URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Submission: On April 03 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 64 HTTP transactions. The main IP is 104.16.53.111, located in and belongs to CLOUDFLARENET, US. The main domain is paidleavecontact.oregon.gov.
TLS certificate: Issued by R3 on February 16th 2023. Valid for: 3 months.
This is the only time paidleavecontact.oregon.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 104.16.53.111 13335 (CLOUDFLAR...)
22 104.18.70.113 13335 (CLOUDFLAR...)
14 104.18.72.113 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
14 74.208.54.178 8560 (IONOS-AS ...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 1 104.16.51.111 13335 (CLOUDFLAR...)
64 7
Apex Domain
Subdomains
Transfer
36 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2084
p23.zdassets.com — Cisco Umbrella Rank: 42970
theme.zdassets.com — Cisco Umbrella Rank: 11958
697 KB
20 oregon.gov
paidleavecontact.oregon.gov
paidleave.oregon.gov
124 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
272 KB
1 zendesk.com
oedhelpdesk.zendesk.com
792 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 756
30 KB
64 5
Domain Requested by
22 static.zdassets.com paidleavecontact.oregon.gov
static.zdassets.com
14 paidleave.oregon.gov paidleavecontact.oregon.gov
paidleave.oregon.gov
12 theme.zdassets.com paidleavecontact.oregon.gov
6 paidleavecontact.oregon.gov static.zdassets.com
p23.zdassets.com
paidleavecontact.oregon.gov
3 cdnjs.cloudflare.com paidleavecontact.oregon.gov
cdnjs.cloudflare.com
2 p23.zdassets.com paidleavecontact.oregon.gov
1 oedhelpdesk.zendesk.com 1 redirects
1 code.jquery.com paidleavecontact.oregon.gov
64 8
Subject Issuer Validity Valid
oedcontactus.oregon.gov
R3
2023-02-16 -
2023-05-17
3 months crt.sh
zdassets.com
Cloudflare Inc ECC CA-3
2022-11-10 -
2023-11-09
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
paidleave.cascadewebdev.com
R3
2023-03-29 -
2023-06-27
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh

This page contains 2 frames:

Primary Page: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Frame ID: 623FF7C13B303D3C46FEE11CEDD09F44
Requests: 61 HTTP requests in this frame

Frame: https://paidleavecontact.oregon.gov/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680523200
Frame ID: 4DCE7F48E04E8EF593500A47083A964C
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Submit a request – Paid Leave Oregon

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Overall confidence: 100%
Detected patterns
  • react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

92 %
HTTPS

29 %
IPv6

5
Domains

8
Subdomains

7
IPs

3
Countries

1123 kB
Transfer

3300 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://oedhelpdesk.zendesk.com/auth/v2/host/without_iframe.js HTTP 302
  • https://static.zdassets.com/auth/d45e11e2da81e75fb2c3e2ee3081e4b450dabc46/v2/host-without-iframe.js

