URL: https://ohiodems.org/
Submission: On September 05 via api from DE — Scanned from DE

Summary

This website contacted 16 IPs in 2 countries across 12 domains to perform 68 HTTP transactions. The main IP is 2606:4700:10::6816:2c4c, located in United States and belongs to CLOUDFLARENET, US. The main domain is ohiodems.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 2nd 2023. Valid for: a year.
This is the only time ohiodems.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
26 ohiodems.org
ohiodems.org
4 MB
7 everyaction.com
static.everyaction.com — Cisco Umbrella Rank: 99351
379 KB
6 userway.org
cdn.userway.org — Cisco Umbrella Rank: 4411
api.userway.org — Cisco Umbrella Rank: 4251
46 KB
6 ngpvan.com
profile.ngpvan.com — Cisco Umbrella Rank: 72512
secure.ngpvan.com — Cisco Umbrella Rank: 198274
fastaction.ngpvan.com — Cisco Umbrella Rank: 139512
12 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
316 B
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
region1.google-analytics.com — Cisco Umbrella Rank: 2547
21 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 169
123 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
220 KB
3 typekit.net
use.typekit.net — Cisco Umbrella Rank: 477
p.typekit.net — Cisco Umbrella Rank: 588
16 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
ajax.googleapis.com — Cisco Umbrella Rank: 368
32 KB
1 verygoodvault.com
js.verygoodvault.com — Cisco Umbrella Rank: 37557
44 KB
1 gstatic.com
fonts.gstatic.com
34 KB
68 12
Domain Requested by
26 ohiodems.org ohiodems.org
7 static.everyaction.com ohiodems.org
static.everyaction.com
5 cdn.userway.org ohiodems.org
cdn.userway.org
4 www.facebook.com ohiodems.org
4 secure.ngpvan.com static.everyaction.com
ohiodems.org
3 connect.facebook.net ohiodems.org
connect.facebook.net
3 www.googletagmanager.com ohiodems.org
www.googletagmanager.com
www.google-analytics.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 use.typekit.net ohiodems.org
use.typekit.net
2 fonts.googleapis.com ohiodems.org
1 api.userway.org cdn.userway.org
1 fastaction.ngpvan.com static.everyaction.com
1 js.verygoodvault.com static.everyaction.com
1 profile.ngpvan.com static.everyaction.com
1 fonts.gstatic.com fonts.googleapis.com
1 p.typekit.net use.typekit.net
1 ajax.googleapis.com ohiodems.org
68 18
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-14 -
2023-10-15
a year crt.sh
static.everyaction.com
Amazon RSA 2048 M02
2023-05-09 -
2024-06-06
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.ngpvan.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-12-09 -
2023-12-08
a year crt.sh
1667503734.rsc.cdn77.org
R3
2023-08-01 -
2023-10-30
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-06-15 -
2023-09-13
3 months crt.sh
*.verygoodvault.com
Amazon RSA 2048 M02
2023-02-28 -
2024-02-16
a year crt.sh
api.userway.org
Amazon RSA 2048 M03
2023-09-02 -
2024-09-30
a year crt.sh

This page contains 3 frames:

Primary Page: https://ohiodems.org/
Frame ID: 522C807D98799DFF9C4E6CE445368AD5
Requests: 66 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9B21AD3BE07B0928BF9C16D71B383B5E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 91E1F67E6658082561B7A21C6D7F1547
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Ohio Democrats - Fighting For Ohio Workers

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

68
Requests

99 %
HTTPS

87 %
IPv6

12
Domains

18
Subdomains

16
IPs

2
Countries

5473 kB
Transfer

7743 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

68 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ohiodems.org/
33 KB
9 KB
Document
General
Full URL
https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
016cf6964286906fff0e08ba2dc45e32a20dd736fa3d9a63ec0f9512afe5c119

