B%2BSb%2FDQduEVqTHxO2Ljeu67wV9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6de233939d8e0f4e-MXP

GET
H3 206 hero-background.mp4
ohiodems.org/wp-content/uploads/2018/06/ 320 KB
0 192ms
192ms Media
video/mp4 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/uploads/2018/06/hero-background.mp4
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ohiodems.org/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server: Flywheel/4.1.0
Content-Range: bytes 0-1334062/1334063
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1334063
pragma: public
last-modified: Wed, 12 Sep 2018 19:55:00 GMT
server: cloudflare
etag: "5b996f14-145b2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: exinsehpq5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SG3ScTyzi7vYKetI7Y4jyvhnuk%2Fce%2FF99XyWEGuMvU1unddBRCxsR264OxX4r7iWCxdXEBj3mA4LhuFQo4CrGo6TQdm1bIl2rGKIVnIZ3M3rJqZZ6%2F5Z2dV7CEKPGFb%2Fu1qcbrTZVCDNMZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: public, max-age=2592000
cf-ray: 6de233939d910f4e-MXP

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 31ms
16ms XHR
application/json 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ohiodems.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 widget_iframe.4e067713e19d4fff483536ddc4df18b9.html Show response
platform.twitter.com/widgets/ Frame 93E2 319 KB
103 KB 7ms
6ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fohiodems.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/

Response headers

last-modified: Tue, 01 Feb 2022 20:00:09 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Tue, 15 Feb 2022 23:09:01 GMT
x-served-by: cache-iad-kcgs7200075-IAD, cache-fra19165-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 105433

GET
H2 204 identity Show response
profile.ngpvan.com/ 0
774 B 425ms
374ms Script
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
reason: Returned 204 - No Content. Referrer not whitelisted
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: Microsoft-IIS/10.0
x-powered-by: Express, ASP.NET
x-iinfo: 13-103777573-103777575 NNNN CT(-1 -1 2) RT(1644966540814 0) q(0 0 2 -1) r(3 3) U5
x-cdn: Imperva
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 113 KB
41 KB 38ms
22ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

007c8fe7c8089337771bed59d17ba2ac704cd236d541698baa339c2b01b183ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41654
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 22:23:30 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Feb 2022 23:09:01 GMT

GET
H2 200 extra.min.css
d3rse9xjbp8270.cloudfront.net/ 93 KB
16 KB 7ms
6ms Stylesheet
text/css 2600:9000:206f:3200:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3200:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26443d5cb676aae10bf2ddcbc13b5f4ea62acc1db5bd4b6ad4aeba25b019e8f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 15:32:54 GMT
content-encoding: gzip
age: 27368
x-cache: Hit from cloudfront
content-length: 15865
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 15:32:38 GMT
server: AmazonS3
etag: "3c04f258c67149d8de29e7f5588e1364"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: pR-w8C4kCnksh8AyEsvq4C763cZ5s1Yfp7rYaaTfUT5o-HksGjMLaw==

GET
H/1.1 200
OK AC2nt8erbFu3svSWxmyTZr1b.js Show response
js2.verygoodvault.com/vgs-collect/1/ 76 KB
24 KB 82ms
10ms Script
application/javascript 2600:9000:214f:9600:14:79be:a380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js2.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9600:14:79be:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18c7974cdab32e0e913639d2a48b6b5015677b61e6a6c92abbfaeae341b37799

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: s108w9ESk9MsUpkYVuIVY.XmC2guOF28
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 24 Apr 2020 20:22:27 GMT
Server: AmazonS3
Age: 36
ETag: W/"9b953aa54ddcf3f41bc5a40e25cf8452"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Tue, 15 Feb 2022 23:09:01 GMT
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: udNTTiUTRx3qjLCj9hDliQiwavFuDejbCNfk5DARgQk8Uscsaz8-sg==

GET
H2 200 vGsz3qFuOkqSPswtciZgag2 Show response
secure.ngpvan.com/v1/Forms/ 2 KB
2 KB 470ms
443ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/v1/Forms/vGsz3qFuOkqSPswtciZgag2

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ef5460203f0f5412e534fa35b0b55f8e10a98b83418496b034c4ad4ba293cffc

