ohiodems.org Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ohiodems.org/
Submission: On April 29 via api (April 29th 2022, 10:08:14 pm UTC) from DE — Scanned from DE

Summary HTTP 73 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 20 domains to perform 73 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is ohiodems.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2021. Valid for: a year.

This is the only time ohiodems.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:889::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	18.66.2.76 18.66.2.76	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:206... 2600:9000:206f:fa00:12:303c:8700:21	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
6	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:a000:14:79be:a380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
73	22

14 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

ohiodems.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:889::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.2.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-76.txl50.r.cloudfront.net

iwillvote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:fa00:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)

d3rse9xjbp8270.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:a000:14:79be:a380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js2.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	ohiodems.org ohiodems.org	2 MB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 55	185 KB
8	twitter.com platform.twitter.com — Cisco Umbrella Rank: 625 syndication.twitter.com — Cisco Umbrella Rank: 900	214 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39 maps.googleapis.com — Cisco Umbrella Rank: 321	184 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 103	521 B
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 133	307 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	222 KB
3	cloudfront.net d3rse9xjbp8270.cloudfront.net	269 KB
2	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1484 pbs.twimg.com — Cisco Umbrella Rank: 698	5 KB
2	google.com www.google.com — Cisco Umbrella Rank: 5	1 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 642	77 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6250	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	344 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 105	15 KB
1	verygoodvault.com js2.verygoodvault.com — Cisco Umbrella Rank: 58006	24 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 621	30 KB
1	iwillvote.com iwillvote.com — Cisco Umbrella Rank: 322869	1 KB
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 697	67 KB
0	ngpvan.com Failed profile.ngpvan.com Failed secure.ngpvan.com Failed
73	20

	Domain	Requested by
14	ohiodems.org	ohiodems.org
9	www.googletagmanager.com	ohiodems.org d3rse9xjbp8270.cloudfront.net www.googletagmanager.com
6	www.facebook.com	ohiodems.org
6	platform.twitter.com	ohiodems.org platform.twitter.com
5	connect.facebook.net	ohiodems.org connect.facebook.net
5	maps.googleapis.com	ohiodems.org maps.googleapis.com
4	fonts.gstatic.com	fonts.googleapis.com
3	d3rse9xjbp8270.cloudfront.net	ohiodems.org d3rse9xjbp8270.cloudfront.net
2	syndication.twitter.com	platform.twitter.com ohiodems.org
2	www.google.com	ohiodems.org
2	maxcdn.bootstrapcdn.com	ohiodems.org maxcdn.bootstrapcdn.com
2	fonts.googleapis.com	ohiodems.org
1	pbs.twimg.com	ohiodems.org
1	cdn.syndication.twimg.com	platform.twitter.com
1	www.google.de	ohiodems.org
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	js2.verygoodvault.com	d3rse9xjbp8270.cloudfront.net
1	www.gstatic.com	www.google.com
1	code.jquery.com	ohiodems.org
1	iwillvote.com	ohiodems.org
1	cdn.optimizely.com	ohiodems.org
0	secure.ngpvan.com Failed	d3rse9xjbp8270.cloudfront.net
0	profile.ngpvan.com Failed	d3rse9xjbp8270.cloudfront.net
73	25

This site contains links to these domains. Also see Links.

Domain
act.ohiodems.org
store.ohiodems.org
secure.actblue.com
iwillvote.com
www.facebook.com
votefromabroad.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
iwillvote.com Amazon	`2021-06-29` - `2022-07-28`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-06` - `2022-05-07`	3 months	crt.sh
*.verygoodvault.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://ohiodems.org/
Frame ID: E9FA49924025C1041E891F4482261A41
Requests: 66 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fohiodems.org
Frame ID: 0BF8E2F874D075AF142F3773C55A646C
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5B02479D95A269D4C1F9492379F60F29
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 76862956F83CFD8C66F669E1957E1477
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Frame ID: 8E9AE129C6DAFD08EA709D41838BC2FF
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F322AA3B9306906865AC78D328818749
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ohio Democratic Party

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

73
Requests

97 %
HTTPS

86 %
IPv6

20
Domains

25
Subdomains

22
IPs

3
Countries

3584 kB
Transfer

7131 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://act.ohiodems.org/a/odp-volunteer
Title: Volunteer

Search URL Search Domain Scan URL

URL: https://store.ohiodems.org/
Title: Store

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/2021-support/?refcode=websign2021
Title: Donate

Search URL Search Domain Scan URL

URL: https://iwillvote.com/register/?state=OH
Title: Take Action

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OHDems
Title: Ohio Democratic Party

Search URL Search Domain Scan URL

URL: http://votefromabroad.org/
Title: Vote from Abroad

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ohiodems.org/ 33 KB
10 KB 769ms
709ms Document
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef794fa607c386336f5778a26046ed855058eb179b8dd5a5568539098cb62ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 703b5ab96ea2909c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 29 Apr 2022 22:08:07 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
fastly-restarts: 1
link: <https://ohiodems.org/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozkulMkoXntQS2FOesvVuZlZV0YTHLVqsy%2Bz8Zr9%2BQ0jUgINgSHo6mGnUwOVsXVYdKWnsjxWGpGrhxGhpu%2BDv8%2FyGnTrrszKqDdoXkJMzIrGJAYGGIR1ny6m7cKBZHJlfBlmghvEFMIYQVM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: MISS
x-cache-hits: 0
x-cacheable: YES
x-content-type-options: nosniff
x-fw-dynamic: TRUE
x-fw-hash: exinsehpq5
x-fw-serve: TRUE
x-fw-server: Flywheel/5.1.0
x-fw-static: NO
x-fw-type: VISIT
x-fw-version: 5.0.0
x-served-by: cache-fra19148-FRA
x-timer: S1651270087.641181,VS0,VE672
x-xss-protection: 1

