ohiodems.org Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ohiodems.org/
Submission: On April 22 via api (April 22nd 2022, 10:08:15 pm UTC) from DE — Scanned from DE

Summary HTTP 86 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 20 domains to perform 86 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is ohiodems.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2021. Valid for: a year.

This is the only time ohiodems.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:170... 2a02:26f0:1700:797::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	18.66.248.30 18.66.248.30	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:224... 2600:9000:224a:f600:12:303c:8700:21	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
6	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
4	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
1	2600:9000:219... 2600:9000:2190:6000:14:79be:a380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
10	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
2	2600:1480:300... 2600:1480:3000:e5::	33905 (AKAMAI-AMS) (AKAMAI-AMS)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
86	27

16 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

ohiodems.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:797::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-30.dus51.r.cloudfront.net

iwillvote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:224a:f600:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)

d3rse9xjbp8270.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:6000:14:79be:a380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js2.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1480:3000:e5:: (United States)

ASN33905 (AKAMAI-AMS, NL)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	ohiodems.org ohiodems.org	698 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
8	twitter.com platform.twitter.com — Cisco Umbrella Rank: 608 syndication.twitter.com — Cisco Umbrella Rank: 889	214 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	521 B
6	gstatic.com www.gstatic.com fonts.gstatic.com	240 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39 maps.googleapis.com — Cisco Umbrella Rank: 321	175 KB
5	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1457 pbs.twimg.com — Cisco Umbrella Rank: 691 ton.twimg.com — Cisco Umbrella Rank: 5154	83 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 137	307 KB
4	ngpvan.com profile.ngpvan.com — Cisco Umbrella Rank: 51675 secure.ngpvan.com — Cisco Umbrella Rank: 58734 fastaction.ngpvan.com — Cisco Umbrella Rank: 124515	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 58	185 KB
4	cloudfront.net d3rse9xjbp8270.cloudfront.net	372 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 80	2 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 640	77 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6544	548 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 103	15 KB
1	verygoodvault.com js2.verygoodvault.com — Cisco Umbrella Rank: 63346	24 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 610	30 KB
1	iwillvote.com iwillvote.com — Cisco Umbrella Rank: 396940	1 KB
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 688	67 KB
86	20

	Domain	Requested by
16	ohiodems.org	ohiodems.org
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com ohiodems.org
6	www.facebook.com	ohiodems.org
6	platform.twitter.com	ohiodems.org platform.twitter.com
5	fonts.gstatic.com	fonts.googleapis.com
5	connect.facebook.net	ohiodems.org connect.facebook.net
4	www.googletagmanager.com	ohiodems.org d3rse9xjbp8270.cloudfront.net www.googletagmanager.com
4	maps.googleapis.com	ohiodems.org maps.googleapis.com
4	d3rse9xjbp8270.cloudfront.net	ohiodems.org d3rse9xjbp8270.cloudfront.net
2	ton.twimg.com	platform.twitter.com
2	pbs.twimg.com	ohiodems.org
2	syndication.twitter.com	platform.twitter.com
2	secure.ngpvan.com	d3rse9xjbp8270.cloudfront.net ohiodems.org
2	www.google.com	ohiodems.org
2	maxcdn.bootstrapcdn.com	ohiodems.org maxcdn.bootstrapcdn.com
2	fonts.googleapis.com	ohiodems.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	fastaction.ngpvan.com	d3rse9xjbp8270.cloudfront.net
1	cdn.syndication.twimg.com	platform.twitter.com
1	www.google.de	ohiodems.org
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	js2.verygoodvault.com	d3rse9xjbp8270.cloudfront.net
1	profile.ngpvan.com	d3rse9xjbp8270.cloudfront.net
1	www.gstatic.com	www.google.com
1	code.jquery.com	ohiodems.org
1	iwillvote.com	ohiodems.org
1	cdn.optimizely.com	ohiodems.org
86	28

This site contains links to these domains. Also see Links.

Domain
act.ohiodems.org
store.ohiodems.org
secure.actblue.com
fastaction.ngpvan.com
iwillvote.com
www.facebook.com
votefromabroad.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
iwillvote.com Amazon	`2021-06-29` - `2022-07-28`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-29` - `2022-04-29`	3 months	crt.sh
*.ngpvan.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-30` - `2023-01-14`	a year	crt.sh
*.verygoodvault.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
pbs.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://ohiodems.org/
Frame ID: FBFF52F84C0A8D7317FE0853C503C25D
Requests: 78 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fohiodems.org
Frame ID: E7EF2E0B4630B248301F0840B5D0D53F
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 19C63A773B4D9C638D5011D481AA2651
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1D20A8FFF85A89A2EDA55CBFDB1BCF67
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1515633504415096833/MizNWBgz?format=jpg&name=600x314
Frame ID: AE06733BDDC495EE93AAB478031ABC14
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 15E248C936962A25576CEFE1A29C894D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ohio Democratic Party