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ohiodems.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 13-103777588-103777471 2NNN RT(1644966540855 0) q(0 0 0 -1) r(4 4)
content-length: 1299
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
x-frame-options: SAMEORIGIN
date: Tue, 15 Feb 2022 23:09:01 GMT
vary: Origin,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ohiodems.org
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.52

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: zSh2IVkWXusPYXZ+48cpYqdV3u29WFiljK0WaojSpOx8DfVqWPQwVoWtEpbjkAOwTYFnfYekDSUIzUskrHe99A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 15 Feb 2022 23:09:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 830442327491061 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 151ms
142ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/830442327491061?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b52dbaa1ed9e1e9b0bd2eb48b861c53b6295aacb6eb3e3278bb9c0c6a16b0202

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: yxgl7XlO8ifbsQR9lU9s/7YYeOFqZptLJ/ikC24GAZbK263gafuMoRPrlkAuxaP6YM3ODf12hLm4kBjBdA33bQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 15 Feb 2022 23:09:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
62 KB 42ms
39ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T0MC8QX2ZT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR2MNXD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b3553d2b0c378747776bd216078c8f31530cea74a853da98bc7242163616609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63111
x-xss-protection: 0
expires: Tue, 15 Feb 2022 23:09:01 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 45ms
24ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N8X83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 23:09:01 GMT

GET
H3 206 hero-background.mp4
ohiodems.org/wp-content/uploads/2018/06/ 23 KB
23 KB 113ms
113ms Media
video/mp4 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/uploads/2018/06/hero-background.mp4
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deed0cca828e10820588f046f3c492360a07f32007d9fdb4cef8249baded73d0

Request headers

Referer: https://ohiodems.org/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=1310720-

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-fw-server: Flywheel/4.1.0
Content-Range: bytes 1310720-1334062/1334063
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 23343
pragma: public
last-modified: Wed, 12 Sep 2018 19:55:00 GMT
server: cloudflare
etag: "5b996f14-145b2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: exinsehpq5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMOMawgx2dfuQesXFDnSzHzHf2vJRKrouS3elsZN39JaXlcwsmEhpPrUo455pHylI15cU9rVaw4b9dqMccBd8f15EeZWfQMJ%2Fix%2FrgeiGqLz9ULYu%2BNddg8HWdBhzzUbaVzXL%2B46QfJ%2BvL4%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: public, max-age=2592000
cf-ray: 6de23394ffb80f4e-MXP

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 93E2 232 B
448 B 153ms
124ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=fdf977fb9fbee04bb766238e9076d500561aae69

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fohiodems.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 118
date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: gzip
last-modified: Tue, 15 Feb 2022 23:09:01 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: eb684d839607e5a940860dfb0d6dfc7476587d6c200b8724177f2456ec007ace
content-length: 166

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/998315148/ 2 KB
2 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998315148/?random=1644966541613&cv=9&fst=1644966541613&num=1&label=6pLRCNqVxmUQjKmE3AM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fohiodems.org%2F&tiba=Ohio%20Democratic%20Party&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0efaefba6a02f83644a219af7deec1c2239e9dbbdf648c317457a6649f8bd5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
344 B 34ms
13ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-T0MC8QX2ZT&gtm=2oe290&_p=570799600&sr=1600x1200&ul=en-us&cid=1574363949.1644966542&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&dt=Ohio%20Democratic%20Party&sid=1644966541&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T0MC8QX2ZT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 23:09:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/998315148/ 42 B
64 B 35ms
19ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/998315148/?random=1644966541613&cv=9&fst=1644966000000&num=1&label=6pLRCNqVxmUQjKmE3AM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fohiodems.org%2F&tiba=Ohio%20Democratic%20Party&async=1&fmt=3&is_vtc=1&random=2505480993&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 23:09:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/998315148/ 42 B
548 B 45ms
18ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/998315148/?random=1644966541613&cv=9&fst=1644966000000&num=1&label=6pLRCNqVxmUQjKmE3AM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fohiodems.org%2F&tiba=Ohio%20Democratic%20Party&async=1&fmt=3&is_vtc=1&random=2505480993&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 23:09:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 hero-background.mp4
ohiodems.org/wp-content/uploads/2018/06/ 1 MB
1 MB 25ms
25ms Media
video/mp4 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/uploads/2018/06/hero-background.mp4
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6303f58d7cd85ee691d93e6539a1880664ba571baf577e9af7ff1b5d20b99f0a