GET
H2 200 338944120.js Show response
cdn.optimizely.com/js/ 199 KB
67 KB 430ms
400ms Script
text/javascript 2a02:26f0:3500:889::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/338944120.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:889::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7cd72a40e5b18c07a4946978ffad3205ef00f9411dac392f4989b35df4377f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: 9AYEqhUUMq5Oh9dXr9djn4dBDWYeHi_e
content-encoding: gzip
etag: "90c7ffd1e74889817b8577bb593867c0"
x-amz-request-id: PGWHYTTT4XHDB399
x-amz-meta-revision: 101
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:3500:889::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 67854
x-amz-id-2: 8NSlUYL2oJboY0wcq9vWS4aUrysNGXMjUoQiRerI4fzqpOyTXrV0fssw49/0IEq6+XIBMB6NEpk=
last-modified: Thu, 01 Mar 2018 22:07:04 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 22:08:07 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 style.min.css
ohiodems.org/wp-includes/css/dist/block-library/ 81 KB
12 KB 34ms
30ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 29 Apr 2022 22:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 34296
x-fw-server: Flywheel/5.1.0
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra19149-FRA
x-fw-type: FLYWHEEL_BOT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Apr 2022 21:15:08 GMT
server: cloudflare
x-timer: S1651235792.931383,VS0,VE5
x-fw-hash: exinsehpq5
etag: W/"624cb15c-145db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bm5s556VUBISlQMUo5iX2mvA5oOE4wPOlqDzvHpPtD4BwQsOSMlZQDNsc16tmbWbo655xdnfDrFVR7TYTr7EUIOjnULvB6DFpBuyVc8KNzO1L1yGAiuX4Mrjpk4k3KbQ3vO%2BaLVdxyjrC0c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 703b5abdfb8c909c-FRA
x-fw-version: 5.0.0

GET
H2 200 pum-site-styles.css
ohiodems.org/wp-content/uploads/pum/ 17 KB
4 KB 27ms
24ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-content/uploads/pum/pum-site-styles.css?generated=1649162010&ver=1.16.7

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf903f87d898f573399da576e5fe313b96225298e8a5f17af0dab29516144a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 29 Apr 2022 22:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 413336
x-fw-server: Flywheel/5.1.0
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4030-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Apr 2022 12:33:30 GMT
server: cloudflare
x-timer: S1650856752.541981,VS0,VE2
x-fw-hash: exinsehpq5
etag: W/"624c371a-44ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q99C%2FRXXfALUVgjpYGoILoZSkx2XND%2F3zqYHPKoNkjAai5SshrHDBAlQs1XoLalHeS%2FW7jdfsurAZ77bYprAAhkbd3nvGwFIWzV7%2BcO0T8eQ4JJKzYFTblVC2WQDwhnDwhk1wImw3UDwkeY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 703b5abdfb8f909c-FRA
x-fw-version: 5.0.0

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 137ms
48ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0cf9ffc91dda654227944dd95794db5e6da7cda47a70267f744e915aa7eb80f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 22:08:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Apr 2022 22:08:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Apr 2022 22:08:07 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/ 28 KB
7 KB 74ms
26ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 5227467
cdn-cachedat: 2021-06-08 21:36:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0da3e6fa0421515cbcf5425517fc7012
cf-ray: 703b5abe4fc69b22-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 main-48ef26500a.css
ohiodems.org/wp-content/themes/ohiodems/dist/styles/ 196 KB
31 KB 51ms
49ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-content/themes/ohiodems/dist/styles/main-48ef26500a.css

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39e923cd9b7b0e8f56dcb069a582132aa850d546ddf5ad9477e5b029dfca96b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 29 Apr 2022 22:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 345663
x-fw-server: Flywheel/5.1.0
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra19158-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Jun 2021 20:29:47 GMT
server: cloudflare
x-timer: S1650924424.300312,VS0,VE124
x-fw-hash: exinsehpq5
etag: W/"60c7bc3b-31152"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sJyQd%2F1%2FCbiQPeLNZsoqU4%2F2%2BLUdhvrK0all0dkJQkPddHlzAZ5bHDglifOfmwHr78NhkpPRbpVR1nafZ5caJkbtKN6QvhokzYevpINtbVkBWBYYG7SEIE3O2GanJdG6CCVdmLd3Vp1gPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 703b5abdfb90909c-FRA
x-fw-version: 5.0.0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
968 B 135ms
49ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a3e9e695ef04e38c6417c1877bdd1ad35d02ded1e2d8ce9c3526a9779e08bb62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Fri, 29 Apr 2022 22:08:07 GMT

GET
H2 200 widget-v2.css
iwillvote.com/locate/ 3 KB
1 KB 99ms
20ms Stylesheet
text/css 18.66.2.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://iwillvote.com/locate/widget-v2.css
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-76.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08dd67a1f23a1f0929ab6aecb2ae6bba654fedc2e1fb4c52a685e67a23a122c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:01:50 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 21:00:47 GMT
server: AmazonS3
age: 387
etag: W/"521f174c960c58b357e753b9e2d5d9b2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 8ba5a7db0f86d152bf852f67ddf89e84.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: ueSFAFAzvlFbsTy_avc28SWy3WZ6zaDxNBuRdH4tfdkH1N7uy83MyA==

GET
H2 200 at.js Show response
d3rse9xjbp8270.cloudfront.net/ 843 KB
241 KB 44ms
7ms Script
application/javascript 2600:9000:206f:fa00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fa00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eeb4bcc0c59dbf6d243fedbb8692051495301e776bd242ca3a756353e65ab05d