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8021c83c891235e7-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 05 Sep 2023 22:06:56 GMT
link
<https://ohiodems.org/wp-json/>; rel="https://api.w.org/"
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
style.min.css
ohiodems.org/wp-includes/css/dist/block-library/
102 KB
14 KB
Stylesheet
General
Full URL
https://ohiodems.org/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:56 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 19 Jul 2023 11:13:55 GMT
server
cloudflare
etag
"6c1237-19824-600d5209602c0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8415d8435e7-FRA
content-length
13841
style.css
ohiodems.org/wp-content/themes/altitude-pro/
66 KB
13 KB
Stylesheet
General
Full URL
https://ohiodems.org/wp-content/themes/altitude-pro/style.css?ver=3.4.0.8820231941
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ab921da06ecb35081ec089df3e28f90c494b95c74e83f34a5c4f9c7f1e341fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:56 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 08 Aug 2023 19:41:38 GMT
server
cloudflare
etag
"6c594a-1097c-6026e8d304647-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8415d8535e7-FRA
content-length
13472
dashicons.min.css
ohiodems.org/wp-includes/css/
58 KB
35 KB
Stylesheet
General
Full URL
https://ohiodems.org/wp-includes/css/dashicons.min.css?ver=6.3.1
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
cloudflare
etag
"6c1299-e688-5bca85cdbf580-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
8021c8415d8735e7-FRA
css
fonts.googleapis.com/
2 KB
892 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Ek+Mukta%3A200%2C800&display=swap&ver=1.5.0
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a2042072ec6f2ac78692cf98ae5887fa72b4cf198a134a4f8cf02caa75aa3b8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Sep 2023 22:06:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 22:06:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Sep 2023 22:06:56 GMT
jquery.min.js
ohiodems.org/wp-includes/js/jquery/
85 KB
30 KB
Script
General
Full URL
https://ohiodems.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:56 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 26 May 2023 11:33:35 GMT
server
cloudflare
etag
"6c329c-155ba-5fc971b7d21c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8415d8935e7-FRA
content-length
30343
jquery-migrate.min.js
ohiodems.org/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://ohiodems.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:56 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
cloudflare
etag
"6c3294-3509-5fdabee5f2100-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8415d8b35e7-FRA
content-length
4872
tug2lqm.css
use.typekit.net/
2 KB
866 B
Stylesheet
General
Full URL
https://use.typekit.net/tug2lqm.css
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
28538513491ea21835f3d8ff5dba38fba141112de1d87ba85b897d1ff8b5a51b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 05 Sep 2023 22:06:56 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
643
css2
fonts.googleapis.com/
5 KB
699 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;600&display=swap
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2b69072f7f0b585ab2784e9022892e5b88663f6b6b6b3dc966b6379193c67283
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Sep 2023 22:06:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 22:06:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Sep 2023 22:06:56 GMT
hero_logo.png
ohiodems.org/wp-content/uploads/2022/06/
44 KB
44 KB
Image
General
Full URL
https://ohiodems.org/wp-content/uploads/2022/06/hero_logo.png
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98c0ce38c154317731becfe02c80432cc6b0ccd92a677e638067c638cfa7ada3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:58 GMT
cf-cache-status
MISS
last-modified
Tue, 28 Jun 2022 13:20:02 GMT
server
cloudflare
etag
"6e1778-b01b-5e281e4e5e136"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8472b2635e7-FRA
content-length
45083
Join-the-fight-2.png
ohiodems.org/wp-content/uploads/2023/08/
94 KB
95 KB
Image
General
Full URL
https://ohiodems.org/wp-content/uploads/2023/08/Join-the-fight-2.png
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82b59550d39e205168c3366061e6872803dcb6c7723e341262a463a6bd28f30a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:58 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Aug 2023 19:24:42 GMT
server
cloudflare
etag
"8e5c5f-1795b-6026e50a17c61"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8472b2735e7-FRA
content-length
96603
at.js
static.everyaction.com/ea-actiontag/
841 KB
236 KB
Script
General
Full URL
https://static.everyaction.com/ea-actiontag/at.js
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2800:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5bf37d61d58e36f965232ac877508e1f4782596a4254c977c34f3f26b1e6f22

Request headers

Referer
https://ohiodems.org/
Origin
https://ohiodems.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:37:32 GMT
content-encoding
gzip
via
1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
26966
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
241421
last-modified
Tue, 05 Sep 2023 14:37:21 GMT
server
AmazonS3
etag
"a2b345cac8bcfa963d9c595c1bce263a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
sQf2XcAoRtMrOjBc4n0BXpU05RpMj7zwo2Yryq08ZhIhSK8qlaMXqQ==
at.min.css
static.everyaction.com/ea-actiontag/
59 KB
12 KB
Stylesheet
General
Full URL
https://static.everyaction.com/ea-actiontag/at.min.css
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2800:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c42b5cfef1ffd6c8c4817e45e57b83bbef81ce76cf8f2ad0e4129929c631cc3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:37:32 GMT
content-encoding
gzip
via
1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
26966
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
11513
last-modified
Tue, 05 Sep 2023 14:37:21 GMT
server
AmazonS3
etag
"189b1f6398ba789980af42bcb08b9ae6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
5UoIVl6OqTDD2VcQ4fa-dpLLcgHH2UZzdzqvhdYPxrESIGagYQvPbQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/
86 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 08:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Sep 2024 08:15:50 GMT
overhanglogo.png
ohiodems.org/wp-content/uploads/2022/04/
9 KB
9 KB
Image
General
Full URL
https://ohiodems.org/wp-content/uploads/2022/04/overhanglogo.png
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
687fb27ed8df51935a6b49f3c2b9da41176ffbd2a81b824af23302c5e50de199

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Apr 2022 19:53:06 GMT
server
cloudflare
etag
"6e0bcd-2463-5dc29f17409f9"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8472b2835e7-FRA
content-length
9315
cutouts.jpg
ohiodems.org/wp-content/uploads/2022/04/
222 KB
222 KB
Image
General
Full URL
https://ohiodems.org/wp-content/uploads/2022/04/cutouts.jpg
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43629ae2d4da09b8bd9312007e071ebff300e4e5e81e4b8b3e4f5e2a5820774c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:58 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Apr 2022 19:42:43 GMT
server
cloudflare
etag
"6e0bc4-376d6-5dc29cc585f9f"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8472b2b35e7-FRA
content-length
227030
foot_fb.png
ohiodems.org/wp-content/uploads/2022/07/
5 KB
5 KB
Image
General
Full URL
https://ohiodems.org/wp-content/uploads/2022/07/foot_fb.png
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a5f5ebe2803d1a4c14ba8d7fcf37e8446061c0fc382776fbfec789409f384f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Jul 2022 20:56:13 GMT
server
cloudflare
etag
"90384a-123b-5e3293316197f"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8472b2e35e7-FRA
content-length
4667
foot_tw.png
ohiodems.org/wp-content/uploads/2022/07/
6 KB
6 KB
Image
General
Full URL
https://ohiodems.org/wp-content/uploads/2022/07/foot_tw.png
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ec9784521c4a1d560257c24e0ba9e1d74a18b56c6cd0dd1bda0f6fa295f00a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Jul 2022 20:56:14 GMT
server
cloudflare
etag
"90384d-1869-5e3293319f1e6"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8472b2f35e7-FRA
content-length
6249
foot_ig.png
ohiodems.org/wp-content/uploads/2022/07/
7 KB
7 KB
Image
General
Full URL
https://ohiodems.org/wp-content/uploads/2022/07/foot_ig.png
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28627331b8e328fd30a18b05cba4ac67c91d50549b5c8eba81868fcd64ab9702