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

86
Requests

100 %
HTTPS

85 %
IPv6

20
Domains

28
Subdomains

27
IPs

4
Countries

2517 kB
Transfer

7472 kB
Size

16
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://act.ohiodems.org/a/odp-volunteer
Title: Volunteer

Search URL Search Domain Scan URL

URL: https://store.ohiodems.org/
Title: Store

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/2021-support/?refcode=websign2021
Title: Donate

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/twitter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: https://iwillvote.com/register/?state=OH
Title: Take Action

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OHDems
Title: Ohio Democratic Party

Search URL Search Domain Scan URL

URL: http://votefromabroad.org/
Title: Vote from Abroad

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

86 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ohiodems.org/ 33 KB
10 KB 1612ms
1423ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a0acf53d682ac1c6f258ee17d0b4a8836db6c683d20daafbbede56459b84b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7001ace978789028-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Apr 2022 22:08:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
fastly-restarts: 1
link: <https://ohiodems.org/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALulph9uy1awkjRG4CVTmHW5yTNC0tbkoRgf41Ac2quxinPT8vrhdoOypcMuw4lu0Wd6zTVWST2ksdd7b0DiuopTkjGD4Bcgu0he3r8WO28zQdKeiEG%2FDvCnX542zsd5%2BMRX3DmEuFLskv8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: MISS
x-cache-hits: 0
x-cacheable: YES
x-content-type-options: nosniff
x-fw-dynamic: TRUE
x-fw-hash: exinsehpq5
x-fw-serve: TRUE
x-fw-server: Flywheel/5.1.0
x-fw-static: NO
x-fw-type: VISIT
x-fw-version: 5.0.0
x-served-by: cache-fra19157-FRA
x-timer: S1650665279.975941,VS0,VE1187
x-xss-protection: 1

GET
H2 200 338944120.js Show response
cdn.optimizely.com/js/ 199 KB
67 KB 168ms
137ms Script
text/javascript 2a02:26f0:1700:797::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/338944120.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:797::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7cd72a40e5b18c07a4946978ffad3205ef00f9411dac392f4989b35df4377f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id: 9AYEqhUUMq5Oh9dXr9djn4dBDWYeHi_e
content-encoding: gzip
etag: "90c7ffd1e74889817b8577bb593867c0"
x-amz-request-id: ZDM57M336N0H3K9Y
x-amz-meta-revision: 101
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:1700:797::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 67854
x-amz-id-2: tXaub24I5T6uXwHFUYXvucDR4iLPu1hkWUfQ2UZ04x4mxfU1b6qhQBDqwddC3XwYQqbP7eUgsus=
last-modified: Thu, 01 Mar 2018 22:07:04 GMT
server: AmazonS3
date: Fri, 22 Apr 2022 22:08:00 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 style.min.css
ohiodems.org/wp-includes/css/dist/block-library/ 81 KB
12 KB 37ms
29ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 125602
x-fw-server: Flywheel/5.1.0
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4077-HHN
x-fw-type: FLYWHEEL_BOT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Apr 2022 21:15:08 GMT
server: cloudflare
x-timer: S1650539678.330482,VS0,VE113
x-fw-hash: exinsehpq5
etag: W/"624cb15c-145db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ibZRUF3QvWsXthOvxgdpbakE6ep06t1bCJ%2B0dbqSh%2B7jwD11PV7WZLAiX%2BMgHwUrVqEE7SXbunKCYmkEB3dJN88h4UhJTPyYo18DvhqwAGIduFyJwkYwTRWxK%2BjmwavJeTmQTxslxEpJAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 7001acf28cbb9028-FRA
x-fw-version: 5.0.0

GET
H2 200 pum-site-styles.css
ohiodems.org/wp-content/uploads/pum/ 17 KB
4 KB 23ms
15ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-content/uploads/pum/pum-site-styles.css?generated=1649162010&ver=1.16.7

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf903f87d898f573399da576e5fe313b96225298e8a5f17af0dab29516144a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 570932
x-fw-server: Flywheel/5.1.0
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4055-HHN
x-fw-type: FLYWHEEL_BOT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Apr 2022 12:33:30 GMT
server: cloudflare
x-timer: S1650094348.857676,VS0,VE430
x-fw-hash: exinsehpq5
etag: W/"624c371a-44ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mT8QgpUbmQbQiFcUrci2e3lgXY%2FkS6IvMhvMkY8FFyCsUxai%2FHsb%2FUnxPGNsQE1BSE3aJMkMhMiqxjh%2BUOKhxYJ3HiNukTQft%2Byg5R7Lbm3H5Uu%2FtQrxB%2F%2F1EgRGz8XDbZl7r7DlPGPvIGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 7001acf28cbc9028-FRA
x-fw-version: 5.0.0