Request headers

Referer: https://ohiodems.org/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=262144-

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-fw-server: Flywheel/4.1.0
Content-Range: bytes 262144-1334062/1334063
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1071919
pragma: public
last-modified: Wed, 12 Sep 2018 19:55:00 GMT
server: cloudflare
etag: "5b996f14-145b2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: exinsehpq5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khaM85g%2FYRa2PQy%2FUiQQ52ntAY6gPybSNMtE0QLAanzLm%2F28sAPzmpndXB0niiZu%2BD33GvCwkII2x1sjDLZQtRcGsascXne6BaWmEf%2FqRn0TusveP59gL%2F%2Fh37AvVsC7U9CmLzpuyQioK7k%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: public, max-age=2592000
cf-ray: 6de23395e9140f4e-MXP

GET
H3 200 500223356832946 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 68ms
67ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/500223356832946?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d41be0b7f5f895803988a8ef93367e9f0f70a7938a8b51c62ebf2a8dd108938

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: UQG4fW8rj2o+J1FONWpG3LgpT0CqkRmzl6t+UBIMTQjAWB1YFlVx+5SOVb50VbDap8fDVy/wq+kg6FY2L5/hwQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 15 Feb 2022 23:09:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 27ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=830442327491061&ev=PageView&dl=https%3A%2F%2Fohiodems.org%2F&rl=&if=false&ts=1644966541762&sw=1600&sh=1200&v=2.9.52&r=stable&a=wordpress-5.8.3-3.0.6&ec=0&o=30&fbp=fb.1.1644966541758.14188030&it=1644966541546&coo=false&rqm=GET

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 15 Feb 2022 23:09:01 GMT

GET
H2 200 moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js Show response
platform.twitter.com/js/ 25 KB
8 KB 9ms
7ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 19:59:51 GMT
etag: "3123bdaf11a1d77bcf1836091c9b4631+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 8012
tw-cdn: FT
x-served-by: cache-iad-kcgs7200118-IAD, cache-fra19165-FRA

GET
H2 200 timeline.34cf38a85ac899f1d6a0438a1659decc.js Show response
platform.twitter.com/js/ 20 KB
6 KB 8ms
8ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.34cf38a85ac899f1d6a0438a1659decc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 19:59:51 GMT
etag: "0a27acfd1028aaadad57ff8929bf7266+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 6444
tw-cdn: FT
x-served-by: cache-iad-kiad7000034-IAD, cache-fra19165-FRA

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 11 KB
4 KB 314ms
190ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_OHDems_old&dnt=false&domain=ohiodems.org&lang=en&screen_name=OHDems&suppress_response_codes=true&t=1827740&tweet_limit=1&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

d29a1ebd16267d1a29ab0c9f8f9cf9622746342f140269e0b6f7b1c9b0d20f47

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=149
content-length: 3242
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 123
last-modified: Tue, 15 Feb 2022 23:09:02 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 60ab7ef010e1f19ba9911ac5be10b8a339cefa940b5d51434de461a8c3983d0a
timing-allow-origin: *
x-transaction: 1fb150a3e84c1660
expires: Tue, 15 Feb 2022 23:14:02 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=500223356832946&ev=PageView&dl=https%3A%2F%2Fohiodems.org%2F&rl=&if=false&ts=1644966541847&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644966541758.14188030&it=1644966541546&coo=false&rqm=GET

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 15 Feb 2022 23:09:01 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5648
date: Tue, 15 Feb 2022 21:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 15 Feb 2022 23:34:54 GMT

GET
H2 200 identity Show response
fastaction.ngpvan.com/api/v1/ 182 B
788 B 355ms
322ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1644966542010=