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Jul 2022 20:56:14 GMT
server
cloudflare
etag
"90384f-1b75-5e329331dab0c"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8472b3035e7-FRA
content-length
7029
hoverIntent.min.js
ohiodems.org/wp-includes/js/
1 KB
815 B
Script
General
Full URL
https://ohiodems.org/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
cloudflare
etag
"6c2fbd-5db-5dc2a2438e980-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8471b1a35e7-FRA
content-length
706
superfish.min.js
ohiodems.org/wp-content/themes/genesis/lib/js/menu/
4 KB
2 KB
Script
General
Full URL
https://ohiodems.org/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 16 Sep 2022 14:00:39 GMT
server
cloudflare
etag
"6e1196-1193-5e8cbc97281f8-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8471b1c35e7-FRA
content-length
1894
superfish.args.min.js
ohiodems.org/wp-content/themes/genesis/lib/js/menu/
132 B
216 B
Script
General
Full URL
https://ohiodems.org/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=3.4.0
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 16 Sep 2022 14:00:39 GMT
server
cloudflare
etag
"6e1199-84-5e8cbc97281f8-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8471b1e35e7-FRA
content-length
132
skip-links.min.js
ohiodems.org/wp-content/themes/genesis/lib/js/
386 B
344 B
Script
General
Full URL
https://ohiodems.org/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.4.0
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 16 Sep 2022 14:00:39 GMT
server
cloudflare
etag
"6e1194-182-5e8cbc97281f8-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8472b2035e7-FRA
content-length
251
global.js
ohiodems.org/wp-content/themes/altitude-pro/js/
507 B
392 B
Script
General
Full URL
https://ohiodems.org/wp-content/themes/altitude-pro/js/global.js?ver=1.5.0
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2acd56db5d22e817a6aed118c4506e242e22b747af782a0d1b4bcf7ec493c7b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 30 Mar 2022 19:06:34 GMT
server
cloudflare
etag
"6e1172-1fb-5db743e7a8a62-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8472b2235e7-FRA
content-length
283
responsive-menus.min.js
ohiodems.org/wp-content/themes/altitude-pro/js/
4 KB
1 KB
Script
General
Full URL
https://ohiodems.org/wp-content/themes/altitude-pro/js/responsive-menus.min.js?ver=1.5.0
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fd951519999c4f446db71f347635025addb27c21d3b5915d498732ea1eec927

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 30 Mar 2022 19:06:34 GMT
server
cloudflare
etag
"6e1174-e64-5db743e8056cc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8472b2435e7-FRA
content-length
1426
home.js
ohiodems.org/wp-content/themes/altitude-pro/js/
1 KB
637 B
Script
General
Full URL
https://ohiodems.org/wp-content/themes/altitude-pro/js/home.js?ver=1.5.0
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58ec10da0d86efff8c2f3846a190dfea204226424bcb714593d8d04e8e716fad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 30 Mar 2022 19:06:34 GMT
server
cloudflare
etag
"6e1173-444-5db743e7fca2b-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8472b2535e7-FRA
content-length
551
e704b7c4-9b1b-47b3-8162-c16737f3ca0f
https://ohiodems.org/
1 KB
0
Other
General
Full URL
blob:https://ohiodems.org/e704b7c4-9b1b-47b3-8162-c16737f3ca0f
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
gtm.js
www.googletagmanager.com/
148 KB
56 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W998DQN
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
10127a844eb4a8359a75d34eac8d33830ff69060ec2e0e0d893c388091d97475
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56933
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 21:08:39 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Sep 2023 22:06:57 GMT
p.css
p.typekit.net/
5 B
172 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=tug2lqm&ht=tk&f=1757.1758&a=87808323&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tug2lqm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
ODP_sherrod.mp4
ohiodems.org/wp-content/uploads/homevideo/
4 MB
4 MB
Media
General
Full URL
https://ohiodems.org/wp-content/uploads/homevideo/ODP_sherrod.mp4
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5098bd5ecb8d7f0804f2077fcf44aabc21eb1ae0b05a574ec0552b8f8aef1bad

Request headers

Referer
https://ohiodems.org/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 05 Sep 2023 22:06:58 GMT
cf-cache-status
MISS
last-modified
Wed, 25 Jan 2023 19:21:04 GMT
server
cloudflare
etag
"6c25af-3c32f1-5f31b888dccd5"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 0-3945200/3945201
cache-control
max-age=14400
cf-ray
8021c8472b3235e7-FRA
Content-Length
3945201
navlogo.png
ohiodems.org/wp-content/uploads/2022/04/
3 KB
4 KB
Image
General
Full URL
https://ohiodems.org/wp-content/uploads/2022/04/navlogo.png
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f80fe32374201408d84bfa0f7a67e325c38d4c4a8f44517ce3e1373c4de9fa7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Apr 2022 19:17:59 GMT
server
cloudflare
etag
"6e0123-def-5dc2973e6d7fa"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8475b6a35e7-FRA
content-length
3567
splashex.png
ohiodems.org/wp-content/uploads/2023/06/
3 KB
3 KB
Image
General
Full URL
https://ohiodems.org/wp-content/uploads/2023/06/splashex.png
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/wp-content/themes/altitude-pro/style.css?ver=3.4.0.8820231941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20b48b9529dd98ff865d7cba801abbcd1006e7a18804b477dfb96cb848f690c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/wp-content/themes/altitude-pro/style.css?ver=3.4.0.8820231941
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
cf-cache-status
MISS
last-modified
Wed, 07 Jun 2023 17:47:52 GMT
server
cloudflare
etag
"8e2760-a50-5fd8dbc28234b"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8476b6f35e7-FRA
content-length
2640
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v25/
34 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v25/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ohiodems.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 02:30:15 GMT
x-content-type-options
nosniff
age
329802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34432
x-xss-protection
0
last-modified
Tue, 02 May 2023 17:01:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 02:30:15 GMT
l
use.typekit.net/af/8a5466/0000000000000000773598c3/30/
15 KB
15 KB
Font
General
Full URL
https://use.typekit.net/af/8a5466/0000000000000000773598c3/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tug2lqm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3ceb0522bf2a32da9c67d49e211bed847d761f1f0495d030734f75e725598dce