Request headers

Referer: https://ohiodems.org/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 14:34:58 GMT
content-encoding: gzip
age: 27214
x-cache: Hit from cloudfront
content-length: 245560
access-control-allow-origin: *
last-modified: Tue, 26 Apr 2022 14:34:05 GMT
server: AmazonS3
etag: "6c3bb9ecccc8137f9041aff13a53808c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: VBx1QneK_TbZmdvWCAnVtbmJhuuETO2vU71K4w49-QuJIwLnlAWrDg==

GET
H2 200 at.min.css
d3rse9xjbp8270.cloudfront.net/ 59 KB
12 KB 44ms
7ms Stylesheet
text/css 2600:9000:206f:fa00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fa00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e8729d70284a113dfc7d10ebffe49ad634baa8fd75916b8356c2309ba96673f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 14:34:58 GMT
content-encoding: gzip
age: 27207
x-cache: Hit from cloudfront
content-length: 11461
access-control-allow-origin: *
last-modified: Tue, 26 Apr 2022 14:34:04 GMT
server: AmazonS3
etag: "d2ea8df4b92c9e59cb8688bcfcb41b98"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: p1sqTIvpUzx2QIUZQ_kfBg355IONFTecqxV7-54whVLliZNLAQoaxg==

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 67ms
20ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:08:07 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1651270087.dop002.am5.t,1651270087.cds284.am5.hn,1651270087.cds007.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 core.min.js Show response
ohiodems.org/wp-includes/js/jquery/ui/ 20 KB
7 KB 31ms
29ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 29 Apr 2022 22:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 413272
x-fw-server: Flywheel/5.1.0
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4071-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Apr 2022 21:15:08 GMT
server: cloudflare
x-timer: S1650856815.499114,VS0,VE2
x-fw-hash: exinsehpq5
etag: W/"624cb15c-50ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2QHKxsC1A0k2gsPuYldNrHBERCG7U%2BvKPvZ9VUegThzAOwIdzdcgMbQ3iQ6A59SN8RD2ukL%2F80A%2B1XQiUwfcqtVTyjy7NdDK3jvF0QGBmNRoTwb7wm2rlhK40qb7ah9TcB8Wsi8nMR05lo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 703b5abdfb91909c-FRA
x-fw-version: 5.0.0

GET
H2 200 pum-site-scripts.js Show response
ohiodems.org/wp-content/uploads/pum/ 68 KB
18 KB 49ms
47ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1649162010&ver=1.16.7

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97a112994bdf14e3b6ad86c849b3d7a66c7a3d7f518219b28db161b52b5dc25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 29 Apr 2022 22:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 413266
x-fw-server: Flywheel/5.1.0
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra19130-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Apr 2022 12:33:30 GMT
server: cloudflare
x-timer: S1650856821.327099,VS0,VE2
x-fw-hash: exinsehpq5
etag: W/"624c371a-1101b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpCmInJOt8QI1uxBtvxW9N1Zyw2AyHiKT5Qfaii6MMq6TjuBrPpASBm6C3yzvI%2F0qN5uatdo9HF%2BLLVM9zVi7lRKp0T903N2y2UDsjxNxe0lFH9ni0Mj0sXwypQpL9Hcx%2BUYIrYnygdNuwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 703b5abdfb93909c-FRA
x-fw-version: 5.0.0

GET
H2 200 modernizr-8895641e34.js Show response
ohiodems.org/wp-content/themes/ohiodems/dist/scripts/ 11 KB
5 KB 45ms
44ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-content/themes/ohiodems/dist/scripts/modernizr-8895641e34.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

370f049a2458c34f7dc8d6eda8bc03c3a0f2ce147ceaab3e9dac9cae4a6109ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 29 Apr 2022 22:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 345663
x-fw-server: Flywheel/5.1.0
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4049-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Jun 2021 20:29:47 GMT
server: cloudflare
x-timer: S1650924424.293936,VS0,VE2
x-fw-hash: exinsehpq5
etag: W/"60c7bc3b-2af0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxuFmDcixlR8QZbrTo%2BVRkoi%2Foul1hACuFUIHg8Koh1MgpS1c%2FhvsBezPd%2F3x%2BTHoXajPajS0fVKCZ1YfwdYAcXddiTf9H4HR498TYsgWN8Y74lxtv1%2Bc2ZZzerDl0mMBLLACKCl8HAt7u0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 703b5abdfb94909c-FRA
x-fw-version: 5.0.0

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 159 KB
52 KB 168ms
67ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

ad1fcae6e7e500b0391b44af1847b07a3ed00f27b0a16d600002b6a1962de1d1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:08:07 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53256
x-xss-protection: 0
expires: Fri, 29 Apr 2022 22:38:07 GMT

GET
H2 200 main-a16b202eb3.js Show response
ohiodems.org/wp-content/themes/ohiodems/dist/scripts/ 197 KB
54 KB 33ms
32ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-content/themes/ohiodems/dist/scripts/main-a16b202eb3.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2470c6c388ac442808a285250328ffd6f010a2d3dacde4a41dc45fafefc2c97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 29 Apr 2022 22:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 413261
x-fw-server: Flywheel/5.1.0
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4033-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Jun 2021 20:29:47 GMT
server: cloudflare
x-timer: S1650856826.951573,VS0,VE537
x-fw-hash: exinsehpq5
etag: W/"60c7bc3b-3125f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idnAim3KAMXi81f4qGr%2FFo4x3IB1yGHaS2mjeUr0ceF3iHziGQ%2FV4CC01sBd05Iqxaq4IMLx79W8TYndD6EAFInPxNEI6xT5p9ykykHOEgbk6rrFjynf%2BVSTc7%2FF4u84rPif6KOW5PwKY7c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 703b5abdfb95909c-FRA
x-fw-version: 5.0.0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 29ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: 2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 22:08:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 586
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29461
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:38:34 GMT
Server: ECS (frb/669F)
Etag: "f1369725ba22125b0df0251e74090aa0+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H3 200 css
fonts.googleapis.com/ 2 KB
525 B 132ms
53ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/wp-content/uploads/pum/pum-site-styles.css?generated=1649162010&ver=1.16.7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe46959fb84c1695d5b8959c5f70100e2949c0c05f00811abe35bcc1c8075a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/wp-content/uploads/pum/pum-site-styles.css?generated=1649162010&ver=1.16.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 21:49:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Apr 2022 22:08:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Apr 2022 22:08:07 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ 363 KB
144 KB 124ms
37ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d516e4641028e8ff59509eb5609cdcb2b296b9aa23020468930226e37f3f4561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 16:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146779
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 04:02:19 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 16:48:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 83 KB
33 KB 140ms
57ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TR2MNXD