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Cowboy / Express

Resource Hash

234deda60765cc17c88134efb15bdec69ed5b15f457f4409255f86549adc7e71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
via: 1.1 vegur
x-content-type-options: nosniff
server: Cowboy
content-encoding: gzip
x-powered-by: Express
vary: Accept-Encoding
p3p: CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo: 13-103777767-103777768 NNYN CT(101 103 0) RT(1644966541341 0) q(0 0 2 1) r(2 3) U18
cache-control: max-age=0
date: Tue, 15 Feb 2022 23:09:02 GMT
etag: W/"b6-z4DbBCuDuS+37ETMCz7hHLv/lrY"
content-type: text/javascript; charset=utf-8
x-cdn: Imperva
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 glyphicons-regular.woff2
d3rse9xjbp8270.cloudfront.net/assets/fonts/ 94 KB
95 KB 6ms
6ms Font
application/font-woff2 2600:9000:206f:3200:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/fonts/glyphicons-regular.woff2
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3200:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Referer: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Origin: https://ohiodems.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 04:26:28 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
age: 67382
x-cache: Hit from cloudfront
content-length: 96388
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "aca35251952e72d9e32d41217f0f97ab"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: 8bKzo3AAGa3hDUGUsSC8l9_LNga2HmDO_WXm3upVhpPrh1FTd2ym6g==

GET
H2 200 vGsz3qFuOkqSPswtciZgag2
secure.ngpvan.com/v1/Track/ 0
365 B 379ms
379ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.ngpvan.com/v1/Track/vGsz3qFuOkqSPswtciZgag2?formSessionId=e638c4d5-4dd3-4c9d-bc0b-f7484c9d87f2&bName=chrome&dType=desktop

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cdn: Imperva
date: Tue, 15 Feb 2022 23:09:02 GMT
x-frame-options: SAMEORIGIN
x-iinfo: 13-103777764-103777765 NNNN CT(87 175 0) RT(1644966541333 0) q(0 0 2 -1) r(3 3) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
content-length: 0
x-xss-protection: 1; mode=block
expires: -1

GET
H3 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiodems.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:57:46 GMT
x-content-type-options: nosniff
age: 393076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17484
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 11 Feb 2023 09:57:46 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=570799600&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Downloading&utt=476&_u=YADAAEABAAAAAC~&jid=1796776086&gjid=196578791&cid=1574363949.1644966542&tid=UA-28243511-22&_gid=422177240.1644966542&_r=1&gtm=2wg2905L2FSL&z=2123186478

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 23:09:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 61ms
19ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-28243511-23&cid=1574363949.1644966542&jid=2005447319&gjid=783395856&_gid=422177240.1644966542&_u=YCDAgEABAAAAAG~&z=1391866896

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 15 Feb 2022 23:09:02 GMT
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=570799600&t=pageview&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAC~&jid=2005447319&gjid=783395856&cid=1574363949.1644966542&tid=UA-28243511-23&_gid=422177240.1644966542&gtm=2wg2905L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP21%2F1%2F89247&cd5=Website%20Signup&cd6=vGsz3qFuOkqSPswtciZgag2&z=1707173114

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 02:29:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74346
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=570799600&t=event&ni=1&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SignupForm&ea=Form%20Load&el=Minimal&ev=3&_u=YCDAgEABAAAAAG~&jid=&gjid=&cid=1574363949.1644966542&tid=UA-28243511-23&_gid=422177240.1644966542&gtm=2wg2905L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP21%2F1%2F89247&cd5=Website%20Signup&cd6=vGsz3qFuOkqSPswtciZgag2&z=446576629

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 02:29:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74346
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
6ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=570799600&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Processing&utt=6&_u=YCDAAEABAAAAAG~&jid=&gjid=&cid=1574363949.1644966542&tid=UA-28243511-22&_gid=422177240.1644966542&gtm=2wg2905L2FSL&z=39509279

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 02:29:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74346
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=570799600&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Render&utt=11&_u=YCDAAEABAAAAAG~&jid=&gjid=&cid=1574363949.1644966542&tid=UA-28243511-22&_gid=422177240.1644966542&gtm=2wg2905L2FSL&z=286593084

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 02:29:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74346
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=570799600&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Fill&utt=2&_u=YCDAAEABAAAAAG~&jid=&gjid=&cid=1574363949.1644966542&tid=UA-28243511-22&_gid=422177240.1644966542&gtm=2wg2905L2FSL&z=2112164688

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 02:29:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74346
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=570799600&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Form&utt=499&_u=YCDAAEABAAAAAG~&jid=&gjid=&cid=1574363949.1644966542&tid=UA-28243511-22&_gid=422177240.1644966542&gtm=2wg2905L2FSL&z=2036782283