64 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request new
paidleavecontact.oregon.gov/hc/en-us/requests/
60 KB
14 KB
Document
General
Full URL
https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b2be906e5e6c1e2f0523b039c0a631409eb5a594d5f6b445185bc6e0d3fdabf
Security Headers
Name Value
Strict-Transport-Security max-age=259200;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, public
cf-cache-status
MISS
cf-ray
7b223ccabf149b64-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Mon, 03 Apr 2023 15:10:17 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vW2BfALjQOisNjM8GCDBszoKMXRrOzaaFL7bHB1lgLw%2FCuzwmRqnG5SuVP1IwNmyLyYSytjQrWmuyLI8wAyQxQgzUq9Qb2FKgOZbqcInyJoMilWrBq5VODtok%2BYoj1Io6oUae5EOXlxRyT219w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=259200;
vary
Accept-Encoding
x-cached
MISS
x-frame-options
SAMEORIGIN
x-request-id
7b223ccaf3f69b64-IAD
x-runtime
0.532252
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
x-zendesk-origin-server
help-center-unicorn-requests-5c867b656d-q9mtr
application-4457e15fd2317df56adee04580b8726d.css
static.zdassets.com/hc/assets/
51 KB
9 KB
Stylesheet
General
Full URL
https://static.zdassets.com/hc/assets/application-4457e15fd2317df56adee04580b8726d.css
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc636604544107c8c011720278a208a6d21ecb0a2b6f4fcf123bcce80b4fda54
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:17 GMT
x-amz-version-id
Vs2dX_YDZkTzICtK9VrWznRiqA7oaBKZ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
NJCP8DDPAT111QQE
age
22774
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
qdVs1nzAWJoMud36OprKICScs1xLX62I4/M3hwGiFMxP/Z5e0Dn79jTYNBOIAOr1g3rWBFw7TGQ=
last-modified
Mon, 20 Mar 2023 08:46:43 GMT
server
cloudflare
etag
W/"ffa92307bd4f21a5d1f78ae672a2bdda"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZLOtB9YHbPG76ISaLZv73%2FklxraeAGTDkq1hE1RHRpU3w%2BYAX9O3jsRR0LmH3Mj5RTdcbp7PRzB4jST3FX9P23IA5KgQtXds0ujrdxyFWmJU6%2F9jiy43kbokVVfAURbokBAkyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7b223ccf7c289972-FRA
style.css
p23.zdassets.com/hc/theming_assets/10522802/6128045806743/
95 KB
18 KB
Stylesheet
General
Full URL
https://p23.zdassets.com/hc/theming_assets/10522802/6128045806743/style.css?digest=13353930874647
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4f11f4357af153d487fc79419cf374fee90180540f7e5f9373d14b0974dacf8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:17 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
help-center-unicorn-6dcc95fdb-9jlzd
protocol
HTTP/1.1 always
x-request-id
7b21fbd4cda42ef6-LAX
x-ua-compatible
IE=edge
x-runtime
0.015246
server
cloudflare
etag
W/"c4f11f4357af153d487fc79419cf374f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glYEibHhhTCUagGkr0aIhpI71hTR2VDKpjv%2Bu4nHqChcQP2Vebo0BGswR2SjtJpVtcEaErJr%2FSfegW2p87aXPS1vY%2FGjjQxVmkjzC2qYxhLC0vcHi25RgO%2FcR%2BuhIAcxxpI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=604800, public
x-zendesk-processed-host-header
p23.zdassets.com
cf-ray
7b223ccf6e5c2c25-FRA
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/
100 KB
19 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://paidleavecontact.oregon.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5313507
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18716
last-modified
Tue, 15 Nov 2022 18:04:22 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6373d4a6-491c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncanoH6Lcb9INtvdafd9yEaSExrXiD5nbCXlMTIihILD86rYJY8srijlZ35v%2F1YN4mc1Hr8SQYmrPiGb3y2Mb9jCkfIyPl85V4X0meIxIcpCSy9EK5seJus%2B1DsR71BOCtEOOPR3R%2BUwtM2S8ngEfUpm"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b223ccf58783aa0-FRA
expires
Sat, 23 Mar 2024 15:10:17 GMT
animate.min.css
paidleave.oregon.gov/assets/vendor/animate.css/
70 KB
5 KB
Stylesheet
General
Full URL
https://paidleave.oregon.gov/assets/vendor/animate.css/animate.min.css?m=0405860d06b5df26e3398f117ed14e2f
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.208.54.178 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 15:10:17 GMT
cross-origin-resource-policy
cross-orgin
content-length
5270
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 04 Oct 2022 21:10:14 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
pguise.stage.cascadewebdev.com
cache-control
max-age=604800
accept-ranges
bytes
expires
Mon, 10 Apr 2023 15:10:17 GMT
bootstrap.css
paidleave.oregon.gov/assets/vendor/bootstrap/css/
233 KB
30 KB
Stylesheet
General
Full URL
https://paidleave.oregon.gov/assets/vendor/bootstrap/css/bootstrap.css?m=62af5a78241ad67390fd01b2c42de08a
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.208.54.178 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
5869a422faea055cd10a81258d76eb17fa4d124192d3685fc5a82a74e882b100
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 15:10:17 GMT
cross-origin-resource-policy
cross-orgin
content-length
30002
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 18 Oct 2022 20:08:29 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
pguise.stage.cascadewebdev.com
cache-control
max-age=604800
accept-ranges
bytes
expires
Mon, 10 Apr 2023 15:10:17 GMT
bootstrap-icons.css
paidleave.oregon.gov/assets/vendor/bootstrap-icons/
92 KB
13 KB
Stylesheet
General
Full URL
https://paidleave.oregon.gov/assets/vendor/bootstrap-icons/bootstrap-icons.css?m=8d055be5bce9723c17397c99adde5ccf
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.208.54.178 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
461c3d93c1e545632b0e4a4b312e59ea4bcba635311cf2f24d2fd40e7fde09c4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 15:10:17 GMT
cross-origin-resource-policy
cross-orgin
content-length
12665
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 13 Dec 2022 22:34:35 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
pguise.stage.cascadewebdev.com
cache-control
max-age=604800
accept-ranges
bytes
expires
Mon, 10 Apr 2023 15:10:17 GMT
boxicons.min.css
paidleave.oregon.gov/assets/vendor/boxicons/css/
65 KB
12 KB
Stylesheet
General
Full URL
https://paidleave.oregon.gov/assets/vendor/boxicons/css/boxicons.min.css?m=a0174fdeb6dbe8ce129a48fd3d1b8e53
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.208.54.178 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
b29cd63064611eeb851354145a1c984fe883d87971b53105206ad1d5da3de824
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 15:10:17 GMT
cross-origin-resource-policy
cross-orgin
content-length
12157
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 04 Oct 2022 21:10:15 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
pguise.stage.cascadewebdev.com
cache-control
max-age=604800
accept-ranges
bytes
expires
Mon, 10 Apr 2023 15:10:17 GMT
glightbox.min.css
paidleave.oregon.gov/assets/vendor/glightbox/css/
13 KB
3 KB
Stylesheet
General
Full URL
https://paidleave.oregon.gov/assets/vendor/glightbox/css/glightbox.min.css?m=a0174fdeb6dbe8ce129a48fd3d1b8e53
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.208.54.178 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
6d3f62d4d17969f9c70e9438cf671004725019e868123f2ebc295a006f8d5d2d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 15:10:17 GMT
cross-origin-resource-policy
cross-orgin
content-length
2568
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 04 Oct 2022 21:10:15 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
pguise.stage.cascadewebdev.com
cache-control
max-age=604800
accept-ranges
bytes
expires
Mon, 10 Apr 2023 15:10:17 GMT
remixicon.css
paidleave.oregon.gov/assets/vendor/remixicon/
108 KB
15 KB
Stylesheet
General
Full URL
https://paidleave.oregon.gov/assets/vendor/remixicon/remixicon.css?m=0405860d06b5df26e3398f117ed14e2f
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.208.54.178 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
13e29a29baade86f4e7a88d8e076d6a6f3ac8950757b50a0f8bbea1c33658d5c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 15:10:17 GMT
cross-origin-resource-policy
cross-orgin
content-length
14609
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 04 Oct 2022 21:10:14 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
pguise.stage.cascadewebdev.com
cache-control
max-age=604800
accept-ranges
bytes
expires
Mon, 10 Apr 2023 15:10:17 GMT
swiper-bundle.min.css
paidleave.oregon.gov/assets/vendor/swiper/
16 KB
5 KB
Stylesheet
General
Full URL
https://paidleave.oregon.gov/assets/vendor/swiper/swiper-bundle.min.css?m=1fe3dedae6d2b3284bbf1981673b8339
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.208.54.178 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
c8e751b1ffd87fa9baf29fad41f37b99a8d48654c38768b7737621ed1606d0b6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 15:10:18 GMT
cross-origin-resource-policy
cross-orgin
content-length
4578
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 30 Jan 2023 21:51:51 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
pguise.stage.cascadewebdev.com
cache-control
max-age=604800
accept-ranges
bytes
expires
Mon, 10 Apr 2023 15:10:18 GMT
style.css
paidleave.oregon.gov/assets/css/
59 KB
11 KB
Stylesheet
General
Full URL
https://paidleave.oregon.gov/assets/css/style.css?m=1fe3dedae6d2b3284bbf1981673b8339
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.208.54.178 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
05f54dc7ff22d4cfefdab10964e5563bcd23e7f3a4f54deeb2dc555093483769
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 15:10:18 GMT
cross-origin-resource-policy
cross-orgin
content-length
11287
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 Mar 2023 17:50:10 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
pguise.stage.cascadewebdev.com
cache-control
max-age=604800
accept-ranges
bytes
expires
Mon, 10 Apr 2023 15:10:18 GMT
language_contents.css
paidleave.oregon.gov/cust/language_contents/assets/css/
244 B
201 B
Stylesheet
General
Full URL
https://paidleave.oregon.gov/cust/language_contents/assets/css/language_contents.css?m=6ebfcb60962ff2b16c947c8b5559c136
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.208.54.178 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
31a1e13a09085c6d1a113a9f43e72e8585eba1d26e11ee1ef5b2f9e701465316
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 15:10:18 GMT
cross-origin-resource-policy
cross-orgin
content-length
161
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 27 Sep 2022 22:42:38 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
pguise.stage.cascadewebdev.com
cache-control
max-age=604800
accept-ranges
bytes
expires
Mon, 10 Apr 2023 15:10:18 GMT
form_submissions.css
paidleave.oregon.gov/cust/form_submissions/assets/css/
311 B
249 B
Stylesheet
General
Full URL
https://paidleave.oregon.gov/cust/form_submissions/assets/css/form_submissions.css?m=6ebfcb60962ff2b16c947c8b5559c136
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.208.54.178 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
31fc89d965487bc00d1b13ca8709acc48021318d675603488ecf06f13223cb97
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 15:10:18 GMT
cross-origin-resource-policy
cross-orgin
content-length
209
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 27 Sep 2022 22:42:38 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
pguise.stage.cascadewebdev.com
cache-control
max-age=604800
accept-ranges
bytes
expires
Mon, 10 Apr 2023 15:10:18 GMT
languages.css
paidleave.oregon.gov/cust/languages/assets/css/
244 B
270 B
Stylesheet
General
Full URL
https://paidleave.oregon.gov/cust/languages/assets/css/languages.css?m=6ebfcb60962ff2b16c947c8b5559c136
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.208.54.178 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
31a1e13a09085c6d1a113a9f43e72e8585eba1d26e11ee1ef5b2f9e701465316
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 15:10:18 GMT
cross-origin-resource-policy
cross-orgin
content-length
161
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 27 Sep 2022 22:42:38 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
pguise.stage.cascadewebdev.com
cache-control
max-age=604800
accept-ranges
bytes
expires
Mon, 10 Apr 2023 15:10:18 GMT
site_tools.css
paidleave.oregon.gov/cust/site_tools/assets/css/
2 KB
704 B
Stylesheet
General
Full URL
https://paidleave.oregon.gov/cust/site_tools/assets/css/site_tools.css?m=03a4dfb3edbef88161dfc79c340d705d
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.208.54.178 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
85866241056d84cf1d39a63e478fa49a0347dab9261cd9bc172037541182f714
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 15:10:17 GMT
cross-origin-resource-policy
cross-orgin
content-length
640
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 05 Dec 2022 22:15:02 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
pguise.stage.cascadewebdev.com
cache-control
max-age=604800
accept-ranges
bytes
expires
Mon, 10 Apr 2023 15:10:17 GMT
videos.css
paidleave.oregon.gov/cust/videos/assets/css/
563 B
347 B
Stylesheet
General
Full URL
https://paidleave.oregon.gov/cust/videos/assets/css/videos.css?m=6ebfcb60962ff2b16c947c8b5559c136
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.208.54.178 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
54f976ac43fdffa9d8e9f06064b693247d2265171e9b5ddac0b631db3e068114
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 15:10:18 GMT
cross-origin-resource-policy
cross-orgin
content-length
306
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 27 Sep 2022 22:42:38 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
pguise.stage.cascadewebdev.com
cache-control
max-age=604800
accept-ranges
bytes
expires
Mon, 10 Apr 2023 15:10:18 GMT
calculator_rates.css
paidleave.oregon.gov/cust/calculator_rates/assets/css/
244 B
224 B
Stylesheet
General
Full URL
https://paidleave.oregon.gov/cust/calculator_rates/assets/css/calculator_rates.css?m=752c37b48743decbcd8ef8f529e806b8