Request headers

Referer
https://use.typekit.net/tug2lqm.css
Origin
https://ohiodems.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
server
nginx
etag
"01fe4e911d7beee6e4b155fedcfa329f094a89d5"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15544
extra.min.css
static.everyaction.com/ea-actiontag/
78 KB
14 KB
Stylesheet
General
Full URL
https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2800:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a47e2916bd0c4f859846dc2e13092e7f5de0c272dc85693679f97dcc19af31f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:37:29 GMT
content-encoding
gzip
via
1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
26969
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14188
last-modified
Tue, 05 Sep 2023 14:37:21 GMT
server
AmazonS3
etag
"683685d1fd122869fefe2d50f6d61662"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
88yjaXbdEyJxgqKgKswvdrFZLV0Hc174uFxTwdXNDUlPvvHzipCpMQ==
identity
profile.ngpvan.com/
0
631 B
Script
General
Full URL
https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:56 GMT
reason
Returned 204 - No Content. Referrer not whitelisted
server
Microsoft-IIS/10.0
x-cdn
Imperva
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by
Express, ASP.NET
x-iinfo
7-78071462-78071465 NNNN CT(90 184 0) RT(1693951616366 9) q(0 0 3 0) r(4 4) U24
x-incap-sess-cookie-hdr
CEkGRCR1c23eFhUzTSiYA4Cm92QAAAAAfRUveDdrBJPCZj5qpohflQ==
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
widget.js
cdn.userway.org/
2 KB
2 KB
Script
General
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
42b39722b150fed4bde756606ccbf6ea13ede38ceed02db5cdf1f35cf4f1d1a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 05 Sep 2023 22:06:57 GMT
via
1.1 ebfd02322356b60fe506d9cd1ca49956.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
HAM50-P1
age
120
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
2800
x-accel-date
1693948817
x-77-nzt
AcO1qhH2txf/8AoAAA
x-accel-expires
@1693952417
last-modified
Mon, 04 Sep 2023 19:04:17 GMT
server
CDN77-Turbo
etag
W/"5b5530934ed600495c8d5b0acee306f2"
x-77-nzt-ray
4c1562246dda1c0381a6f764d9563511
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
content-type
application/javascript
x-amz-cf-id
ZyeS8OgpKM51VH7u_l98wOy5w80NynKHbRpc67AlkdBae4eN1WCpzQ==
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W998DQN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 05 Sep 2023 21:44:23 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1354
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 05 Sep 2023 23:44:23 GMT
fbevents.js
connect.facebook.net/en_US/
193 KB
52 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 05 Sep 2023 22:06:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
m9UrS2AkwbBbzByXWzuTKHB3wjU8mPh1sYj6k8x3De6fE7shoCPKlXiD6wtp5rC5L6UJQ1aTX+nY9wZaqNeOZw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/
236 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SYH1Q91FVJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W998DQN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be372f450b21e8c56336f850b3db26d68f7c6f3acfe407736a0467ddb9828139
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83823
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Sep 2023 22:06:57 GMT
vgs-collect.js
js.verygoodvault.com/vgs-collect/2.18.4/
134 KB
44 KB
Script
General
Full URL
https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
Content-Encoding
gzip
Via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
Date
Tue, 05 Sep 2023 22:06:03 GMT
X-Amz-Cf-Pop
FRA60-P4
Age
55
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Mar 2023 10:29:55 GMT
Server
AmazonS3
ETag
W/"156be461dd96d02fce3792c020f7748a"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
Vary
Accept-Encoding
X-Amz-Cf-Id
x4OTXRtC76VIcEnBgLQ7DY4PTGmBd_9ib7dlhutWDAXG9c2m7htiSw==
KTTk2PpJHEiBRUFzu1RNBQ2
secure.ngpvan.com/v1/Forms/
12 KB
5 KB
XHR
General
Full URL
https://secure.ngpvan.com/v1/Forms/KTTk2PpJHEiBRUFzu1RNBQ2
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e355843c91ae886ff6d3c07dc122b7bf291ea59305968f4646e605be85c7bce0
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ohiodems.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-cdn
Imperva
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo
7-78071462-78071469 NNNN CT(90 183 0) RT(1693951616366 29) q(0 0 3 0) r(5 5) U18
content-length
4596
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ohiodems.org
access-control-expose-headers
Request-Context
cache-control
public, max-age=10
access-control-allow-credentials
true
x-incap-sess-cookie-hdr
TO/FE/lBQmTnFhUzTSiYA4Cm92QAAAAAJEvnFOfqtAfZhDPWLwxEOQ==
doublearrow.png
ohiodems.org/wp-content/uploads/2022/04/
1 KB
2 KB
Image
General
Full URL
https://ohiodems.org/wp-content/uploads/2022/04/doublearrow.png
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/wp-content/themes/altitude-pro/style.css?ver=3.4.0.8820231941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0258d5c0d15c32511b30a8ca0a0df3fc93a6174244c3f8d011c781a6948760ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/wp-content/themes/altitude-pro/style.css?ver=3.4.0.8820231941
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
cf-cache-status
MISS
last-modified
Mon, 11 Apr 2022 17:56:27 GMT
server
cloudflare
etag
"6e0019-5d0-5dc64a9d3c05d"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8480bf535e7-FRA
content-length
1488
feature1.jpg
ohiodems.org/wp-content/uploads/2022/07/
177 KB
177 KB
Image
General
Full URL
https://ohiodems.org/wp-content/uploads/2022/07/feature1.jpg
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9fb22fcea70a502339c4854999e5eb9dadb5440a303810535c64cf731d9c370