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 02:29:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74346
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=570799600&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Total&utt=558&_u=YCDAAEABAAAAAG~&jid=&gjid=&cid=1574363949.1644966542&tid=UA-28243511-22&_gid=422177240.1644966542&gtm=2wg2905L2FSL&z=1388104632

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 02:29:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74346
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AnOsKTUM
pbs.twimg.com/card_img/1492095674103566340/ Frame 5F83 7 KB
7 KB 321ms
252ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1492095674103566340/AnOsKTUM?format=png&name=600x314

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEA) /

Resource Hash

9d7d631960d935b57b4346564779baf9e01ea172fdd031bfda24d64e32adcbfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:02 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: "x-cache;desc= MISS,x-tw-cdn;desc=VZ,edge;dur=207
content-length: 7423
x-response-time: 178
surrogate-key: card_img card_img/bucket/1 card_img/1492095674103566340
last-modified: Fri, 11 Feb 2022 11:16:25 GMT
server: ECS (mil/6CEA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d9f4ea29230b51e8cf48841ac3b110e62c2aa132223c4efad1cbe0e7ceb21071
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame 5F83 53 KB
12 KB 8ms
8ms Stylesheet
text/css 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:02 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 19:59:45 GMT
etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-cache: HIT, HIT
accept-ranges: bytes
content-type: text/css; charset=utf-8
content-length: 12144
tw-cdn: FT
x-served-by: cache-iad-kiad7000157-IAD, cache-fra19165-FRA

GET
H2 200 timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 8ms
7ms Image
text/css 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:02 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 19:59:45 GMT
etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-cache: HIT, HIT
accept-ranges: bytes
content-type: text/css; charset=utf-8
content-length: 12144
tw-cdn: FT
x-served-by: cache-iad-kiad7000157-IAD, cache-fra19165-FRA

GET
H2 200 dAFiiu_L_normal.jpg
pbs.twimg.com/profile_images/1323436115647434752/ Frame 5F83 2 KB
2 KB 125ms
75ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1323436115647434752/dAFiiu_L_normal.jpg

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF6) /

Resource Hash

aa5fde55a9650051343a8a6e018d6103b7e807d700b23a09978834b7a1e7ffa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:02 GMT
x-content-type-options: nosniff
age: 454791
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=30
content-length: 2187
x-response-time: 126
surrogate-key: profile_images profile_images/bucket/7 profile_images/1323436115647434752
last-modified: Tue, 03 Nov 2020 01:23:32 GMT
server: ECS (mil/6CF6)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 29f36d44cc7f854b331dd4fea0237685812ea6b84a0171b27e26823fb9a29709
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 5F83 44 KB
7 KB 179ms
45ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C76) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474056
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 9
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (mil/6C76)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 93f9c97c2e5969275a45ace7bde34b7ce3d8078d72f6c34293a2fbe9d9e82e17
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 22 Feb 2022 23:09:02 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 179ms
45ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C76) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474056
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 9
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (mil/6C76)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 93f9c97c2e5969275a45ace7bde34b7ce3d8078d72f6c34293a2fbe9d9e82e17
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 22 Feb 2022 23:09:02 GMT

GET
DATA 200
OK truncated
/ Frame 5F83 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 5F83 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 5F83 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 5F83 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 5F83 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H3 200 / Show response
www.facebook.com/tr/ Frame B808 0
15 B 7ms
6ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://ohiodems.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/

Response headers

content-type: text/plain
access-control-allow-origin: https://ohiodems.org
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Tue, 15 Feb 2022 23:09:02 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 5A24 0
15 B 7ms
6ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://ohiodems.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/

Response headers

content-type: text/plain
access-control-allow-origin: https://ohiodems.org
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Tue, 15 Feb 2022 23:09:02 GMT

GET
H2

200

jot.html Show response
platform.twitter.com/ Frame 9EF8
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
222 B

6ms
6ms

Document
text/html

151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://ohiodems.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 01 Feb 2022 20:03:55 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "d9592a6c704736fa4da218d4357976dd+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Tue, 15 Feb 2022 23:09:02 GMT
x-served-by: cache-iad-kcgs7200105-IAD, cache-fra19165-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 95