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 69ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6fffc6df3e955cb0426d46fecba4ffd23e605f1da2055b9212bb652a1440dc65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 22:08:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Apr 2022 22:08:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Apr 2022 22:08:00 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/ 28 KB
7 KB 46ms
22ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 4622660
cdn-cachedat: 2021-06-08 21:36:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0da3e6fa0421515cbcf5425517fc7012
cf-ray: 7001acf2acd59a35-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 main-48ef26500a.css
ohiodems.org/wp-content/themes/ohiodems/dist/styles/ 196 KB
31 KB 35ms
27ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-content/themes/ohiodems/dist/styles/main-48ef26500a.css

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39e923cd9b7b0e8f56dcb069a582132aa850d546ddf5ad9477e5b029dfca96b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 570933
x-fw-server: Flywheel/5.1.0
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4029-HHN
x-fw-type: FLYWHEEL_BOT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Jun 2021 20:29:47 GMT
server: cloudflare
x-timer: S1650094348.858576,VS0,VE2
x-fw-hash: exinsehpq5
etag: W/"60c7bc3b-31152"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUxCGmd8ssLcU7pcOk%2F%2BsynoVnl%2FbcJNbF9UfDtCSeHPfp%2F%2FXbuaGP1MbVNxnDp%2FFsHjkBmjq%2Fp6EF6bJC8eBF2Rm59B7JuJDhGPcQy%2F9nu1YYdRdDtXz9xEi7lUjQwEPao9dsvSnxFsvNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 7001acf28cbf9028-FRA
x-fw-version: 5.0.0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
968 B 61ms
21ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

631dd665d698d6f57e419ac9a7de2153e0002a255a1db8dea40da318fad21260

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Fri, 22 Apr 2022 22:08:00 GMT

GET
H2 200 widget-v2.css
iwillvote.com/locate/ 3 KB
1 KB 71ms
12ms Stylesheet
text/css 18.66.248.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://iwillvote.com/locate/widget-v2.css
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-30.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08dd67a1f23a1f0929ab6aecb2ae6bba654fedc2e1fb4c52a685e67a23a122c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 21:27:19 GMT
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 14:24:08 GMT
server: AmazonS3
age: 2442
etag: W/"521f174c960c58b357e753b9e2d5d9b2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: BU4APqFspwyNTDowDpnFBmyRWcSdmQ37ClzFU9KjGrJsw6zKIopt0Q==

GET
H2 200 at.js Show response
d3rse9xjbp8270.cloudfront.net/ 843 KB
241 KB 69ms
11ms Script
application/javascript 2600:9000:224a:f600:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:f600:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b406d2cc4fdd6c4f67848e56eeabc12ede28232e6d390020e35055acd1f514ed

Request headers

Referer: https://ohiodems.org/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 14:33:10 GMT
content-encoding: gzip
age: 27291
x-cache: Hit from cloudfront
content-length: 245560
access-control-allow-origin: *
last-modified: Tue, 19 Apr 2022 14:32:53 GMT
server: AmazonS3
etag: "22e87b100cf6eca31125abc5250f3313"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: Q4t1kQ85bkyihp1f_llHa_hiPHQlWoncOVp9eK7AMxB027g2Asx7uw==

GET
H2 200 at.min.css
d3rse9xjbp8270.cloudfront.net/ 111 KB
21 KB 69ms
11ms Stylesheet
text/css 2600:9000:224a:f600:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:f600:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 321b9a36ae5789d37e5acf19b6d12bd1edf31407f3f28344478d8e8c7c4b7815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 14:33:39 GMT
content-encoding: gzip
age: 27291
x-cache: Hit from cloudfront
content-length: 20669
access-control-allow-origin: *
last-modified: Tue, 19 Apr 2022 14:32:53 GMT
server: AmazonS3
etag: "637dcf24aa2230e8daea84993b87eb5e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: fcNwUlGG1UqBtd4Bp5EzfvHN2YdHTh82OmotuEw-_vYI5RbUpja8BQ==