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:58 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Jul 2022 15:05:18 GMT
server
cloudflare
etag
"901533-2c418-5e3d958a9c0c0"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c8480bf735e7-FRA
content-length
181272
collect
www.google-analytics.com/j/
15 B
218 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1647985188&t=pageview&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democrats%20-%20Fighting%20For%20Ohio%20Workers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=412909220&gjid=1763011111&cid=1382025363.1693951617&tid=UA-239877196-1&_gid=576899020.1693951617&_r=1&_slc=1&gtm=45He38u0n81W998DQN&z=1623995739
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6fa1b4e37d7b21750150144adba6bb4514bcff546ff9accff2571e61d6ddeac8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ohiodems.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 22:06:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ohiodems.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
502143008408261
connect.facebook.net/signals/config/
136 KB
36 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/502143008408261?v=2.9.125&r=stable&domain=ohiodems.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f0981992a383bec43ee35d273655f5963d51a07865bc4c1b4e75f5a6ec1b83b1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 05 Sep 2023 22:06:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
iEMh8iVsULm518P/3Is8LrRGEMxtJ6UMoTKub6pQZKHBptWUP2EUS4tqfKdGk3zKOYoXNO3UXfYZ2gk84oFDHw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
251 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SYH1Q91FVJ&gtm=45je38u0&_p=1647985188&cid=1382025363.1693951617&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693951617&sct=1&seg=0&dl=https%3A%2F%2Fohiodems.org%2F&dt=Ohio%20Democrats%20-%20Fighting%20For%20Ohio%20Workers&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SYH1Q91FVJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 22:06:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ohiodems.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
236 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JQFF480XQ0&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
97d275d12195537a0c2da2bc41bbcda0501cae588c4e3cb0ac37920381bc6899
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83577
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Sep 2023 22:06:57 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JQFF480XQ0&gtm=45je38u0&_p=1647985188&ul=en-us&sr=1600x1200&cid=1382025363.1693951617&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&dt=Ohio%20Democrats%20-%20Fighting%20For%20Ohio%20Workers&sid=1693951617&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JQFF480XQ0&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 22:06:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ohiodems.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1125958801654956
connect.facebook.net/signals/config/
137 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1125958801654956?v=2.9.125&r=stable&domain=ohiodems.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
59aa2902de5c0185df827e4913197533bbeb5ccca60bf1c11007c3fea069e1f3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 05 Sep 2023 22:06:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
aqRwFcu/mf0ybIeXuOlIn36ioM993F+SvQb0DUprL7XvKKouEyKZKCdaVR7tpXKWCj2nHYqTL3iTnuIubcmeLQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=502143008408261&ev=PageView&dl=https%3A%2F%2Fohiodems.org%2F&rl=&if=false&ts=1693951617701&sw=1600&sh=1200&v=2.9.125&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1693951617700.729263063&it=1693951617328&coo=false&rqm=GET
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 05 Sep 2023 22:06:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1125958801654956&ev=PageView&dl=https%3A%2F%2Fohiodems.org%2F&rl=&if=false&ts=1693951617702&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693951617700.729263063&it=1693951617328&coo=false&rqm=GET
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 05 Sep 2023 22:06:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
identity
fastaction.ngpvan.com/api/v1/
182 B
862 B
Script
General
Full URL
https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1693951617730=
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
b0c61b00d0513db21b9ca05271bf639ab1eaf56e5d02b4d401ec2dc0e78350b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains
server
Microsoft-IIS/10.0
x-cdn
Imperva
etag
W/"b6-bP1lUYh9Ajbi/luI0aUxxjmZ6uc"
x-powered-by
Express, ASP.NET
vary
Accept-Encoding,Accept-Encoding
content-type
text/javascript; charset=utf-8
p3p
CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo
7-78071462-78071482 NNNY CT(90 184 0) RT(1693951616366 482) q(0 0 0 0) r(1 1) U4
x-incap-sess-cookie-hdr
0JI8J2OA4nG4FxUzTSiYA4Cm92QAAAAAkpgsouwZeky0WoER8RoAFA==
content-length
293
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
intlTelInput.min.css
static.everyaction.com/ea-actiontag/assets/styles/
19 KB
20 KB
Stylesheet
General
Full URL
https://static.everyaction.com/ea-actiontag/assets/styles/intlTelInput.min.css
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2800:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80174969764673851b6aa49f7f2db4e556666c28a1a23466ab984b1743eb0aa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:39:44 GMT
via
1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 18:06:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
1634
etag
"7e7462900c78bbf73c9dfde6c0b617fc"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
19755
x-amz-cf-id
3wlP4uWY4Gv5RMjKJiHplm6E0Iyg7vWJ2z8nK8nW5SGVLDUlMq5XqQ==
KTTk2PpJHEiBRUFzu1RNBQ2
secure.ngpvan.com/v1/Track/
0
191 B
Image
General
Full URL
https://secure.ngpvan.com/v1/Track/KTTk2PpJHEiBRUFzu1RNBQ2?formSessionId=d0d80e14-0318-43c3-934a-afc0249f2cf7&bName=chrome&dType=desktop&formVersion=8/8/2023%207:22:36%20PM|&fUrl=aHR0cHM6Ly9vaGlvZGVtcy5vcmcv&fRef=
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
-1
pragma
no-cache
date
Tue, 05 Sep 2023 22:06:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn
Imperva
x-frame-options
SAMEORIGIN
x-iinfo
7-78071462-78071469 PNNN RT(1693951616366 474) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers
Request-Context
cache-control
no-cache
x-incap-sess-cookie-hdr
9oZ4ZwAwGGfnFhUzTSiYA4Cm92QAAAAAic2WobNt6jc4SFXZoygVwQ==
content-length
0
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
wp-emoji-release.min.js
ohiodems.org/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://ohiodems.org/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:58 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
"6c3a14-4904-5f3acfe01ab40-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8021c84b5f7a35e7-FRA
content-length
5039
intlTelInput.js
static.everyaction.com/ea-actiontag/assets/js/
87 KB
21 KB
Script
General
Full URL
https://static.everyaction.com/ea-actiontag/assets/js/intlTelInput.js
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2800:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8591bd5866850d9ce6364055d34f31055fef11f1705518cae23d87a57ef99933