Redirect headers

date: Tue, 15 Feb 2022 23:09:02 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Tue, 15 Feb 2022 23:09:02 GMT
x-transaction: f66578b9a412d674
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-response-time: 116
x-connection-hash: eb684d839607e5a940860dfb0d6dfc7476587d6c200b8724177f2456ec007ace

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/7a/intl/de_ALL/ 77 KB
28 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/7a/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc61eef243fa47845cbb95d6c3078ad2fda22fa9924a1daaf535438b2ad299a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 04:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28830
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 20:23:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 04:58:22 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/7a/intl/de_ALL/ 297 KB
91 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/7a/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6a8db162e9c771134ba27281df5338087590bf3a00d1765ec3382c20628b345

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 04:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92779
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 20:23:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 04:58:22 GMT

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ohiodems.org/	1970-01-23 16:32:06	Name: optimizelyEndUserId Value: oeu1644966541220r0.08463132412131724
.ohiodems.org/	1970-01-23 16:32:06	Name: optimizelySegments Value: %7B%22338746200%22%3A%22direct%22%2C%22339344593%22%3A%22false%22%2C%22339910449%22%3A%22gc%22%7D
.ohiodems.org/	1970-01-23 16:32:06	Name: optimizelyBuckets Value: %7B%7D
.ohiodems.org/	1970-01-20 00:56:06	Name: optimizelyPendingLogEvents Value: %5B%5D
.ohiodems.org/	1970-01-20 18:27:18	Name: _ga_T0MC8QX2ZT Value: GS1.1.1644966541.1.0.1644966541.0
.doubleclick.net/	1970-01-20 00:56:07	Name: test_cookie Value: CheckForPermission
.ohiodems.org/	1970-01-20 03:05:42	Name: _fbp Value: fb.1.1644966541758.14188030
.facebook.com/	1970-01-20 03:05:42	Name: fr Value: 0tkJrZSnqqP4MqAKf..BiDDKN...1.0.BiDDKN.
.profile.ngpvan.com/	1970-01-20 00:56:10	Name: TiPMix Value: 13.7622835644345
.profile.ngpvan.com/	1970-01-20 00:56:10	Name: x-ms-routing-name Value: self
.secure.ngpvan.com/	1970-01-20 00:56:10	Name: TiPMix Value: 56.699766198499
.secure.ngpvan.com/	1970-01-20 00:56:10	Name: x-ms-routing-name Value: self
.ngpvan.com/	1969-12-31 23:59:59	Name: nlbi_1002065 Value: bDX3KfRiWVHaCYfu0IOYSwAAAADvo39WrvIDKIjv6DKcVPhr
.ohiodems.org/	1970-01-20 18:27:18	Name: _ga Value: GA1.2.1574363949.1644966542
.ohiodems.org/	1970-01-20 00:57:32	Name: _gid Value: GA1.2.422177240.1644966542
.ohiodems.org/	1970-01-20 00:56:06	Name: _gat_UA-28243511-22 Value: 1
.ohiodems.org/	1970-01-20 00:56:06	Name: _dc_gtm_UA-28243511-23 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.optimizely.com
cdn.syndication.twimg.com
code.jquery.com
connect.facebook.net
d3rse9xjbp8270.cloudfront.net
fastaction.ngpvan.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
iwillvote.com
js2.verygoodvault.com
maps.googleapis.com
maxcdn.bootstrapcdn.com
ohiodems.org
pbs.twimg.com
platform.twitter.com
profile.ngpvan.com
secure.ngpvan.com
stats.g.doubleclick.net
syndication.twitter.com
ton.twimg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.244.42.136
142.250.185.66
151.101.12.157
2001:4de0:ac18::1:a:1a
2600:9000:206f:3200:12:303c:8700:21
2600:9000:214f:9600:14:79be:a380:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:4700::6812:bcf
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2003
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:827::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:400c:c08::9a
2a02:26f0:fb:5a3::13b8
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3121::7
45.60.33.183
99.86.3.125
007c8fe7c8089337771bed59d17ba2ac704cd236d541698baa339c2b01b183ba
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