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45cd382e2a44608e6088987139877513b69c7a9306f5ffbd875687d6970958bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:08:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33154
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Apr 2022 22:08:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: hmqCCZJFZeL2xw4HIKhKzoN+l3/O0pQbOnAVsN+I/Yv3uu0st5w/havRauhS0azl1VnbgF62xiCmixtH1+Nycg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 29 Apr 2022 22:08:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 109 KB
43 KB 163ms
97ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5N8X83

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d07e46c831f95c741ef1f7e627b68ee66d5f1ebbd85877b92a65730ca53069c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:08:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43833
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Apr 2022 22:08:08 GMT

GET
H3 200 logo.png
ohiodems.org/wp-content/themes/ohiodems/dist/images/ 4 KB
5 KB 23ms
23ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ohiodems.org/wp-content/themes/ohiodems/dist/images/logo.png

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/wp-content/themes/ohiodems/dist/styles/main-48ef26500a.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4f722d770732e5a7a11518982ec3339298bf91fe1eaf4ebfc310e280cbc98b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/wp-content/themes/ohiodems/dist/styles/main-48ef26500a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 29 Apr 2022 22:08:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 2173
x-fw-server: Flywheel/5.1.0
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra19145-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Jun 2021 20:29:46 GMT
server: cloudflare
x-timer: S1651267915.885951,VS0,VE111
x-fw-hash: exinsehpq5
etag: W/"60c7bc3a-1102"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpfAWBFq%2Fp3XiIUgsMN8q%2FqAi%2B5btQehVtkNQU%2F6PFtbb967FKDivWUKd5rfU4WshUDYF8QxRVgdJME9EvQaTeFLRiXTjozRanqnAkLQa%2BLR%2B4eybkxQ9nwYHq674yRwcMqqAhqXMObNw7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 703b5ac1fcf88fe9-FRA
x-fw-version: 5.0.0

GET
H3 200 video-still.jpg
ohiodems.org/wp-content/uploads/2018/10/ 389 KB
390 KB 813ms
813ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ohiodems.org/wp-content/uploads/2018/10/video-still.jpg

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53d10ba372155a0657ebd8cefe2c76f1a6bb8e27dcfd04bb1401f457cf926a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 29 Apr 2022 22:08:08 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4060-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Oct 2018 18:43:46 GMT
server: cloudflare
x-timer: S1651270088.014379,VS0,VE770
x-fw-hash: exinsehpq5
etag: W/"5bc63162-61537"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDMY81ap3UojNVgGI0LhIQnqyS8f%2Bj3sculjcmNy%2B3T0EOpciJ9IY%2F3m8blS85sBGhfRsZ0jB%2Fx25kBCwmtq4FQuRKcaqpj2NAwI6I%2FXeKIpzbcf6a3QqlNLRuCa2UYhYZswOifw8%2BV%2F1aY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 703b5ac1fcfd8fe9-FRA
x-fw-version: 5.0.0

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 119ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 16:37:56 GMT
x-content-type-options: nosniff
age: 279012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 16:37:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 128ms
48ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 266413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Apr 2023 20:07:55 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 177ms
96ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 277199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 17:08:09 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 157ms
77ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:12:19 GMT
x-content-type-options: nosniff
age: 276949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24448
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 17:12:19 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/ 69 KB
70 KB 40ms
22ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:08:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
age: 518464
cdn-proxyver: 1.02
cdn-cachedat: 04/08/2022 21:01:05
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70728
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "926c93d201fe51c8f351e858468980c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 667a4eef611981844e446867bc06be8f
accept-ranges: bytes
cf-ray: 703b5ac21a7d9b4f-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 meta-runforoffice-295x115.png
ohiodems.org/wp-content/uploads/2015/09/ 48 KB
49 KB 61ms
61ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ohiodems.org/wp-content/uploads/2015/09/meta-runforoffice-295x115.png

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bab7e59de498e1e76a05252c66d7fe1e32b1d73fecad8708970b4e693146c51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 29 Apr 2022 22:08:08 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4046-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 05 Sep 2019 16:02:16 GMT
server: cloudflare
x-timer: S1651270088.053817,VS0,VE3
x-fw-hash: exinsehpq5
etag: W/"5d713188-bf1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2F6J%2BhYahActJp5IYwB06zRDLaTTqClXvPpdm%2BnWp4nRIVbRY0DhqbbjpU09rvvuTwAuKkFXv0wSKGiL7jY9F%2Bi9gcooUSrDT873pxAjgkrxO94PoJ1mln76stF8rdpPJnIjliv%2BkRLGN8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 703b5ac23d438fe9-FRA
x-fw-version: 5.0.0

GET
H3 206 hero-background.mp4
ohiodems.org/wp-content/uploads/2018/06/ 1 MB
1 MB 29ms
29ms Media
video/mp4 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-content/uploads/2018/06/hero-background.mp4

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2df9ef350ac1eba6f6c64aa55291d5b26ce61574d796355c8209b5166d5a131c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://ohiodems.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range: bytes=0-