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.208.54.178 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
31a1e13a09085c6d1a113a9f43e72e8585eba1d26e11ee1ef5b2f9e701465316
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 15:10:17 GMT
cross-origin-resource-policy
cross-orgin
content-length
161
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Dec 2022 23:41:10 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
pguise.stage.cascadewebdev.com
cache-control
max-age=604800
accept-ranges
bytes
expires
Mon, 10 Apr 2023 15:10:17 GMT
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://paidleavecontact.oregon.gov/
Origin
https://paidleavecontact.oregon.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:17 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1680534617.dop210.fr8.t,1680534617.cds278.fr8.hn,1680534617.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
e1c3d56080724b4ce3117414ab8e1fdfc049dd4c.png
theme.zdassets.com/theme_assets/10522802/
46 KB
46 KB
Image
General
Full URL
https://theme.zdassets.com/theme_assets/10522802/e1c3d56080724b4ce3117414ab8e1fdfc049dd4c.png
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d379d3827191fbf7ab5ed73b75a916d9cbc40a47f1251f9b6a2362051d71570
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
vja_4Jd1mMDf4r71UJQRlNvkgVgkr2ZP
via
1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-length
47081
last-modified
Mon, 30 Jan 2023 15:35:05 GMT
server
cloudflare
etag
"3d281e729b82de0aab1f508509724a1e"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keCTejhmxKQiia5crmOjaW72gi9gMq6A%2FhNVAKiJZ3qxDcUhK5WPc4AZI6iQAa5axpSDsoAAmbbMzrhruG4lEGCBEAku4vjUEUNH5BMWd4gzzZ5hMmWA99zlyZ7QVQC9q525UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
cf-ray
7b223cd4aea42c25-FRA
x-amz-cf-id
xv11K1x3OrBF3EytOIJb_MY491DpGZzcWzLYySyYUo0S0n1L4eDFSw==
ec3469b96a5c364e6cfb8bcd0801cfc000ad1a54.svg
theme.zdassets.com/theme_assets/10522802/
575 B
822 B
Image
General
Full URL
https://theme.zdassets.com/theme_assets/10522802/ec3469b96a5c364e6cfb8bcd0801cfc000ad1a54.svg
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37b4339a9e015c0001e0ca7dcea64cd990a7d53867a6f38a83288b52c6ceb58a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
.wVjgCp8dDK1fIu3yxavvSc_O2d2Lj9L
via
1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 30 Jan 2023 15:34:59 GMT
server
cloudflare
etag
W/"e7c019c7dc6586746f797327cdd2b452"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=le01e1HeVc%2Fpsdm%2Fb79SOfcXGsFCeph3jwyGapy84S%2B%2FIIsjpQTyE3LXiSCXDckwuc%2BElEP9BQ5MAarDx%2FKOqjLFD0SNn36zwS5D9QitrDDwcEFcN7baxJfw8qd6gn67zpdjFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-ray
7b223cd4aea62c25-FRA
x-amz-cf-id
9WzcwapPHEZsfcO4FB9sc1L0CWp_Y_hbQWCWYAZXnZoXmpqwe41SxA==
5111b88ba8daacc37cc44cdd7f2d44203b750a65.svg
theme.zdassets.com/theme_assets/10522802/
381 B
988 B
Image
General
Full URL
https://theme.zdassets.com/theme_assets/10522802/5111b88ba8daacc37cc44cdd7f2d44203b750a65.svg
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c58d7d0261223bf32f453d861e5eee009a8cfc8e24661fd4fcf4a17eb2993182
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
LHWCEqPjl5EhmHz_D4.6pfs.InqxXSlg
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 30 Jan 2023 15:34:52 GMT
server
cloudflare
etag
W/"ca6d634894e4da55848a9f1bf1d67904"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eAspQv5MLDydrra%2B%2FOeIsLmqiGfa34LeIPzrZzLwumFh%2FZ%2BwCv7XICq1dKavBs4E%2BrD3z913Lta7UAlbWJcOvkNB2SJfMcKajxsHVMxgZbC6p4qBVVSlIcICK2QXHSFXMjGfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-ray
7b223cd4aea52c25-FRA
x-amz-cf-id
oX0smiVle8mItYzX7wYJXE85SyfJaXnJTS2DT96XgpXJXW6xg8nWMw==
91cdba32f90f92986ee7d2c19c056f066d639829.svg
theme.zdassets.com/theme_assets/10522802/
57 KB
42 KB
Image
General
Full URL
https://theme.zdassets.com/theme_assets/10522802/91cdba32f90f92986ee7d2c19c056f066d639829.svg
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cd7849501e529e1f8de5b079dc73ca7b78084c7e372b785531b999cc6f206dd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
NXnU.Xva0Yvylk.HLlYOWRkec0CjBmiO
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 31 Jan 2023 02:20:00 GMT
server
cloudflare
etag
W/"71db7f6675280f8fb5f63c5b47d08a16"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNfWxVucXT2TofcF1l6mvMH%2Br02rfWDt4yapWru3wIEFQU9MJaGryqAwGIhFwo4iOu1QMKx6VmeW3oVSZ%2Fr6MR3lmtjV2mRvC1iqKiumxinj5ynx%2F5i5NiDEGSOBZO9%2F4bCn9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray
7b223cd8de6b2c25-FRA
x-amz-cf-id
I9Vod3Nm3rF6Mqh4LuGI0s7yon3LcED8IpBuKrmT17uQSaT0E25Vow==
ebbeed7b9ba7cf3785116e701195edc11df823c7.svg
theme.zdassets.com/theme_assets/10522802/
26 KB
20 KB
Image
General
Full URL
https://theme.zdassets.com/theme_assets/10522802/ebbeed7b9ba7cf3785116e701195edc11df823c7.svg
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f321f98a0b476b2db4b404d206800619635c3e0ab10e067ef4dba39346d23f86
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
au1vpJX7Q9qzPl_jO4hlI5yOi7cuORkH
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 31 Jan 2023 02:19:48 GMT
server
cloudflare
etag
W/"793824c5d26f41062cbab1e7684029ea"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsHrhytWWfV%2BawRcMdYI19slP2Ia8NdEnxgtrTl6wSxF7s4mA%2FoffOW0xm3%2FE4pu4nUjZZXWnKKtlj2O4ucOEEuJHZLN45z1Y2Lc5Fpw1tThnp70E8hfm%2F4iF0jKSvA%2BxqT1TA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray
7b223cd8fe9c2c25-FRA
x-amz-cf-id
jlEHUFKbu-qmsCrs9o71INHWErvjSe57YvmXS_pXx0BG0fm4yix4vg==
077f79d84527d7c449112df06d047565553c6594.js
theme.zdassets.com/theme_assets/10522802/
5 KB
3 KB
Script
General
Full URL
https://theme.zdassets.com/theme_assets/10522802/077f79d84527d7c449112df06d047565553c6594.js
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b68e5ade742f1c41e98d4a7052dcfa69de8a5961c32144adee15091099060ff
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:18 GMT
x-amz-version-id
QeKlWMNEuI.TzxCDs2ec8LUJZzvoM6VB
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 31 Jan 2023 17:35:25 GMT
server
cloudflare
etag
W/"a337c9af93cd71a7a9517921879be5ec"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnsXL66SrZo1uiyRoDUSVZk%2F5OZ3VxZl7o6Qn1RH5vvwKUt0G8cICZwzywCacZK3h7BbITpUvgxkDzI3u1W2jiOHpCN8IE27XEZZkx%2B83TYqV1vvIhXvJjJAtQSUy8C9WjlyUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray
7b223cd42dc42c25-FRA
x-amz-cf-id
Fpo7ltg8SH3Zcs4IDot0TG3lp3OgrszC2Jl6pogYh6yL6QLrSL7uxg==
77bcf0c882fa4be8fbead35052c39a944f9035e3.js
theme.zdassets.com/theme_assets/10522802/
79 KB
24 KB
Script
General
Full URL
https://theme.zdassets.com/theme_assets/10522802/77bcf0c882fa4be8fbead35052c39a944f9035e3.js
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:18 GMT
x-amz-version-id
9drpo_hLVaZU5LjbgEpUzE6T5zHRC.5b
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 31 Jan 2023 17:36:44 GMT
server
cloudflare
etag
W/"9afc1e0eba9521f29775ad2f6ace3f1f"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XawpS9Hdli51N9JgP8b9zt4PPNzGG4yeT11bVq9MbXvqxvzC1F7FFAWRRMCdHXxSs03S5a571uDvx2ms6G4hWtD5q7QACosG98BOyodi2TnOuk8WSG5kjegPbdaGkKQH64KdDw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray
7b223cd46e3c2c25-FRA
x-amz-cf-id
rusy1xguQ-06hwNPIJtdoI_q3PQQnovCHGnNMcxjqVmIe6s--fALBA==
7c58d3bcb1c2ade0657cfd1642cb30d8b68e0917.js
theme.zdassets.com/theme_assets/10522802/
55 KB
16 KB
Script
General
Full URL
https://theme.zdassets.com/theme_assets/10522802/7c58d3bcb1c2ade0657cfd1642cb30d8b68e0917.js
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03dfe1fbce92a9f17fcd1a1501213bd820d050ab085c338419ab06a3631c9459
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
EsvcgxdQMRhUE8UQvUBCMg3cRx_vgNKk
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 31 Jan 2023 17:38:16 GMT
server
cloudflare
etag
W/"2b4c8cbaade24ecb58bcb0d89694ccee"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xits4FRuq9FeIdmPyyU205sSq%2Bfr1o8j97ja5rQl8%2BqR4fhTikBBJjD4MTEz0B0XlLXw%2FErN4aQuMECmfPwvmI1C%2BDONOtWNO15%2FgHqz5ot3mMUzS%2Fd%2FrqD10tpuai4MIPMcuA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray
7b223cd47e5c2c25-FRA
x-amz-cf-id
hkE5MOruOUupCMQqa7wJbv7y1XU3edvXsUxbZNSeXOblyhh_m06X-w==
286b647921b2f4f5915a3b4ed82b304c4d4da216.js
theme.zdassets.com/theme_assets/10522802/
140 KB
40 KB
Script
General
Full URL
https://theme.zdassets.com/theme_assets/10522802/286b647921b2f4f5915a3b4ed82b304c4d4da216.js
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc52733b73530cdb8ff7665895e0b1be88f67f1dcf738ec1ca3ec404f2723f97
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
AE4u3AmcrY0eh9O6bZl.1aX_K8d7wnD7
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 31 Jan 2023 17:41:19 GMT
server
cloudflare
etag
W/"c44016a358a170c6e50897090ac26e4d"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=At1aDDXVqBkx1OKRvdQbMSU2%2FXs3gJQX4R4JK49rJSUy6kLEZavX8b%2BRyYvGDqCB4dWSFv2E5E7dfV5T9NwoSB4IkSVXGEQboZ%2Bs6QG%2BclpgX9KVA10YZYn8hsmFV5lWE46o8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray
7b223cd47e5f2c25-FRA
x-amz-cf-id
tmv0nTFXoYVe6E2G8J3-fhtkiSszP3-AZa7suaHRC0xVvyCH2z8TkA==
e5002faa25f3a0593f0726eb63f88589b33a551b.js
theme.zdassets.com/theme_assets/10522802/
16 KB
5 KB
Script
General
Full URL
https://theme.zdassets.com/theme_assets/10522802/e5002faa25f3a0593f0726eb63f88589b33a551b.js
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81adc728ca372f7241aa26bdc63564be15b456d8dae4d8c30378826700949675
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:18 GMT
x-amz-version-id
9wDBWpykFBa3Gs2R91.9WMAw4ahPYCF2
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 31 Jan 2023 17:47:48 GMT
server
cloudflare
etag
W/"364cff500e4924170e915074ce697bcf"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bnBjyOG46RokNlz%2F%2B0p8tkvw8sAe0%2FoOAi5v5CyGrXq70j0ovufAo660uBOJVGQJu4vUIQv8yayNgf1RXfNzPc3HSUUX%2BgrWiv5sR%2BC9Vq%2BzIOl3%2FcuVR%2F9Rqw5MZ9RvZN07A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray
7b223cd47e612c25-FRA
x-amz-cf-id
jHFq0-jbVHj4tsp5umNQZtQ1bh5wwojYN-eeV_HA_TqMHMrd-R5OTw==
2b01bcfb9edbb962dabe06277400060bdcef1feb.js
theme.zdassets.com/theme_assets/10522802/
11 KB
3 KB
Script
General
Full URL
https://theme.zdassets.com/theme_assets/10522802/2b01bcfb9edbb962dabe06277400060bdcef1feb.js
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5524efdfe0a1d9ac48dbae46b7d73482b2c5fbbeb923adf92b6674ded277ea6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:18 GMT
x-amz-version-id
I.TIxC1LJzN4p7yyYrTo.fFjPPBqDdLD
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 31 Jan 2023 17:42:50 GMT
server
cloudflare
etag
W/"d52d78a671392b388e766d40f68536a8"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGQbEAHCbIBO5IGbpJbdc8vef2h0uKP9s5nKG9zmdElgYh1nWCbI5T3i9UDusAfzNmriZZtjLUaUvpeX3B4DbSlUC6sVjQWF7vT7TR0VqKkRg6Sv7yPZb3nDTMGVtg8V11d%2Bzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray
7b223cd47e652c25-FRA
x-amz-cf-id
T745Hvj7WcJZVegZA-2iGJ-1KhKfTi7OJnnCyO9HqQwxv_UyrUOcpQ==
5956cc1529d381e3678ca5d797276011ab1e00c9.js
theme.zdassets.com/theme_assets/10522802/
2 KB
1 KB
Script
General
Full URL
https://theme.zdassets.com/theme_assets/10522802/5956cc1529d381e3678ca5d797276011ab1e00c9.js
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297999879ee1a153bb09507beacc59cd964ac0648a9ea375e7f3d342402f768b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
UnM.v8J0KIFq3SPRAuXec9mqUWhNF7fG
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 31 Jan 2023 22:50:38 GMT
server
cloudflare
etag
W/"d147469a7668cda0dfdac4cdb1b87735"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FozK5k4OuyZ4tzUQpJLReKTV0v0mMkhLw0XGMXBaitQa25l3Y9VwMY98DeK7yfAPR48ZCKPJoUiTuaT4%2BCSlT%2Fu5EjxfsBzwscgY5TZfAwckRVuQvDJmaxt3XAv6%2FkqGcCMvA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray
7b223cd8be252c25-FRA
x-amz-cf-id
D2_GIkwCUbMZUouvux1bGylwa3GYBIlvAlx0HSKLeZCuN9i6myRyPw==
en-us.5de466eae426a14dac38.js
static.zdassets.com/hc/assets/
206 KB
37 KB
Script
General
Full URL
https://static.zdassets.com/hc/assets/en-us.5de466eae426a14dac38.js
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0c6ebb09cb4fca60993322ad22299bbb3fa1e0851df93a9644b4469c2a8536b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:18 GMT
x-amz-version-id
bnUVKmXWQjncGYbkMeCXvPAQetz5O6dM
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
T5W5PCG6PRHFWWS0
age
14099
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
k+HcPVZm8lSdPi2FRU/M4aRk1E4dasSQF1d+xBgRi27C5OBEewu5Ui51YMphA7BTzqwqBfjWkEiXJ9NV6r9mUg==
last-modified
Mon, 03 Apr 2023 11:08:03 GMT
server
cloudflare
etag
W/"5de466eae426a14dac38fb62838d4dda"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C77xGto2Hhv1W3mDzwgHREX%2FInRiF5FGIfVSphwNx6h6YmX0TvFWJaV%2F0C6fZxbkx8tQCWdGNqHG5fhj4bGxsQjyT9fCMv%2BnzVTqocO8oz2hYJH4hzqwUnjsAR747wwGPgPUDvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7b223cd47b6b9972-FRA
host-without-iframe.js
static.zdassets.com/auth/d45e11e2da81e75fb2c3e2ee3081e4b450dabc46/v2/
Redirect Chain
  • https://oedhelpdesk.zendesk.com/auth/v2/host/without_iframe.js
  • https://static.zdassets.com/auth/d45e11e2da81e75fb2c3e2ee3081e4b450dabc46/v2/host-without-iframe.js
4 KB
2 KB
Script
General
Full URL
https://static.zdassets.com/auth/d45e11e2da81e75fb2c3e2ee3081e4b450dabc46/v2/host-without-iframe.js
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f919bb8db7a2fe7126380d85836c540c3fc883cc4dff3f44ae1ecc697027a6c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:18 GMT
x-amz-version-id
R8tgy0yPrkXQZHn1JOOV89llF5wQEtBe
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
X6HRD43Z55REPNS1
age
959
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
4AYMpe6NwvlsxriuLjlSvou4SKTf0h7NnT+tfF6g8J3jmWOl83qpeIjhWpNyXQHf0z8WfUsycsw=
last-modified
Wed, 01 Feb 2023 17:32:17 GMT
server
cloudflare
etag
W/"35166401913bc433e702156b229abb6d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moGAwnhYwje%2Bcb32vRRRxwMLZQj5D%2BVrseS7E%2Byu3JQE8MaFcWQvOnk6SgsabOwf6%2Fb1n72W9cskTHyXn%2FcoGGiejg0BXiObOhDzpp%2BQ7ecaaiulg3FAAotkbeRGoAiCon0wz2s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
7b223cd4dbe19972-FRA