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 08:54:23 GMT
content-encoding
gzip
via
1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
2553154
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
20855
last-modified
Tue, 11 Apr 2023 14:36:16 GMT
server
AmazonS3
etag
"0d84f90a2a517cacd498722e0fe0500e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
LDWlI6LmT70w01MUPMJRnDVaBeO1-EkpC1KtPtkcxpuy_5ah3Ses5g==
intl-tel.input.utils.js
static.everyaction.com/ea-actiontag/assets/js/
245 KB
55 KB
Script
General
Full URL
https://static.everyaction.com/ea-actiontag/assets/js/intl-tel.input.utils.js
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2800:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 11:33:08 GMT
content-encoding
gzip
via
1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
2543630
x-cache
Hit from cloudfront
content-length
56004
last-modified
Tue, 12 Apr 2022 14:33:00 GMT
server
AmazonS3
etag
"4b9bf850ee4aa76202eb0e6f5948bfa8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
oJSZfD0ihwMNzBtL9x6ivo4BGvbJRPAbkWxjjZVAZS-FcJDzLWJCZA==
widget_app_base_1693854018837.js
cdn.userway.org/widgetapp/2023-09-04/
135 KB
40 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2023-09-04/widget_app_base_1693854018837.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7c7bbf1849663ba8ef24b1d6da018b87fab7be4d8435c11dc91a512720a4fcac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 05 Sep 2023 22:06:57 GMT
via
1.1 f9e7fd4b74156e78a449b2e846941478.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
HAM50-P1
age
34
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
96512
x-accel-date
1693855105
x-77-nzt
AcO1qhFvbkz/AHkBAA
x-accel-expires
@1719775105
last-modified
Mon, 04 Sep 2023 19:04:11 GMT
server
CDN77-Turbo
etag
W/"dea2c0a44d184efa03aa6be523005455"
x-77-nzt-ray
4c1562246dda1c0381a6f76471b6db30
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
aDB0dWeC_-PYfxTFMRuoyQ-jSpCLZjW4W5JhuhM8HUf1ucjs-Md8Fg==
VcPCd5Dn0Ua_PjWti7X70w2
secure.ngpvan.com/v1/Forms/
12 KB
5 KB
XHR
General
Full URL
https://secure.ngpvan.com/v1/Forms/VcPCd5Dn0Ua_PjWti7X70w2
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
84d34890d670cc72630c39d56f144fa87bf328c3a9775398f3c41387fea0c4d7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ohiodems.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-cdn
Imperva
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo
7-78071462-78071469 PNNN RT(1693951616366 553) q(0 0 0 -1) r(1 1) U18
content-length
4497
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ohiodems.org
access-control-expose-headers
Request-Context
cache-control
public, max-age=10
access-control-allow-credentials
true
x-incap-sess-cookie-hdr
GhTFJL1rpCPnFhUzTSiYA4Gm92QAAAAAUkMiOz5Egp5J+RnFKXx0hA==
R4wkoOZoql
api.userway.org/api/tunings/
487 B
874 B
XHR
General
Full URL
https://api.userway.org/api/tunings/R4wkoOZoql
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-09-04/widget_app_base_1693854018837.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:cc58:ec6b:2855:e8e7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e67519d514077b3443b7f138f02cd0e34510b85ec336d431b81dd25a41f6367