Response headers

x-fw-static: NO
date: Fri, 29 Apr 2022 22:08:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 21339
x-fw-server: Flywheel/5.1.0
x-cache: HIT
Content-Range: bytes 0-1334062/1334063
x-cache-hits: 1
vary: Authorization, Accept-Encoding
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra19136-FRA
x-fw-type: FLYWHEEL_BOT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Sep 2018 19:55:00 GMT
server: cloudflare
x-timer: S1651248750.728858,VS0,VE9
x-fw-hash: exinsehpq5
etag: "5b996f14-145b2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teS7qp9ThkBQozmudVS%2FcR%2B236Sgh9WUNi4f4NS%2Bi2Xshz3wYP5mSxXQW1VKP7%2BeF1FY9FmZPFqAZdwwO81MeQmfwyW9Yqug%2BALL3sD1MsgvyFudnfBkXlnOBrCCZg4m2qZZMYNCG9QqCG8%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
Content-Length: 1334063
cf-ray: 703b5ac23d448fe9-FRA
x-fw-version: 5.0.0

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 131ms
52ms XHR
application/json 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ohiodems.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3 200 UPDATEDmask-295x115.png
ohiodems.org/wp-content/uploads/2018/10/ 23 KB
24 KB 147ms
147ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ohiodems.org/wp-content/uploads/2018/10/UPDATEDmask-295x115.png

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8499f481f7d550511361c4b6978f2a14fb1dbc3c24554355da84600715d6e130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 29 Apr 2022 22:08:08 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra19139-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Jun 2020 14:49:05 GMT
server: cloudflare
x-timer: S1651270088.108972,VS0,VE116
x-fw-hash: exinsehpq5
etag: W/"5ed7b861-5d28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJkbwhdZa%2Bwv1kqQo7Z3GCQwWbRFmx4%2BR13fHtqkAnObNXgJFzfkilagZG%2FzAIHuFCwk2Icljfzhhe7Hd%2F2udDWztfa23BS8zlxpYf7k4gDFqRm0arQEYYgdjZhKuwAdGjnNVder9%2FBMdII%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 703b5ac29dab8fe9-FRA
x-fw-version: 5.0.0

GET
H3 200 DSC_0011-1-295x115.png
ohiodems.org/wp-content/uploads/2019/09/ 67 KB
68 KB 76ms
75ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ohiodems.org/wp-content/uploads/2019/09/DSC_0011-1-295x115.png

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3037e5f992beda4fda32b590e897a0806fe95aeb592114396e9b222668f1208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 29 Apr 2022 22:08:08 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra19179-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Jul 2020 23:56:37 GMT
server: cloudflare
x-timer: S1651270088.114171,VS0,VE3
x-fw-hash: exinsehpq5
etag: W/"5f07aeb5-10c5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpdOCPCPUWowtxTSDLLOJ4kjy2eOFiF2gQxzHqtAyjNW5Q4CuzdAXu6edjF4UyUELpDJmbUBdp2BDTjZhDczWKcJvLeqx9P3fysFJ5xfcvH4tPXx8ORXom1dEiDfH8x2WiKkNKJ4A0ZQPII%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 703b5ac29dad8fe9-FRA
x-fw-version: 5.0.0

GET
H/1.1 200
OK widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html Show response
platform.twitter.com/widgets/ Frame 0BF8 319 KB
104 KB 8ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fohiodems.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer: https://ohiodems.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 776590
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Fri, 29 Apr 2022 22:08:08 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 13 Apr 2022 12:15:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D4)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
43 KB 127ms
47ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96ac70abde3c2954406c67c4c034ef10eec3fefc43ab49c62440179c30adf3c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:08:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43542
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Apr 2022 22:08:08 GMT

GET
H2 200 extra.min.css
d3rse9xjbp8270.cloudfront.net/ 98 KB
17 KB 8ms
7ms Stylesheet
text/css 2600:9000:206f:fa00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fa00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f6fb0f002054865ca72e6c327468a60effc6e397d805d6b3b6d12bcb38f814f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 14:34:59 GMT
content-encoding: gzip
age: 27211
x-cache: Hit from cloudfront
content-length: 16795
access-control-allow-origin: *
last-modified: Tue, 26 Apr 2022 14:34:05 GMT
server: AmazonS3
etag: "f26bce84dce03bb9b2448a185705ae0b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: _1dx1X2UP-BE5ntlFXJAWwqzNvyDj8Hv56W0kHLaEW_oLGBeK8DhJw==

GET identity
profile.ngpvan.com/ 0
0

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/48/11/intl/de_ALL/ 82 KB
30 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/48/11/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3319f53417214cbc9f046bd79a2fe8e753cc3f56165ee339ce474a40889bd8f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 18:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30541
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 00:10:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 18:54:37 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/48/11/intl/de_ALL/ 308 KB
92 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/48/11/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fae15b0e79937f4720bfb9b913d86e6df2cc5e78a9ab88398ce38f7e5047fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 18:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93800
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 00:10:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 18:54:37 GMT

GET
H3 200 log.js Show response
maps.googleapis.com/maps-api-v3/api/js/48/11/intl/de_ALL/ 20 KB
8 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/48/11/intl/de_ALL/log.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7333e3dd6306694086b298bd67b7dbe4085040a77c828d9bf54c08ada7c524ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 18:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8617
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 00:10:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 18:59:12 GMT

GET
H/1.1 200
OK AC2nt8erbFu3svSWxmyTZr1b.js Show response
js2.verygoodvault.com/vgs-collect/1/ 76 KB
24 KB 106ms
10ms Script
application/javascript 2600:9000:214f:a000:14:79be:a380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js2.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a000:14:79be:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18c7974cdab32e0e913639d2a48b6b5015677b61e6a6c92abbfaeae341b37799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: s108w9ESk9MsUpkYVuIVY.XmC2guOF28
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 24 Apr 2020 20:22:27 GMT
Server: AmazonS3
Age: 12
ETag: W/"9b953aa54ddcf3f41bc5a40e25cf8452"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Fri, 29 Apr 2022 22:08:00 GMT
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: M8RK_Shtc7_ayZE5BYe_6mpxwoGYX0u4swrvnyzcLsQ0iB6N4qFNmQ==