Redirect headers

date
Mon, 03 Apr 2023 15:10:18 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
71270
p3p
CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-zendesk-origin-server
classic-app-server-57fc687667-727nn
content-length
165
x-xss-protection
1; mode=block
x-request-id
7b1b70d5bec79b55-FRA, 7b1b70d5bec79b55-FRA
x-runtime
0.049238
server
cloudflare
x-zendesk-zorg
yes
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58q23U3WcrIB70kGuPz%2FTfm6j6OHVPFqBygcYsNc4vnavdq8O58Kz2l%2FgVibdEOIwXq6s6XEv2tFmqO8FxkELcY9VWUFsae0BZhdHaQdb967dzG26nK7UWSXxK3FSLCVUfKcTZTSKP%2Bq"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
https://static.zdassets.com/auth/d45e11e2da81e75fb2c3e2ee3081e4b450dabc46/v2/host-without-iframe.js
cache-control
max-age=86400, public
cf-ray
7b223cd4ae165bed-FRA
hc_enduser-4e53980013c7aa41b0fb77e486eba307.js
static.zdassets.com/hc/assets/
567 KB
178 KB
Script
General
Full URL
https://static.zdassets.com/hc/assets/hc_enduser-4e53980013c7aa41b0fb77e486eba307.js
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d1a703de8329043140b19aa526ac5e47206fef9ca0c66c4bb851be852d00ab5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:18 GMT
x-amz-version-id
9nn8H1ZoYm6Yad5Iuoqow.fE9JjxEuul
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
0HVC6DE1RJT2QA2E
age
14250
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
j2Qh5OORxa4a9v0qkwWMU21CZ4tUXcV2407aEX9gyZg4icHM2hWgs8vSCM7uD8+nLbCsYnE9ZYc=
last-modified
Mon, 03 Apr 2023 11:08:14 GMT
server
cloudflare
etag
W/"65249a06cdbff30f2688158b30c8c7ed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXsWv%2BDhsM7CKT%2F9O3PHZdcLlxKsBtXVQkNo7St4hUywo1bPI4WFmAkedyfydLDD1ZhlIFYrHNMkGk68zdKCCSjcq0lXQbbWqx%2BsKRE8kHerAI9qukf5FCitLs8cL8wS9sXPZfw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7b223cd47b6c9972-FRA
script.js
p23.zdassets.com/hc/theming_assets/10522802/6128045806743/
18 KB
6 KB
Script
General
Full URL
https://p23.zdassets.com/hc/theming_assets/10522802/6128045806743/script.js?digest=13353930874647
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
643fe47c211870d9a20e8f4847e88678c29afe85afc718a59524eab89ebc6435
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:18 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
help-center-unicorn-6dcc95fdb-9wm7r
protocol
HTTP/1.1 always
x-request-id
7b21fbda4b682ef6-IAD
x-ua-compatible
IE=edge
x-runtime
0.013705
server
cloudflare
etag
W/"643fe47c211870d9a20e8f4847e88678"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCH83sTvO8AN4ZLUyYyLTEBapoSrkbz7ZpqrjyeAoaHe0DEL3BS4bPGy5Z%2FcJ5tRCy3KibmbanHLWdMHffkHJ%2FI6jIAeGDQzR8qFBINSAaJX4lEvvo%2FS6cM2Bfk3730Mh6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=604800, public
x-zendesk-processed-host-header
p23.zdassets.com
cf-ray
7b223cd47e662c25-FRA
PangeaText-Regular.woff2
paidleave.oregon.gov/assets/fonts/
0
0