08dd67a1f23a1f0929ab6aecb2ae6bba654fedc2e1fb4c52a685e67a23a122c2
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0efaefba6a02f83644a219af7deec1c2239e9dbbdf648c317457a6649f8bd5ee
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18c7974cdab32e0e913639d2a48b6b5015677b61e6a6c92abbfaeae341b37799
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479
234deda60765cc17c88134efb15bdec69ed5b15f457f4409255f86549adc7e71
26443d5cb676aae10bf2ddcbc13b5f4ea62acc1db5bd4b6ad4aeba25b019e8f6
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2e9fbf3d824fd46e5a95966458246d1f26baae0e47d3dc732e2ce0f51b14d772
2fed36ffa9e506d580253524c7dcbbb96a1d0771d77b59b66b5578d598ca1d3b
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
370f049a2458c34f7dc8d6eda8bc03c3a0f2ce147ceaab3e9dac9cae4a6109ca
39e923cd9b7b0e8f56dcb069a582132aa850d546ddf5ad9477e5b029dfca96b1
3b3553d2b0c378747776bd216078c8f31530cea74a853da98bc7242163616609
3d73b5c8b676dee3c1f8bd272a3151a4ff784ff4bba93fda28c4942c2edab5a8
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
4442c0ffa4cb991b479b25a932bddab6ef2a12bd0ae4b131dd80b3d573354b1e
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376
4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762
4d41be0b7f5f895803988a8ef93367e9f0f70a7938a8b51c62ebf2a8dd108938
53d10ba372155a0657ebd8cefe2c76f1a6bb8e27dcfd04bb1401f457cf926a6c
602ba01c63639a9753453e10ed7a0befc13fb678d09540e4405f4f4028739a97
6303f58d7cd85ee691d93e6539a1880664ba571baf577e9af7ff1b5d20b99f0a
671d88419af82873bfe7e2e3bf5431f74bd952e3f5473ec108e51ba5c5a61704
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6fffc6df3e955cb0426d46fecba4ffd23e605f1da2055b9212bb652a1440dc65
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7bab7e59de498e1e76a05252c66d7fe1e32b1d73fecad8708970b4e693146c51
7cd72a40e5b18c07a4946978ffad3205ef00f9411dac392f4989b35df4377f8d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8499f481f7d550511361c4b6978f2a14fb1dbc3c24554355da84600715d6e130
8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
90950dfae87dbc6b6d4af0bce7e15ae8794ab9203b09cd3336dd380bd1f209ad
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9d7d631960d935b57b4346564779baf9e01ea172fdd031bfda24d64e32adcbfb
9e76025b2e383dbf713da145d8adc3f1e2bc9e75704105b506e1c77d48118ece
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4f722d770732e5a7a11518982ec3339298bf91fe1eaf4ebfc310e280cbc98b0
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
aa5fde55a9650051343a8a6e018d6103b7e807d700b23a09978834b7a1e7ffa6
b42dbcc039746e0c556f667db409901aab984fe70c0decbc86485b061e756c86
b52dbaa1ed9e1e9b0bd2eb48b861c53b6295aacb6eb3e3278bb9c0c6a16b0202
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6a8db162e9c771134ba27281df5338087590bf3a00d1765ec3382c20628b345
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d29a1ebd16267d1a29ab0c9f8f9cf9622746342f140269e0b6f7b1c9b0d20f47
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
deed0cca828e10820588f046f3c492360a07f32007d9fdb4cef8249baded73d0
e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529
e3037e5f992beda4fda32b590e897a0806fe95aeb592114396e9b222668f1208
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eacfa8f55b323cbd47190382a9851e359181aae709d172d52b4da9303e86c56d
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5460203f0f5412e534fa35b0b55f8e10a98b83418496b034c4ad4ba293cffc
f2470c6c388ac442808a285250328ffd6f010a2d3dacde4a41dc45fafefc2c97
fc61eef243fa47845cbb95d6c3078ad2fda22fa9924a1daaf535438b2ad299a6
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

ohiodems.org Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

83 Requests

100 %HTTPS

80 %IPv6

20 Domains

28 Subdomains

26 IPs

4 Countries

3438 kBTransfer

7138 kBSize

17 Cookies

13 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ohiodems.org Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

100 %
HTTPS

80 %
IPv6

20
Domains

28
Subdomains

26
IPs

4
Countries

3438 kB
Transfer

7138 kB
Size

17
Cookies

83 HTTP transactions
6 data transactions