GET vGsz3qFuOkqSPswtciZgag2
secure.ngpvan.com/v1/Forms/ 0
0

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.57

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20656
x-xss-protection: 0
pragma: public
x-fb-debug: LEGcuz/XhbUinLIVl+zlKz4HVQrh6PlPKKmwvXf1FdbIh0qGQVlSUz7XjcNunryg6cs/bd0z6Jdh6hXABdXunA==
x-frame-options: DENY
date: Fri, 29 Apr 2022 22:08:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 830442327491061 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 86ms
77ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/830442327491061?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b99458781298a9a98e615f990c6e70063be85647969eeae50abdcb637d49a10c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: oSiKDsLvrJhhCObX4L1rr1lfTOst/t++s44jk+HZRsvQqsDsDFt384gxEWd/GDCeOPF8mra2WCKMMhTVpj0XbA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 29 Apr 2022 22:08:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651270088290
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 0BF8 169 B
425 B 376ms
118ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=40b8ea3e88631cfa7500903e87c706f5f0526070

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fohiodems.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

d7f2a53ec64c3613054b8aca405af6eeb1e8dc1bf371d4676f5dbe917e3986d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 111
date: Fri, 29 Apr 2022 22:08:07 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 22:08:08 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: cb8493d397466f4edc75301d473c3f3ae24ff350a6fae942355227797f0126f3
content-length: 143

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T0MC8QX2ZT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR2MNXD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

590efdeb757a3a59aae0f32008fe36d91f7ab3e20e0336b2af2be05c0d6700f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:08:08 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67738
x-xss-protection: 0
expires: Fri, 29 Apr 2022 22:08:08 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 137ms
51ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N8X83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14892
x-xss-protection: 0
server: cafe
etag: 4605403730725282575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 22:08:08 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 60ms
60ms Image
image/gif 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-5N8X83&cv=13&v=3&t=t&pid=7889458&rv=4r0&es=1&e=gtm.init_consent&eid=1&tc=3&z=0

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 22:08:08 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 72ms
72ms Image
image/gif 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-5N8X83&cv=13&v=3&t=t&pid=7889458&rv=4r0&es=1&e=gtm.init&eid=2&tc=3&z=0

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 22:08:08 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 73ms
72ms Image
image/gif 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-5N8X83&cv=13&v=3&t=t&pid=7889458&rv=4r0&es=1&e=gtm.js&eid=3&tc=3&tr=1sp.1html.5html&ti=1sp.1html.1html&z=0

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 22:08:08 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4908867975871926 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 62ms
61ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/4908867975871926?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a22fa3b803eb72fb296c9874eba3d223f727a2a2fd1858e9f5e4871cef45a8a4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: aMa5PmXagI04mTAcJ7bRfDCCXpHKTyGuj/wRkKqO4SXUdCrR5KnlejerRhuVDljvt0ntXUsCHaFQVJ8qw6ONFQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 29 Apr 2022 22:08:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651270088393
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 24ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=830442327491061&ev=PageView&dl=https%3A%2F%2Fohiodems.org%2F&rl=&if=false&ts=1651270088334&sw=1600&sh=1200&v=2.9.57&r=stable&a=wordpress-5.9.3-3.0.6&ec=0&o=30&fbp=fb.1.1651270088333.1829537058&it=1651270088205&coo=false&rqm=GET

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:08:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 29 Apr 2022 22:08:08 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
344 B 129ms
46ms Ping
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-T0MC8QX2ZT&gtm=2oe4r0&_p=564816372&_z=ccd.NbB&cid=1026053723.1651270088&ul=en-us&sr=1600x1200&_s=1&sid=1651270088&sct=1&seg=0&dl=https%3A%2F%2Fohiodems.org%2F&dt=Ohio%20Democratic%20Party&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T0MC8QX2ZT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 22:08:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 500223356832946 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 89ms
88ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/500223356832946?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e2cd96af8e4c6700800058070b365d0c846c4b006518c323a8a15d6312e1aa24

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: UFGnmERGbYMstaNrKa4CdaKYE5oa/gVdnnxwAvKzZzJ4ZYj2wssGeEJzkjnAZLyCGZ+6t7XX1LvKuO4/0mBqQQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 29 Apr 2022 22:08:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651270088500
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4908867975871926&ev=PageView&dl=https%3A%2F%2Fohiodems.org%2F&rl=&if=false&ts=1651270088414&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651270088333.1829537058&it=1651270088205&coo=false&rqm=GET

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:08:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 29 Apr 2022 22:08:08 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/998315148/ 2 KB
2 KB 139ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998315148/?random=1651270088439&cv=9&fst=1651270088439&num=1&label=6pLRCNqVxmUQjKmE3AM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4r0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fohiodems.org%2F&tiba=Ohio%20Democratic%20Party&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f052b01e863c69b191f782b5b799cc83b25cfb40925de77eeff26d6070bd4e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 22:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1062
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=500223356832946&ev=PageView&dl=https%3A%2F%2Fohiodems.org%2F&rl=&if=false&ts=1651270088518&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651270088333.1829537058&it=1651270088205&coo=false&rqm=GET