PangeaText-Bold.woff2
paidleave.oregon.gov/assets/fonts/
0
0

fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/
147 KB
148 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08892835e828657736cc2fc56b6604a5a2517c0126b4d4df14fbba739969c170
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Origin
https://paidleavecontact.oregon.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:18 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
929501
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
150516
last-modified
Tue, 15 Nov 2022 18:04:22 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6373d4a6-24bf4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FEMVlgbrk8796EqqoSvqE1NDqikVUollr94v5WB0h%2Fpv%2BbJDsSi6uip4pZ5xDFELapQPIsn43ag0n1rN20BGsZQVBgOoFkmhpltKlY4zO4rlhnXYRtm2tiw7aO4E2HQdB%2FpmglQYY3%2Feg%2Fu97a0tgYb"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b223cd48f513aa0-FRA
expires
Sat, 23 Mar 2024 15:10:18 GMT
Pangea-Bold.woff2
paidleave.oregon.gov/assets/fonts/
0
0

fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/
105 KB
106 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65eb46d87199fd230a77d3709a5372c26c7b4ef9fb9e9eb0e80df251f2c9139f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Origin
https://paidleavecontact.oregon.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:18 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2151928
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
107656
last-modified
Tue, 15 Nov 2022 18:04:22 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6373d4a6-1a488"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEZRh77uSOdcrJ3uZX%2ByaY9XTP6n%2FKx4KjXLsrrMM9ambEupQ5K%2Bz1QHgWgP7xerXzILGuWAzDWtRX1Frh%2BOXmLoeRP4uPopSwc0LYAxy4wLRgkpsNWUI7nVU5CQnxP2AX7xP7acUhltw5ITxzWDYUlS"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b223cd48f523aa0-FRA
expires
Sat, 23 Mar 2024 15:10:18 GMT
58177-c7d87290b4661a50fc92c3b423498d5b.js
static.zdassets.com/hc/assets/
28 KB
10 KB
Script
General
Full URL
https://static.zdassets.com/hc/assets/58177-c7d87290b4661a50fc92c3b423498d5b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4e53980013c7aa41b0fb77e486eba307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2310474236341c3e65d4856e05ecb286ac1b6f4e9963112b27afd5c04534376d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
fEGxxmdNyCnmr4fsDew3xO9BNfzpGdHA
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
MS21NYD0MYBSNJ0H
age
451505
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ozbcMuJ9hW56gB78klnuRZdsyBKoiiERcmVyoTGV8ibaHSEBjHx3TrtVCnoqgs2kJvvoMD8t2dQ=
last-modified
Wed, 31 Aug 2022 09:40:03 GMT
server
cloudflare
etag
W/"f728ce6548206ded4269a9173894a01b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KjEpjN8fvJgUdfqPhUtwve6ydsiAwg0%2FsJ9KyrxdLgqRpxI481yr%2ByFDrldMNFgRfSfLMIyeQOsrbBtacHVfOXxzkz%2Fy%2BGL9q9RARY8LzwxOpV9Y1DLqtmMVFP3D52XSCgc2AE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7b223cdd49669972-FRA
Upload-bfb2a5033a2b1a77571357d2274caa7a.js
static.zdassets.com/hc/assets/
7 KB
3 KB
Script
General
Full URL
https://static.zdassets.com/hc/assets/Upload-bfb2a5033a2b1a77571357d2274caa7a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4e53980013c7aa41b0fb77e486eba307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6f739cba25eefbb338b251537266df40b3ef46754fc20678feb31802290ca5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
EY4SxoHn6HUdaYKHRNwxDOVWMrlR788L
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
5JSATJRBTEFMFS93
age
547514
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
2QEMcO6qaGrkH7rFgoTDd+FLzP8U/LQ57mLkj2aZxYVaLVrS30yPvnL0SH6DxwuwfMSBmgbDwu0=
last-modified
Tue, 28 Mar 2023 06:59:43 GMT
server
cloudflare
etag
W/"0cda04dd9e8846f1d31df38bfcae84c9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0jUdvdIThUdOhhge663LhZuAANpbij7NAZL2Tr9zUqBXal7oegrBeNZ6DzjrpUg7zGzlRuIFlecmOFDX%2BAHM4duy%2FdKJS8gu6RBdkvK3lowAgesH4DKmxzOuQgM88C9jEcVNRc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7b223cdd49689972-FRA
Multiselect-38005c270121da2b03f36d13790d3acf.js
static.zdassets.com/hc/assets/
12 KB
4 KB
Script
General
Full URL
https://static.zdassets.com/hc/assets/Multiselect-38005c270121da2b03f36d13790d3acf.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4e53980013c7aa41b0fb77e486eba307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0283c673c9b01a89b0a82cc859f23493d63731a8a165cdb4b771bd198fa280d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
hc8sUQtABolFK3C_uordYmzH4RYn2mCq
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
5JS9Q5BBQH5KBV22
age
547514
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
K8Dj8FVNf25Rh5WYpfhNt51vzPSR2E6pSfZTNiRwi/KX4cH9RmJRbygPoNcLSubm9e+eDXFPgho=
last-modified
Tue, 28 Mar 2023 06:59:43 GMT
server
cloudflare
etag
W/"90c1775d172df374f22631d6d2bd2007"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEszxyXKxz9Tn11jKH%2FHaIBcSB0q8yT0gUD02fUyITQpMVN%2FvjXk85Z8XkLUr7tCmLN25Ci4U7Soy7NPSOjNqSjdN0HGmqgGn3GND%2B43ddYkrrak6KwA4CV1kx%2Bwl1%2BJkppVsws%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7b223cdd496a9972-FRA
conditionalFields-5e179c003cb6a1d605812ba0e0da9921.js
static.zdassets.com/hc/assets/
3 KB
1 KB
Script
General
Full URL
https://static.zdassets.com/hc/assets/conditionalFields-5e179c003cb6a1d605812ba0e0da9921.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4e53980013c7aa41b0fb77e486eba307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f73ad0e2de699a56f2901795669c25649e6c30e674302ebfde345258def1076b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
Wyj5Znfc9_LuB8wsyeyQjG_KCjRJY3mL
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
5JS1PFY402RZ5JNC
age
547514
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
11H8mWxaOy0lGZ1qNJKCxX4YNQxvBeI8NTtg+imd6k5ZK51CwKpQriN6dMRETrXg/0TdZqnSxpE=
last-modified
Tue, 28 Mar 2023 06:59:44 GMT
server
cloudflare
etag
W/"cf598d80939b4c3edaec3129a8ad6e2f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWraTjw8ekXnF3cYXkSiOzCOggMbfbmV8yKtSGliWWxEgSGpq6TbrFzj81l%2F9EAZUWkEJiWk0CoH5rayBmMFD1jOJJ0mss03vz2HVKAb21E%2BFt2BH3OuSoH3ts7YEGqADx22hCk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7b223cdd496c9972-FRA
92085-55ddff94373af8bb6493031a7691529c.js
static.zdassets.com/hc/assets/
2 KB
1 KB
Script
General
Full URL
https://static.zdassets.com/hc/assets/92085-55ddff94373af8bb6493031a7691529c.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4e53980013c7aa41b0fb77e486eba307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc6051c05d33b67af457b073ab13e2b6c7b5b52fc3546801da12ebd4d8434ae
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
HHqRW3p_3o1kCbkr6L.6aA9MM7vgJTLC
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
2ACAMG1VGKNDABCD
age
451213
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
frdmLSWj8a87cxg5ff2HAjtfxgYrdcmEN4OUT7fs7l+dP8vpAfw7VfgkJ8q2EvlI+Bny/xaeKd0=
last-modified
Wed, 31 Aug 2022 09:40:04 GMT
server
cloudflare
etag
W/"b8cccae3cb418a4a6dd6ebfbf57bb693"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drW8sL3TFEtOivua%2BLjXpbVyWc51Sv9g0N8xPrSpxMzZIK9Kvy%2BGEJF4pU8sfsfxeKXLWLo9I6cThTjunlkDOYPGQ1nJjGK3Q14cGBJylU9zcU7xIVvXAhyWLzzGGGh3x4xX77g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7b223cdd496d9972-FRA
react-56493a1793e64505e8e4058de58a1cef.js
static.zdassets.com/hc/assets/
135 KB
43 KB
Script
General
Full URL
https://static.zdassets.com/hc/assets/react-56493a1793e64505e8e4058de58a1cef.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4e53980013c7aa41b0fb77e486eba307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46a7be70025ccbe492986449e34cad65ed68478ca78362d508282fe385926ea3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
XJZIUpZcPvLSeMXjb7myDJm7ihoZt0VA
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
MS21XYY6Q6YNYWHS
age
451579
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
rTBNG8nxq2ZOx0SMFLs/LV6j3J1VD9RLf25LXUn7EgSlfMpT6NU+hHfMk52N4t0Ke9J2Uoo84UE=
last-modified
Wed, 31 Aug 2022 09:40:22 GMT
server
cloudflare
etag
W/"ef0668e9329c77e1544e80d861258de8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PpNPbOeI6lD68%2BmtNTNeNMZwuktiFu2PczVRFsD70bsNOH2RNRXJyADoovx48wP9qMGlvMbEx%2FNBoCTTQNmm8QOt0O%2FiWc8hhTprhSdFz4vTCsM8fisuQLNGBe7R1cMYmLkbcc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7b223cdd496f9972-FRA
tinymce-74b0ccc37839d85c39fac1beb10a8037.js
static.zdassets.com/hc/assets/
486 KB
157 KB
Script
General
Full URL
https://static.zdassets.com/hc/assets/tinymce-74b0ccc37839d85c39fac1beb10a8037.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4e53980013c7aa41b0fb77e486eba307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f27cfecbf94d0cf36c68894c4ec26c31c91990d25ef1b75a5ab273e8b5ccd40b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
4HVymHZ4w8XwR4H7GlDathASI0z950k.
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
5JSDY43KRMXESACE
age
547514
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
oyVbLDBd8kSjvPXVUp51axGJfTET2MAYrgX+Nye5urFoYLJnKDOVhgM0PfdZPJovA6eC+5ZZYB0=
last-modified
Tue, 28 Mar 2023 07:00:01 GMT
server
cloudflare
etag