Request headers

Referer
https://ohiodems.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 05 Sep 2023 22:06:58 GMT
etag
W/"1e7-kH0M1o6JKy+RHBcNGgMiGGVMgTI"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usr3edb4e563dd04d3
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
487
x-service-version
uw-pr
flags.png
static.everyaction.com/ea-actiontag/assets/images/
20 KB
20 KB
Image
General
Full URL
https://static.everyaction.com/ea-actiontag/assets/images/flags.png
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/assets/styles/intlTelInput.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2800:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.everyaction.com/ea-actiontag/assets/styles/intlTelInput.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 10:50:22 GMT
via
1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
22850196
x-cache
Hit from cloudfront
content-length
20389
last-modified
Tue, 07 Dec 2021 15:33:44 GMT
server
AmazonS3
etag
"4e54a2ee652e9cddbd4ef6f8c46e5390"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_Pd1gjh4F-FnkduZJlnFhc-S-4su0Y9fpm17fGL7umNVF6ueMBYZPA==
VcPCd5Dn0Ua_PjWti7X70w2
secure.ngpvan.com/v1/Track/
0
167 B
Image
General
Full URL
https://secure.ngpvan.com/v1/Track/VcPCd5Dn0Ua_PjWti7X70w2?formSessionId=2ecb179f-65cd-4546-a36e-4cc2ccd91053&bName=chrome&dType=desktop&formVersion=6/30/2023%208:50:13%20PM|8/17/2022%202:52:39%20PM&fUrl=aHR0cHM6Ly9vaGlvZGVtcy5vcmcv&fRef=
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
-1
pragma
no-cache
date
Tue, 05 Sep 2023 22:06:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn
Imperva
x-frame-options
SAMEORIGIN
x-iinfo
7-78071462-78071469 PNNN RT(1693951616366 701) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers
Request-Context
cache-control
no-cache
x-incap-sess-cookie-hdr
tzQGZ2Saj2bnFhUzTSiYA4Gm92QAAAAAoCqTnlV+1Sz0WQ2ePmGdag==
content-length
0
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
/
www.facebook.com/tr/ Frame 9B21
0
69 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://ohiodems.org
Referer
https://ohiodems.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://ohiodems.org
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 22:06:58 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame 91E1
0
31 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://ohiodems.org
Referer
https://ohiodems.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://ohiodems.org
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 22:06:58 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
en-US.json
cdn.userway.org/widgetapp/2023-09-04-19-00-18/locales/
500 B
923 B
XHR
General
Full URL
https://cdn.userway.org/widgetapp/2023-09-04-19-00-18/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-09-04/widget_app_base_1693854018837.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 05 Sep 2023 22:06:58 GMT
via
1.1 047bd08beb708919e51605064d34f6ec.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
HAM50-P1
age
35
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
96508
x-accel-date
1693855110
x-77-nzt
AcO1qhECjgb//HgBAA
x-accel-expires
@1719775110
last-modified
Mon, 04 Sep 2023 19:04:11 GMT
server
CDN77-Turbo
etag
W/"6c501e56c0883817da65e6df9f4417ee"
x-77-nzt-ray
4c1562243dd0251482a6f7643b6bad19
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/json
x-amz-cf-id
67g97bUfAkpMCA1QsM-DcpD5zljmHKB98ogscyOkbtGDVlcyyxiLuQ==
wheel_left_wh.svg
cdn.userway.org/widgetapp/images/
935 B
1 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/wheel_left_wh.svg
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
00cd608f9c6b99a47846bd152d76b976c269088c660b53bc6c6e1c252c394aa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 05 Sep 2023 22:06:58 GMT
via
1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
362
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
7132631
x-accel-date
1686818987
x-77-nzt
AcO1qhGcl5f/19VsAA
x-accel-expires
@1712738987
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"9f8663d43c09deecb6876f09ecc4a6ec"
x-77-nzt-ray
4c1562246dda1c0382a6f764b00d2f37
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
_YD92JMQ-Y6d1NAkMJIIkGb2wBlzhrDkvL1Hgzh_Zq-ViAwIF335sQ==
spin_wh.svg
cdn.userway.org/widgetapp/images/
2 KB
1 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by
Host: ohiodems.org
URL: https://ohiodems.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ohiodems.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 05 Sep 2023 22:06:58 GMT
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
429
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
7132634
x-accel-date
1686818984
x-77-nzt
AcO1qhFkzf3/2tVsAA
x-accel-expires
@1712738984
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
4c1562246dda1c0382a6f7646fbc3537
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
3-d562hUF3b2u9thgqBziH84kLN8KO4gp6LhwwhHdJm4BZH507z6Nw==

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| _wpemojiSettings function| $ function| jQuery object| dataLayer function| _ object| CSSModal object| nvtag object| Backbone object| _gaq function| _jqjsp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| user object| nvtag_plugins function| cardFromNumber function| cardFromType function| luhnCheck function| hasTextSelected function| safeVal function| replaceFullWidthChars function| reFormatNumeric function| reFormatCardNumber function| formatCardNumber function| formatBackCardNumber function| reFormatExpiry function| formatExpiry function| formatForwardExpiry function| formatForwardSlashAndSpace function| formatBackExpiry function| reFormatCVC function| restrictNumeric function| restrictCardNumber function| restrictExpiry function| restrictCVC function| setCardType object| UserWayWidgetApp object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| VgForm object| SecureForm object| VGSCollect object| formview function| ga_skiplinks object| genesis_responsive_menu object| intlTelInputGlobals function| intlTelInput object| intlTelInputUtils function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway object| twemoji object| wp object| UserWay