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:08:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 29 Apr 2022 22:08:08 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/998315148/ 42 B
64 B 249ms
51ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/998315148/?random=1651270088439&cv=9&fst=1651269600000&num=1&label=6pLRCNqVxmUQjKmE3AM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4r0&sendb=1&frm=0&url=https%3A%2F%2Fohiodems.org%2F&tiba=Ohio%20Democratic%20Party&async=1&fmt=3&is_vtc=1&random=4031106530&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 22:08:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/998315148/ 42 B
548 B 247ms
50ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/998315148/?random=1651270088439&cv=9&fst=1651269600000&num=1&label=6pLRCNqVxmUQjKmE3AM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4r0&sendb=1&frm=0&url=https%3A%2F%2Fohiodems.org%2F&tiba=Ohio%20Democratic%20Party&async=1&fmt=3&is_vtc=1&random=4031106530&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 22:08:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK moment~timeline.55634fd8bf871f86dbe537f50a41349e.js Show response
platform.twitter.com/js/ 25 KB
8 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.55634fd8bf871f86dbe537f50a41349e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6794) /
Resource Hash: 4fce02aef5542a40509dce7f66aec864d7a2a070ac671b06ed235cbcd4743821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 22:08:08 GMT
Content-Encoding: gzip
Age: 776592
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 8084
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:14:39 GMT
Server: ECS (frb/6794)
Etag: "8d39588ffce9da16e8e735f3fdd8f990+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2002b66aa236ee3e1e6728119a7c4b98.js Show response
platform.twitter.com/js/ 20 KB
7 KB 14ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.2002b66aa236ee3e1e6728119a7c4b98.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: a37d848620d81a5fd27dff6e15af34f37fd05384f7d5337053c98efd0fe5a7d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 22:08:08 GMT
Content-Encoding: gzip
Age: 776591
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 6371
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:14:40 GMT
Server: ECS (frb/669F)
Etag: "57d65599f609862f8724a6a6475c8c7a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 7 KB
3 KB 171ms
141ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_OHDems_old&dnt=false&domain=ohiodems.org&lang=en&screen_name=OHDems&suppress_response_codes=true&t=1834744&tweet_limit=1&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

aa45658846401a137674d2d725d8315849b06a17d5d19b23196f51b6e786312d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=135
content-length: 2213
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 121
last-modified: Fri, 29 Apr 2022 22:08:08 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 4dbd17b1c583f919f7c7a0b8fc1238e1620ee27e49707f46e77e7d17d40c3727
timing-allow-origin: *
x-transaction: 72cdae9fbc433c6c
expires: Fri, 29 Apr 2022 22:13:08 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 50ms
49ms Image
image/gif 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-5N8X83&cv=13&v=3&t=t&pid=7889458&rv=4r0&es=1&e=gtm.dom&eid=5&tc=3&z=0

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 22:08:08 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 5B02 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ohiodems.org
Referer: https://ohiodems.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://ohiodems.org
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 22:08:08 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 7686 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ohiodems.org
Referer: https://ohiodems.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://ohiodems.org
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 22:08:08 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame 8E9A 53 KB
12 KB 7ms
7ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 22:08:08 GMT
Content-Encoding: gzip
Age: 776592
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:14:32 GMT
Server: ECS (frb/6796)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 7ms
7ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 22:08:08 GMT
Content-Encoding: gzip
Age: 776592
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:14:32 GMT
Server: ECS (frb/6796)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 dAFiiu_L_normal.jpg
pbs.twimg.com/profile_images/1323436115647434752/ Frame 8E9A 2 KB
2 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1323436115647434752/dAFiiu_L_normal.jpg

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6731) /

Resource Hash

aa5fde55a9650051343a8a6e018d6103b7e807d700b23a09978834b7a1e7ffa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:08:08 GMT
x-content-type-options: nosniff
age: 97938
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 2187
x-response-time: 120
surrogate-key: profile_images profile_images/bucket/7 profile_images/1323436115647434752
last-modified: Tue, 03 Nov 2020 01:23:32 GMT
server: ECS (frb/6731)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 99ad5ed0b8209ea7fdb207c7c387924b96206a91eb935485681f3daa95b55ad1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
DATA 200
OK truncated
/ Frame 8E9A 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8E9A 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8E9A 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8E9A 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8E9A 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F322 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ohiodems.org
Referer: https://ohiodems.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://ohiodems.org
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 22:08:09 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
379 B 130ms
130ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fohiodems.org%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22ohdems%22%2C%22widget_data_source%22%3A%22profile%3AOHDems%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1651270089132%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D&session_id=40b8ea3e88631cfa7500903e87c706f5f0526070

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 123
pragma: no-cache
last-modified: Fri, 29 Apr 2022 22:08:09 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: cb8493d397466f4edc75301d473c3f3ae24ff350a6fae942355227797f0126f3
x-transaction: 02e39ecfc05eff72
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 56ms
56ms Image
image/gif 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-5N8X83&cv=13&v=3&t=t&pid=7889458&rv=4r0&e=gtm.js&eid=3&tc=3&tr=5sp&ti=1sp&z=0

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 22:08:09 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: profile.ngpvan.com
URL: https://profile.ngpvan.com/identity?callback=_jqjsp

Domain: secure.ngpvan.com
URL: https://secure.ngpvan.com/v1/Forms/vGsz3qFuOkqSPswtciZgag2