W/"c00eb9582677df4ff9bf7c5e86e5093b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7voMA%2FHJx0YSyl0lMrGbMGa1muKOjJ%2B7gysRNldkeIaZG%2BpGaaZquHElDwBWrK16QZKWZp0lHU1tAOiZrcBOKAtUOvHlZa899pG1N7RQdu6Cq9WTY0QGowML17EZcwI7x9OI1uo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7b223cdd49729972-FRA
12575-aad30dad9c1caa108fcea2533b402c79.js
static.zdassets.com/hc/assets/
22 KB
8 KB
Script
General
Full URL
https://static.zdassets.com/hc/assets/12575-aad30dad9c1caa108fcea2533b402c79.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4e53980013c7aa41b0fb77e486eba307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8fe40f37fe8a74544c9c6d121c48aad4cd03ba9a729d438ce6bc9990e0602d9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
kfFnFjaEjuiY2GpFGQqq5uLsMyEKW9ZF
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
5JSDK3QEYRY1J6S6
age
547514
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
a0RjZCjeF8+okMisHgN9Vmk80mh5ZiKXZ7rO5VRspUXaRSuYo6jauXvwcyczrUmWP1XYCUm0/Yw=
last-modified
Tue, 28 Mar 2023 06:59:40 GMT
server
cloudflare
etag
W/"f0781ef903fc565bbafb1cff98003502"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbTnfFAS4QAepTvVLCAS56kXL6A3EIXfIhY6VQh7fQnTZv6QPTATXe5AantRcIbP4%2FCvFUUnFXM7znd5f8JJIdzqgA6olMGo0ro21IOqH7aTs05dgtUW4QSzhceqRQr1U6B7%2FI4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7b223cdd49749972-FRA
78957-490df4fcbd959d50cb16c0d17f8082d9.js
static.zdassets.com/hc/assets/
24 KB
8 KB
Script
General
Full URL
https://static.zdassets.com/hc/assets/78957-490df4fcbd959d50cb16c0d17f8082d9.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4e53980013c7aa41b0fb77e486eba307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21951e636ba2d516a9b3719c8846a8d7c0491468cf468c84b8a237fdd65dde14
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
PoWhIkvAPitZAeg0L7mIJI71LR5eMCu.
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
5JSAM6CYRZM3SGN0
age
547514
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
xoNnXNa8HuhyCq6MrAAjrKlgOJGr9WkGgiKB8NuLNdiGypmwWkyDmddQWS8JpgLcKPdJcVBTIgQ=
last-modified
Tue, 28 Mar 2023 06:59:41 GMT
server
cloudflare
etag
W/"16732c0f31a60d2d753bbcf3c994a63a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5R%2FPa7M6pNuCIOwvM%2BzC0Otj3fKEuSm1PUYj73c9UgX0p8JrB5QI4R4IeMuE7UvqBBEreu2I7uo7YxlP3XghkzQ7pug6FjqTD2BopPrKI0PBaPhl2PtIpl5%2Fp5TvIfMEXEn25iM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7b223cdd49769972-FRA
wysiwyg-e69a03e868c78ed9f69746606bc61ad3.js
static.zdassets.com/hc/assets/
6 KB
3 KB
Script
General
Full URL
https://static.zdassets.com/hc/assets/wysiwyg-e69a03e868c78ed9f69746606bc61ad3.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4e53980013c7aa41b0fb77e486eba307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed4e8384df968053e521f4a00a8b3a18df8bfe6308c6d259d9a0e5a0bbbd65d7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
_f6Q_h1v8woBREPE393O4_PK9efY_iG5
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
ZYV1SEXHM8MTY0C5
age
442220
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
Cq1aDlxRRUlr3leDUDouh0QK5nF1sGYCEQWP8HPynKswLtT9Cw8E2/4QipFaXWQLwG2n304mINk=
last-modified
Wed, 29 Mar 2023 11:59:27 GMT
server
cloudflare
etag
W/"3c7d2fb6540c2ba8e0c2c55a3b6ab438"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1HwAeCulBeH1Oga6DgjjbPVa51br4Rl%2BKfwWwm2yr%2Bwi%2F%2FTBU2zRFwBwtcwbotE7bBOLddGudR0WHob0p9gdV%2Fol%2Bq91CfIlIPOlQE5o5busUGtD2adTXTw5RJ4m0T2XMVGzR0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7b223cdd497a9972-FRA
activity
paidleavecontact.oregon.gov/hc/
0
0
Fetch
General
Full URL
https://paidleavecontact.oregon.gov/hc/activity
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-4e53980013c7aa41b0fb77e486eba307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paidleavecontact.oregon.gov/hc/en-us/requests/new
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
7b223cdd73729b64-IAD, 7b223cdd73729b64-IAD
x-runtime
0.002107
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUimQCQ022e0sKZbaFyXs454WOuVtApePsrRZnA%2BPXxNNekaWR1shPlrDhuGlNxIhHBLfjFGqm9BwCCeULVa2B0XkjAUxLRweq4lXA%2B%2FEeVomPwQJ%2FJ5r%2BL4FgwXAqQVfyKYoLM9DIgXF924cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
vary
Accept-Encoding
x-zendesk-zorg
yes
cf-ray
7b223cdd4d1f9b64-FRA
5a270e9a-12ed-4a36-95c8-b8f705b6d22f
https://paidleavecontact.oregon.gov/
819 B
0
Other
General
Full URL
blob:https://paidleavecontact.oregon.gov/5a270e9a-12ed-4a36-95c8-b8f705b6d22f
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b54315aa20706ade20a86f6e6e84fdc06e18f4aa8a61f0584a30b717c3cfad9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length
819
Content-Type
articles.json
paidleavecontact.oregon.gov/api/v2/help_center/en-us/
141 B
665 B
Fetch
General
Full URL
https://paidleavecontact.oregon.gov/api/v2/help_center/en-us/articles.json?label_names=alert
Requested by
Host: p23.zdassets.com
URL: https://p23.zdassets.com/hc/theming_assets/10522802/6128045806743/script.js?digest=13353930874647
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ea0e2784fd4f41cc1344d190cac73c130e15e7b63219016394c6504403c17e
Security Headers
Name Value
Strict-Transport-Security max-age=259200;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidleavecontact.oregon.gov/hc/en-us/requests/new
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
strict-transport-security
max-age=259200;
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-rate-limit-remaining
700
x-rate-limit
700
x-zendesk-origin-server
help-center-unicorn-6dcc95fdb-gwksq
protocol
HTTP/1.1 always
x-xss-protection
1; mode=block
x-request-id
7b220e8ec94c6817-IAD
x-ua-compatible
IE=edge
x-runtime
0.069235
server
cloudflare
x-zendesk-api-version
v2
etag
W/"23ea0e2784fd4f41cc1344d190cac73c"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQLRR2I9eXeFGGxirVvJRUG6YDKlB3Q8CN%2BKA6KHcZZ8bbFpFl0l4VPE6Pzvqqsy5MWezfrVoKd3XZecdjDIc3yyfWVFblCjAfITvto1JWMe%2B%2Bwk%2BhZtDwH1VZm1FezxZLj5VKPgTjCtoFJ8IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Zendesk-API-Warn
cache-control
max-age=0, public
vary
Accept-Encoding
x-zendesk-processed-host-header
paidleavecontact.oregon.gov
cf-ray
7b223cdd9da39b64-FRA
invisible.js
paidleavecontact.oregon.gov/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 4DCE
26 KB
11 KB
Script
General
Full URL
https://paidleavecontact.oregon.gov/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680523200
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b77b774471521251a81fc19996df8aa6580d7a33f1152fd648869e16348961a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfJY8BG0EdsyXaizxGoGBza2LJNOh1akJN%2BMQRJtxCGGb3RUhBc%2BoxlExYhVLP46SvSTbz0ji%2FalBS%2FvHZV2olYe%2BTfsHxO42%2FOJt2ijsgL6VWzZn6%2FlZzBFo%2FXghs3Er2vRElaaEOlGap55zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7b223cdd9dae9b64-FRA
text-stroke-2901fc68f0898259656b155b6e0ba92f..svg
static.zdassets.com/hc/assets/
199 B
587 B
Image
General
Full URL
https://static.zdassets.com/hc/assets/text-stroke-2901fc68f0898259656b155b6e0ba92f..svg
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/application-4457e15fd2317df56adee04580b8726d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
939a68e952449338cd6680b44645ed17764c11273e3f3cc4b0e7d2a83aa009ca
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.zdassets.com/hc/assets/application-4457e15fd2317df56adee04580b8726d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
UxQVgstKnIM_S.22BZgkKw9I7ISjO1GF
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
CQFM6VBK5G9AQHZ9
age
450467
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
YdEwAl8wiOQJRt0Kya+NaeVOnIiu/2lVpyXnJqlPz+jNfO74PB3RtQV1j+Y2ORo9fFnSSe4qMyI=
last-modified
Wed, 31 Aug 2022 09:40:23 GMT
server
cloudflare
etag
W/"5dde3a59787df1231da99650092a141a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6WkLlcuWGgAc2Nw0oDaoefg7uW%2BfMJ3nTT5c7WJx6RzNWq5BZ2IGIlqgO8nZyifEutsq9li27AgveFf61weA1lCFkInF0lngLG9wDQ3Sf0%2FBTkLX86j1ryvRCEDDA1BpjtI6xA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
7b223cde0ac49972-FRA
bold-stroke-c075ecfab5f51c3e3fc9b218f0bb5379..svg
static.zdassets.com/hc/assets/
383 B
740 B
Image
General
Full URL
https://static.zdassets.com/hc/assets/bold-stroke-c075ecfab5f51c3e3fc9b218f0bb5379..svg
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/application-4457e15fd2317df56adee04580b8726d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41624bb8dcc2418c8027f8524956b086c3c6bb248832aa05dc82defed1f39ff7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.zdassets.com/hc/assets/application-4457e15fd2317df56adee04580b8726d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
bzoH_9vW1bwbjHhCngd8vxQ3ULzQj5WN
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
CQFYMYJGZM1W254C
age
450572
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
jdh8vNZNcLSaGaf3AvlipIGxZAvV4kAjFG87xnqU4d7aOJz5P0WQuKO0fe7AkQ3XBu2G+AD4vW4=
last-modified
Wed, 31 Aug 2022 09:40:06 GMT
server
cloudflare
etag
W/"84d8fc3d22ccedb22bf6893be36765be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMHi2bC%2BeKknV4WgAtj2T%2FcsVw9tdOEakGnJaCEkQsirrfunIUpHpexkHk65wk93d%2F1kMcFO93y2HbI0po2%2B6%2Fau0L1u%2BCD2hhcGkWSerPf%2FGZoQB6eH73Rj9PQd%2BDjkniRC7F8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