10 Cookies

Domain/Path Name / Value
.ohiodems.org/ Name: __cf_bm
Value: tmsjSnfLiAy1Vk4K5b4En5hiPSb6YQNweirQTjyPPmE-1693951616-0-AdMuIWA3/bWvmlkXj4Z7+JDwzKDPafcnUYz0Tb5pWbukHtw1BrJ33UJJcaVUWje2cB1EqI3DIzc7LDJ2V/13eys=
.ohiodems.org/ Name: _gid
Value: GA1.2.576899020.1693951617
.ohiodems.org/ Name: _gat_UA-239877196-1
Value: 1
.ohiodems.org/ Name: _ga_SYH1Q91FVJ
Value: GS1.1.1693951617.1.0.1693951617.0.0.0
.ohiodems.org/ Name: _ga
Value: GA1.1.1382025363.1693951617
.ohiodems.org/ Name: _ga_JQFF480XQ0
Value: GS1.2.1693951617.1.0.1693951617.0.0.0
.ohiodems.org/ Name: _fbp
Value: fb.1.1693951617700.729263063
.ngpvan.com/ Name: visid_incap_1002065
Value: fN+me4r4S0eHcaM66mDqdoCm92QAAAAAQUIPAAAAAAA3jyitF0QbCo+eozvl5g5o
.ngpvan.com/ Name: nlbi_1002065
Value: YZy4dNTcoUImm9Hf0IOYSwAAAAADepVNKrIKO3F81X/QlvlA
.ngpvan.com/ Name: incap_ses_259_1002065
Value: Ue+9PgOOmW/nFhUzTSiYA4Cm92QAAAAAvt95ukjBfl/vpRwj3v2Amw==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.userway.org
cdn.userway.org
connect.facebook.net
fastaction.ngpvan.com
fonts.googleapis.com
fonts.gstatic.com
js.verygoodvault.com
ohiodems.org
p.typekit.net
profile.ngpvan.com
region1.google-analytics.com
secure.ngpvan.com
static.everyaction.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
18.66.147.109
2001:4860:4802:32::36
2600:1f14:5db:eb11:cc58:ec6b:2855:e8e7
2600:9000:2490:2800:3:1d53:4780:93a1
2606:4700:10::6816:2c4c
2a00:1450:4001:803::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2003
2a02:26f0:3500:16::215:1495
2a02:6ea0:c700::19
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
45.60.33.183
00cd608f9c6b99a47846bd152d76b976c269088c660b53bc6c6e1c252c394aa0
016cf6964286906fff0e08ba2dc45e32a20dd736fa3d9a63ec0f9512afe5c119
0258d5c0d15c32511b30a8ca0a0df3fc93a6174244c3f8d011c781a6948760ce
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a47e2916bd0c4f859846dc2e13092e7f5de0c272dc85693679f97dcc19af31f
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca
10127a844eb4a8359a75d34eac8d33830ff69060ec2e0e0d893c388091d97475
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5
20b48b9529dd98ff865d7cba801abbcd1006e7a18804b477dfb96cb848f690c9
20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4
28538513491ea21835f3d8ff5dba38fba141112de1d87ba85b897d1ff8b5a51b
28627331b8e328fd30a18b05cba4ac67c91d50549b5c8eba81868fcd64ab9702
2acd56db5d22e817a6aed118c4506e242e22b747af782a0d1b4bcf7ec493c7b3
2b69072f7f0b585ab2784e9022892e5b88663f6b6b6b3dc966b6379193c67283
3ceb0522bf2a32da9c67d49e211bed847d761f1f0495d030734f75e725598dce
42b39722b150fed4bde756606ccbf6ea13ede38ceed02db5cdf1f35cf4f1d1a4
43629ae2d4da09b8bd9312007e071ebff300e4e5e81e4b8b3e4f5e2a5820774c
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4e67519d514077b3443b7f138f02cd0e34510b85ec336d431b81dd25a41f6367
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5098bd5ecb8d7f0804f2077fcf44aabc21eb1ae0b05a574ec0552b8f8aef1bad
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56
58ec10da0d86efff8c2f3846a190dfea204226424bcb714593d8d04e8e716fad
59aa2902de5c0185df827e4913197533bbeb5ccca60bf1c11007c3fea069e1f3
5ab921da06ecb35081ec089df3e28f90c494b95c74e83f34a5c4f9c7f1e341fb
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
687fb27ed8df51935a6b49f3c2b9da41176ffbd2a81b824af23302c5e50de199
6ec9784521c4a1d560257c24e0ba9e1d74a18b56c6cd0dd1bda0f6fa295f00a4
6fa1b4e37d7b21750150144adba6bb4514bcff546ff9accff2571e61d6ddeac8
6fd951519999c4f446db71f347635025addb27c21d3b5915d498732ea1eec927
7c7bbf1849663ba8ef24b1d6da018b87fab7be4d8435c11dc91a512720a4fcac
80174969764673851b6aa49f7f2db4e556666c28a1a23466ab984b1743eb0aa7
82b59550d39e205168c3366061e6872803dcb6c7723e341262a463a6bd28f30a
8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d
84d34890d670cc72630c39d56f144fa87bf328c3a9775398f3c41387fea0c4d7
8591bd5866850d9ce6364055d34f31055fef11f1705518cae23d87a57ef99933
97d275d12195537a0c2da2bc41bbcda0501cae588c4e3cb0ac37920381bc6899
98c0ce38c154317731becfe02c80432cc6b0ccd92a677e638067c638cfa7ada3
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a2042072ec6f2ac78692cf98ae5887fa72b4cf198a134a4f8cf02caa75aa3b8d
a8a5f5ebe2803d1a4c14ba8d7fcf37e8446061c0fc382776fbfec789409f384f
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
b0c61b00d0513db21b9ca05271bf639ab1eaf56e5d02b4d401ec2dc0e78350b0
b9fb22fcea70a502339c4854999e5eb9dadb5440a303810535c64cf731d9c370
be372f450b21e8c56336f850b3db26d68f7c6f3acfe407736a0467ddb9828139
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c42b5cfef1ffd6c8c4817e45e57b83bbef81ce76cf8f2ad0e4129929c631cc3f
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e355843c91ae886ff6d3c07dc122b7bf291ea59305968f4646e605be85c7bce0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
f0981992a383bec43ee35d273655f5963d51a07865bc4c1b4e75f5a6ec1b83b1
f5bf37d61d58e36f965232ac877508e1f4782596a4254c977c34f3f26b1e6f22
f80fe32374201408d84bfa0f7a67e325c38d4c4a8f44517ce3e1373c4de9fa7d