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ohiodems.org/	1970-01-23 18:17:10	Name: optimizelyEndUserId Value: oeu1651270087814r0.615746268300408
.ohiodems.org/	1970-01-23 18:17:10	Name: optimizelySegments Value: %7B%22338746200%22%3A%22direct%22%2C%22339344593%22%3A%22false%22%2C%22339910449%22%3A%22gc%22%7D
.ohiodems.org/	1970-01-23 18:17:10	Name: optimizelyBuckets Value: %7B%7D
.ohiodems.org/	1970-01-20 02:41:10	Name: optimizelyPendingLogEvents Value: %5B%5D
.ohiodems.org/	1970-01-20 04:50:46	Name: _fbp Value: fb.1.1651270088333.1829537058
.ohiodems.org/	1970-01-20 20:12:22	Name: _ga_T0MC8QX2ZT Value: GS1.1.1651270088.1.0.1651270088.0
.ohiodems.org/	1970-01-20 20:12:22	Name: _ga Value: GA1.1.1026053723.1651270088
.doubleclick.net/	1970-01-20 02:41:10	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.optimizely.com
cdn.syndication.twimg.com
code.jquery.com
connect.facebook.net
d3rse9xjbp8270.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
iwillvote.com
js2.verygoodvault.com
maps.googleapis.com
maxcdn.bootstrapcdn.com
ohiodems.org
pbs.twimg.com
platform.twitter.com
profile.ngpvan.com
secure.ngpvan.com
syndication.twitter.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
profile.ngpvan.com
secure.ngpvan.com
104.244.42.8
172.217.23.98
18.66.2.76
2001:4de0:ac18::1:a:2b
2600:9000:206f:fa00:12:303c:8700:21
2600:9000:214f:a000:14:79be:a380:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:acf
2a00:1450:4001:802::200e
2a00:1450:4001:808::2004
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2003
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a02:26f0:3500:889::13b8
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3121::7
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
08dd67a1f23a1f0929ab6aecb2ae6bba654fedc2e1fb4c52a685e67a23a122c2
0cf9ffc91dda654227944dd95794db5e6da7cda47a70267f744e915aa7eb80f4
0d07e46c831f95c741ef1f7e627b68ee66d5f1ebbd85877b92a65730ca53069c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18c7974cdab32e0e913639d2a48b6b5015677b61e6a6c92abbfaeae341b37799
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
2df9ef350ac1eba6f6c64aa55291d5b26ce61574d796355c8209b5166d5a131c
3319f53417214cbc9f046bd79a2fe8e753cc3f56165ee339ce474a40889bd8f9
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
370f049a2458c34f7dc8d6eda8bc03c3a0f2ce147ceaab3e9dac9cae4a6109ca
39e923cd9b7b0e8f56dcb069a582132aa850d546ddf5ad9477e5b029dfca96b1
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
45cd382e2a44608e6088987139877513b69c7a9306f5ffbd875687d6970958bf
4f6fb0f002054865ca72e6c327468a60effc6e397d805d6b3b6d12bcb38f814f
4fce02aef5542a40509dce7f66aec864d7a2a070ac671b06ed235cbcd4743821
53d10ba372155a0657ebd8cefe2c76f1a6bb8e27dcfd04bb1401f457cf926a6c
5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005
590efdeb757a3a59aae0f32008fe36d91f7ab3e20e0336b2af2be05c0d6700f1
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6fae15b0e79937f4720bfb9b913d86e6df2cc5e78a9ab88398ce38f7e5047fd3
7333e3dd6306694086b298bd67b7dbe4085040a77c828d9bf54c08ada7c524ed
7bab7e59de498e1e76a05252c66d7fe1e32b1d73fecad8708970b4e693146c51
7cd72a40e5b18c07a4946978ffad3205ef00f9411dac392f4989b35df4377f8d
7e8729d70284a113dfc7d10ebffe49ad634baa8fd75916b8356c2309ba96673f
8499f481f7d550511361c4b6978f2a14fb1dbc3c24554355da84600715d6e130
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
96ac70abde3c2954406c67c4c034ef10eec3fefc43ab49c62440179c30adf3c3
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d
a22fa3b803eb72fb296c9874eba3d223f727a2a2fd1858e9f5e4871cef45a8a4
a37d848620d81a5fd27dff6e15af34f37fd05384f7d5337053c98efd0fe5a7d7
a3e9e695ef04e38c6417c1877bdd1ad35d02ded1e2d8ce9c3526a9779e08bb62
a4f722d770732e5a7a11518982ec3339298bf91fe1eaf4ebfc310e280cbc98b0
aa45658846401a137674d2d725d8315849b06a17d5d19b23196f51b6e786312d
aa5fde55a9650051343a8a6e018d6103b7e807d700b23a09978834b7a1e7ffa6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad1fcae6e7e500b0391b44af1847b07a3ed00f27b0a16d600002b6a1962de1d1
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
b99458781298a9a98e615f990c6e70063be85647969eeae50abdcb637d49a10c
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
bf903f87d898f573399da576e5fe313b96225298e8a5f17af0dab29516144a46
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d516e4641028e8ff59509eb5609cdcb2b296b9aa23020468930226e37f3f4561
d7f2a53ec64c3613054b8aca405af6eeb1e8dc1bf371d4676f5dbe917e3986d8
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
e2cd96af8e4c6700800058070b365d0c846c4b006518c323a8a15d6312e1aa24
e3037e5f992beda4fda32b590e897a0806fe95aeb592114396e9b222668f1208
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
eeb4bcc0c59dbf6d243fedbb8692051495301e776bd242ca3a756353e65ab05d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef794fa607c386336f5778a26046ed855058eb179b8dd5a5568539098cb62ebe
f052b01e863c69b191f782b5b799cc83b25cfb40925de77eeff26d6070bd4e63
f2470c6c388ac442808a285250328ffd6f010a2d3dacde4a41dc45fafefc2c97
f97a112994bdf14e3b6ad86c849b3d7a66c7a3d7f518219b28db161b52b5dc25
fe46959fb84c1695d5b8959c5f70100e2949c0c05f00811abe35bcc1c8075a4f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

ohiodems.org Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

73 Requests

97 %HTTPS

86 %IPv6

20 Domains

25 Subdomains

22 IPs

3 Countries

3584 kBTransfer

7131 kBSize

8 Cookies

6 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ohiodems.org Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

97 %
HTTPS

86 %
IPv6

20
Domains

25
Subdomains

22
IPs

3
Countries

3584 kB
Transfer

7131 kB
Size

8
Cookies

73 HTTP transactions
5 data transactions