7b223cde0ac69972-FRA
italic-stroke-70c33a4f2eb08e92c4317b86aa029a59..svg
static.zdassets.com/hc/assets/
209 B
774 B
Image
General
Full URL
https://static.zdassets.com/hc/assets/italic-stroke-70c33a4f2eb08e92c4317b86aa029a59..svg
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/application-4457e15fd2317df56adee04580b8726d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edc4901275284898f385798808d03f32ed0d19c38d63ad75fbac227d85d55bf3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.zdassets.com/hc/assets/application-4457e15fd2317df56adee04580b8726d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
53.GEmRMsXqU9.BTO8wRSc.R.F34U0zT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
CQFZ2PPWC6A9APZX
age
450527
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
Xm8oqGyKSJYk1xxYmrbD/cB7ayROPrMIWiZ2edfh3nPVuyxmBeC1qyXX3Impz2XnR4iLzsyGF5U=
last-modified
Wed, 31 Aug 2022 09:40:20 GMT
server
cloudflare
etag
W/"faaf7552dbe969198161a20f2bb0ab29"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kp%2B2DdyhJfQoVsuZxlowvwNz8JAs2wy2%2FxmpG7Pd084rlwi1%2F5cRRrf0fFWX64MJM9uFv%2FR65oTvqfU5yz4j7RoReKAzo%2Bpys3pHdPAGHIScTyeWLEr41QHPdL4%2FaAkiXhZV8Aw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
7b223cde0ac79972-FRA
list-bullet-stroke-04b8bc257b35bc8f92daf5a5d7e1955f..svg
static.zdassets.com/hc/assets/
354 B
635 B
Image
General
Full URL
https://static.zdassets.com/hc/assets/list-bullet-stroke-04b8bc257b35bc8f92daf5a5d7e1955f..svg
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/application-4457e15fd2317df56adee04580b8726d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b33c41505db6eef36e60304925a8940158bd0dd47f958984c7b64be70e29eb6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.zdassets.com/hc/assets/application-4457e15fd2317df56adee04580b8726d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
ZSDH74.s2k8zW8iLygorZw6dNuNpFJPt
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
WTK29BVY7GFEHK35
age
450467
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
eVSNJFkcbvR7PHsuwYsEDo6AbUnyW2AFwIl4ERFfnRc+FLQvC77+Y0fSOiruqoqCsya1c2v1U2Q=
last-modified
Wed, 31 Aug 2022 09:40:20 GMT
server
cloudflare
etag
W/"2be68dc239e11d39f19c4faf56f0c07e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsZgpGx%2B5CenVTiRIoJddqME79%2BZfvPS2%2Bzn%2FLs%2B%2F9p0mPmwFdjnuRr7aV%2BJScmkqXbH6NqtV%2BbKJ55pKRHN86w8gFfLq27%2Ffz%2Fv%2FVXPvPwRUV010eHFAT3j5N8kTHxbFaiqcTE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
7b223cde0ac89972-FRA
list-number-stroke-0f55516854b2cc29ed275ce293d0e1a8..svg
static.zdassets.com/hc/assets/
1 KB
1 KB
Image
General
Full URL
https://static.zdassets.com/hc/assets/list-number-stroke-0f55516854b2cc29ed275ce293d0e1a8..svg
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/application-4457e15fd2317df56adee04580b8726d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3f251d3ba600007d0ee677e9c0fb6523d1f9422814b40504c92db0279403dfd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.zdassets.com/hc/assets/application-4457e15fd2317df56adee04580b8726d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
EG_7IKvr4iXaCgYVvFxdT76ijWoS2Uwp
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
WTK7BSD417MY2D3G
age
450509
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
LfV+zSi6xuXr4+DEtzzs/hx1iGZrAYNlmeafSZmpyUG62x2Z9M0ldGs7+K3F+M8Y1UkMAm2xbsM=
last-modified
Wed, 31 Aug 2022 09:40:20 GMT
server
cloudflare
etag
W/"6470118b008cc50b740fc78c41023311"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmQ3XEzTWB1Sp6rwX8nCPbytUh6BgfSGiOVfFHNXISCKEZSvPB%2BMKBbIrbFu2sYDsY0dZNYzBNvR0AXeBXdCG048fMvQ3urU%2BCJK7xHzzYbuPgCBHcbKAPFDWqh1Ngaezk04w0o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
7b223cde0aca9972-FRA
terminal-cli-stroke-db8e75245a5f85749386ae3da02dafba..svg
static.zdassets.com/hc/assets/
306 B
796 B
Image
General
Full URL
https://static.zdassets.com/hc/assets/terminal-cli-stroke-db8e75245a5f85749386ae3da02dafba..svg
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/application-4457e15fd2317df56adee04580b8726d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa5121f6fd45c645319d510ddddce7a2761c1e2bdab095ee91101efb73f3c8c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.zdassets.com/hc/assets/application-4457e15fd2317df56adee04580b8726d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
d_0OQkTf.hH68QEfUdos4sa8YUuri4_i
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
CQFR72J4BEGV8G7A
age
450509
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
EC9GrvJ/LQw3dTDjJgLKKt4TEEDNtJ4nb5BJKuiLUVAQuQVva0AmVjG9UdgKv+UODX+rBejI2Jw=
last-modified
Wed, 31 Aug 2022 09:40:23 GMT
server
cloudflare
etag
W/"64653f9d7a76a11c3b86d443bf4ee85f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kp0DNzI7YcXBeuw%2F5jg3GUptU0GRYw7jPhY%2BrMShuzsFTph5G9W%2BhA3vpWU4PY3w0Gs3PDEsEle0AnMTmBoYpshDeEgdd45cowh8r4d6G9kDNMmiksouopFMu4K2SbwzWgmP4M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
7b223cde0acb9972-FRA
link-stroke-7106f546349740ac359b04ed1bb73b6c..svg
static.zdassets.com/hc/assets/
753 B
841 B
Image
General
Full URL
https://static.zdassets.com/hc/assets/link-stroke-7106f546349740ac359b04ed1bb73b6c..svg
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/application-4457e15fd2317df56adee04580b8726d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc6ab6aa29a998b32245d4296ecd26505a77c7a84860fb6a3eff9eb9d88e8ae
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.zdassets.com/hc/assets/application-4457e15fd2317df56adee04580b8726d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
9dEPQFiyv.0_h2Mpd13AWv5EafnPe7hF
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
CQFZHFGJ67KWF2H4
age
450467
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
Csq45dYv9bQO6+2ghg+nNgYZe5CLxgWmnFEGJ4HmAZnNm8WBhbDIPJFpD1RCUhzntp67quO3C0M=
last-modified
Wed, 31 Aug 2022 09:40:20 GMT
server
cloudflare
etag
W/"8a7e323ac9a097ffd6f3657aa3304f2e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZsttzKOVc7i%2FCtpJrF0Jwvh4Eua5p9xNa3W3CdKwjJ9CgxJWJH6NF3Z0f7kVoVtkGhZz%2BdKqbjBKGrtAFBjL9DNXGLTxglOWpFukl9Qd4fxomnZdEycpAAQfvRABtaSNoTF7bI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
7b223cde0acd9972-FRA
quote-stroke-2a6ea1ba5e86bff41a38c0f8f7d45207..svg
static.zdassets.com/hc/assets/
387 B
666 B
Image
General
Full URL
https://static.zdassets.com/hc/assets/quote-stroke-2a6ea1ba5e86bff41a38c0f8f7d45207..svg
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/application-4457e15fd2317df56adee04580b8726d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cdf38d8a9966350152fe178c5c8c40a3ddeda9e42df405f00d6c7ae17dc4fe1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.zdassets.com/hc/assets/application-4457e15fd2317df56adee04580b8726d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
x-amz-version-id
ZRPCvQCnaRMJSXOI4C_LWeGvqr3YEQqI
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
CQFG6M3CQV1TBWH1
age
450572
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
kBwTiedJxT5sbbDsvd2cp2Ue0NfGvA2/aTeYY9a5l+hULgPZyCcpYVUEkqRTRIRNyKqhgo39G+k=
last-modified
Wed, 31 Aug 2022 09:40:22 GMT
server
cloudflare
etag
W/"13ac746d82d9cf9329a2dc788776ae7e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhBcOVFU12DraAvFfhRR3%2Fm%2FavG4aTmFwVhdjb83kXGth2TDy%2Fh4WQ%2FMmXvhmLtmW0mmCWChGxVMqDAhQBmRAN3Va09UxZR9udiwRxGC8QV2HQ4uwc%2F5Fg4LUvTIE%2Fcm32iDHZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
7b223cde0acf9972-FRA
pica.js
paidleavecontact.oregon.gov/cdn-cgi/challenge-platform/h/b/scripts/ Frame 4DCE
7 KB
3 KB
Other
General
Full URL
https://paidleavecontact.oregon.gov/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d82c6d7e6bae1957b71a620f69e9251984546ab2c70f0ffcdfc6b9b651422c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:10:19 GMT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9U%2BvGAkMQ7FJvVocXjBLxZShYRdS7cybwhtsDsO8ZxmiXrUv6bh4VLFdEc%2Btwu%2Fy%2F8cp2Oy3avMxNx9TFK%2FgF0lCikAIym8QmdwxDg188tejtyQFo6y23mWEbDz4s%2Bk%2BJchPS5DTSqIFA4FqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7b223cde8f309b64-FRA
7b223ccabf149b64
paidleavecontact.oregon.gov/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 4DCE
2 B
644 B
XHR
General
Full URL
https://paidleavecontact.oregon.gov/cdn-cgi/challenge-platform/h/b/cv/result/7b223ccabf149b64
Requested by
Host: paidleavecontact.oregon.gov
URL: https://paidleavecontact.oregon.gov/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680523200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 03 Apr 2023 15:10:20 GMT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7b223cdfe91d9b64-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6TGcsRoHVrlkoyWFlDtH439uKl%2BKHX8fIw8vXcWDE0t8hfLQuKspCAM9%2FAT9JzK1h%2BOlJczy45VG%2F48dgjjY6lDHjVICrjserRJ%2BbMKBDwG%2Fx5RG%2BVznBusHDqdzHEV5clIGN8YNOUlPhqMvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
paidleave.oregon.gov
URL
https://paidleave.oregon.gov/assets/fonts/PangeaText-Regular.woff2
Domain
paidleave.oregon.gov
URL
https://paidleave.oregon.gov/assets/fonts/PangeaText-Bold.woff2
Domain
paidleave.oregon.gov
URL
https://paidleave.oregon.gov/assets/fonts/Pangea-Bold.woff2

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless string| searchClearButtonLabelLocalized function| $ function| jQuery function| PureCounter number| uidEvent object| bootstrap function| GLightbox function| Swiper function| doSearchFull function| doSearchAuto object| I18N object| Zendesk object| HelpCenter object| webpackChunkhelp_center object| regeneratorRuntime object| I18n function| debounce function| clearSearchInput function| clearSearchInputOnKeypress function| buildClearSearchButton function| appendClearSearchButton object| oregonSharePointTemplateV4xAvailableLanguageCodes string| oregonSharePointTemplateV4xSiteLanguageCode object| searchClearButton object| tinymce object| tinyMCE number| mce-data-1gt3qmhks

3 Cookies

Domain/Path Name / Value
.paidleavecontact.oregon.gov/ Name: __cfruid
Value: 5d6a83c5ce75227ed512b63f9fe4c145d44a17e7-1680534617
.oedhelpdesk.zendesk.com/ Name: __cfruid
Value: ab488ae6fcc63e785caaa07513714854f2a7c1d7-1680534618
.paidleavecontact.oregon.gov/ Name: __cf_bm
Value: Sa4IQb4hBM.VGx.91lG5s0Al96us6CeudC34uYCUw98-1680534620-0-AV/pt3Qo0moaJr6guf59lgoBd0vLRel8YOltqgNQUjuBxILlyAffXe+HMvT8Sc59IZkXPx6UQ8Zpqr+0WX1kK/LcrubOrzLF5UhPVnS3G8+8Bc2/nmpCiUtWLjARB/XaLw==

6 Console Messages

Source Level URL
Text
javascript error URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Message:
Access to font at 'https://paidleave.oregon.gov/assets/fonts/PangeaText-Regular.woff2' from origin 'https://paidleavecontact.oregon.gov' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'pguise.stage.cascadewebdev.com'.
network error URL: https://paidleave.oregon.gov/assets/fonts/PangeaText-Regular.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Message:
Access to font at 'https://paidleave.oregon.gov/assets/fonts/Pangea-Bold.woff2' from origin 'https://paidleavecontact.oregon.gov' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'pguise.stage.cascadewebdev.com'.
network error URL: https://paidleave.oregon.gov/assets/fonts/Pangea-Bold.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paidleavecontact.oregon.gov/hc/en-us/requests/new
Message:
Access to font at 'https://paidleave.oregon.gov/assets/fonts/PangeaText-Bold.woff2' from origin 'https://paidleavecontact.oregon.gov' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'pguise.stage.cascadewebdev.com'.
network error URL: https://paidleave.oregon.gov/assets/fonts/PangeaText-Bold.woff2
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=259200;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
oedhelpdesk.zendesk.com
p23.zdassets.com
paidleave.oregon.gov
paidleavecontact.oregon.gov
static.zdassets.com
theme.zdassets.com
paidleave.oregon.gov
104.16.51.111
104.16.53.111
104.18.70.113
104.18.72.113
2001:4de0:ac18::1:a:1b
2606:4700::6811:190e
74.208.54.178
03dfe1fbce92a9f17fcd1a1501213bd820d050ab085c338419ab06a3631c9459
05f54dc7ff22d4cfefdab10964e5563bcd23e7f3a4f54deeb2dc555093483769
08892835e828657736cc2fc56b6604a5a2517c0126b4d4df14fbba739969c170
0cc6051c05d33b67af457b073ab13e2b6c7b5b52fc3546801da12ebd4d8434ae
13e29a29baade86f4e7a88d8e076d6a6f3ac8950757b50a0f8bbea1c33658d5c
1aa5121f6fd45c645319d510ddddce7a2761c1e2bdab095ee91101efb73f3c8c
21951e636ba2d516a9b3719c8846a8d7c0491468cf468c84b8a237fdd65dde14
2310474236341c3e65d4856e05ecb286ac1b6f4e9963112b27afd5c04534376d
23ea0e2784fd4f41cc1344d190cac73c130e15e7b63219016394c6504403c17e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
297999879ee1a153bb09507beacc59cd964ac0648a9ea375e7f3d342402f768b
31a1e13a09085c6d1a113a9f43e72e8585eba1d26e11ee1ef5b2f9e701465316
31fc89d965487bc00d1b13ca8709acc48021318d675603488ecf06f13223cb97
37b4339a9e015c0001e0ca7dcea64cd990a7d53867a6f38a83288b52c6ceb58a
41624bb8dcc2418c8027f8524956b086c3c6bb248832aa05dc82defed1f39ff7
461c3d93c1e545632b0e4a4b312e59ea4bcba635311cf2f24d2fd40e7fde09c4
46a7be70025ccbe492986449e34cad65ed68478ca78362d508282fe385926ea3
4b2be906e5e6c1e2f0523b039c0a631409eb5a594d5f6b445185bc6e0d3fdabf
4b6f739cba25eefbb338b251537266df40b3ef46754fc20678feb31802290ca5
4cd7849501e529e1f8de5b079dc73ca7b78084c7e372b785531b999cc6f206dd
4d82c6d7e6bae1957b71a620f69e9251984546ab2c70f0ffcdfc6b9b651422c1
54f976ac43fdffa9d8e9f06064b693247d2265171e9b5ddac0b631db3e068114
5869a422faea055cd10a81258d76eb17fa4d124192d3685fc5a82a74e882b100
5b77b774471521251a81fc19996df8aa6580d7a33f1152fd648869e16348961a
5d379d3827191fbf7ab5ed73b75a916d9cbc40a47f1251f9b6a2362051d71570
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
643fe47c211870d9a20e8f4847e88678c29afe85afc718a59524eab89ebc6435
65eb46d87199fd230a77d3709a5372c26c7b4ef9fb9e9eb0e80df251f2c9139f
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5
6b33c41505db6eef36e60304925a8940158bd0dd47f958984c7b64be70e29eb6
6b68e5ade742f1c41e98d4a7052dcfa69de8a5961c32144adee15091099060ff
6cdf38d8a9966350152fe178c5c8c40a3ddeda9e42df405f00d6c7ae17dc4fe1
6d3f62d4d17969f9c70e9438cf671004725019e868123f2ebc295a006f8d5d2d
7f919bb8db7a2fe7126380d85836c540c3fc883cc4dff3f44ae1ecc697027a6c
81adc728ca372f7241aa26bdc63564be15b456d8dae4d8c30378826700949675
85866241056d84cf1d39a63e478fa49a0347dab9261cd9bc172037541182f714
8d1a703de8329043140b19aa526ac5e47206fef9ca0c66c4bb851be852d00ab5
939a68e952449338cd6680b44645ed17764c11273e3f3cc4b0e7d2a83aa009ca
a0c6ebb09cb4fca60993322ad22299bbb3fa1e0851df93a9644b4469c2a8536b
a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d
b29cd63064611eeb851354145a1c984fe883d87971b53105206ad1d5da3de824
b3f251d3ba600007d0ee677e9c0fb6523d1f9422814b40504c92db0279403dfd
b54315aa20706ade20a86f6e6e84fdc06e18f4aa8a61f0584a30b717c3cfad9f
b8fe40f37fe8a74544c9c6d121c48aad4cd03ba9a729d438ce6bc9990e0602d9
bc636604544107c8c011720278a208a6d21ecb0a2b6f4fcf123bcce80b4fda54
bfc6ab6aa29a998b32245d4296ecd26505a77c7a84860fb6a3eff9eb9d88e8ae
c4f11f4357af153d487fc79419cf374fee90180540f7e5f9373d14b0974dacf8
c5524efdfe0a1d9ac48dbae46b7d73482b2c5fbbeb923adf92b6674ded277ea6
c58d7d0261223bf32f453d861e5eee009a8cfc8e24661fd4fcf4a17eb2993182
c8e751b1ffd87fa9baf29fad41f37b99a8d48654c38768b7737621ed1606d0b6
cc52733b73530cdb8ff7665895e0b1be88f67f1dcf738ec1ca3ec404f2723f97
e0283c673c9b01a89b0a82cc859f23493d63731a8a165cdb4b771bd198fa280d
ed4e8384df968053e521f4a00a8b3a18df8bfe6308c6d259d9a0e5a0bbbd65d7
edc4901275284898f385798808d03f32ed0d19c38d63ad75fbac227d85d55bf3
f27cfecbf94d0cf36c68894c4ec26c31c91990d25ef1b75a5ab273e8b5ccd40b
f321f98a0b476b2db4b404d206800619635c3e0ab10e067ef4dba39346d23f86
f73ad0e2de699a56f2901795669c25649e6c30e674302ebfde345258def1076b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e