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 49ms
19ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1650665280.dop123.fr8.t,1650665280.cds225.fr8.hn,1650665280.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 core.min.js Show response
ohiodems.org/wp-includes/js/jquery/ui/ 20 KB
7 KB 27ms
20ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 125602
x-fw-server: Flywheel/5.1.0
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra19127-FRA
x-fw-type: FLYWHEEL_BOT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Apr 2022 21:15:08 GMT
server: cloudflare
x-timer: S1650539678.333447,VS0,VE3
x-fw-hash: exinsehpq5
etag: W/"624cb15c-50ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJ07cfTO%2Fz5hLFfJtYfY4PEUOZ2oTEDq092%2FUtNjnHikJ5Nb9XuOF0o%2BFqI%2BFyEKunr483Xt1KZ%2FxN9GrGLiE01L9uzzkoAlcve%2ByZKK%2F7o1SxAcrXj%2Ffk50Bg%2B43oBjvHiJdf%2FaHKAjZRY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 7001acf28cc09028-FRA
x-fw-version: 5.0.0

GET
H2 200 pum-site-scripts.js Show response
ohiodems.org/wp-content/uploads/pum/ 68 KB
18 KB 24ms
17ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1649162010&ver=1.16.7

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97a112994bdf14e3b6ad86c849b3d7a66c7a3d7f518219b28db161b52b5dc25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 570933
x-fw-server: Flywheel/5.1.0
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4036-HHN
x-fw-type: FLYWHEEL_BOT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Apr 2022 12:33:30 GMT
server: cloudflare
x-timer: S1650094348.858583,VS0,VE2
x-fw-hash: exinsehpq5
etag: W/"624c371a-1101b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u77QrkFTQkCzbjAh2lEHP7VKZSarjQJr8klEZBpntyroOsHcO22kp55UDD5O7%2BZTe4JfNTzxF7bg3LaUY69iw5dEAfe%2BQ5Kv0WZek%2BI%2FRSYAasCGl1NCTMTflU4%2FAdhLzljCLttMZ8GaDSs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 7001acf28cc29028-FRA
x-fw-version: 5.0.0

GET
H2 200 modernizr-8895641e34.js Show response
ohiodems.org/wp-content/themes/ohiodems/dist/scripts/ 11 KB
5 KB 25ms
18ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-content/themes/ohiodems/dist/scripts/modernizr-8895641e34.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

370f049a2458c34f7dc8d6eda8bc03c3a0f2ce147ceaab3e9dac9cae4a6109ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 125602
x-fw-server: Flywheel/5.1.0
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4034-HHN
x-fw-type: FLYWHEEL_BOT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Jun 2021 20:29:47 GMT
server: cloudflare
x-timer: S1650539678.337524,VS0,VE432
x-fw-hash: exinsehpq5
etag: W/"60c7bc3b-2af0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzlPK9YHLQ78EH8kCtShqZdKvjfhVwhJUk3gYXpVjYZQmlOKSVopuYT50tBiqINtKZcaFNJY3cG1338lheeAmIeVm63fM9LAutbc4VPgU7SQnJXt%2BcYb7WAbl2JvvRoDlJ1WWuy7YssY6X0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 7001acf28cc49028-FRA
x-fw-version: 5.0.0

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 158 KB
52 KB 91ms
49ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

85916579e50ad5dd5e61c2e521f9eaadd8ca03fa60d94764b14c16533b7b6d76

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52928
x-xss-protection: 0
expires: Fri, 22 Apr 2022 22:38:00 GMT

GET
H2 200 main-a16b202eb3.js Show response
ohiodems.org/wp-content/themes/ohiodems/dist/scripts/ 197 KB
53 KB 27ms
21ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-content/themes/ohiodems/dist/scripts/main-a16b202eb3.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2470c6c388ac442808a285250328ffd6f010a2d3dacde4a41dc45fafefc2c97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 570932
x-fw-server: Flywheel/5.1.0
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra19148-FRA
x-fw-type: FLYWHEEL_BOT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Jun 2021 20:29:47 GMT
server: cloudflare
x-timer: S1650094348.858189,VS0,VE226
x-fw-hash: exinsehpq5
etag: W/"60c7bc3b-3125f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUlMgAlqDklEPqWLPGpTIqcACxz3kvKBoYNT9%2FnZ2l3ts8%2FW5EhetmocBe2T7wrt9e0OVD4av9xbriF6NueqlKHxuYtzfPkt28m2339d6o7gJ6FIQP4o1clgw2rP7n8tSASN3cgal8mjkGw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 7001acf28cc79028-FRA
x-fw-version: 5.0.0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 32ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: 2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 22:08:00 GMT
Content-Encoding: gzip
Age: 645
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29461
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:38:34 GMT
Server: ECS (frb/6772)
Etag: "f1369725ba22125b0df0251e74090aa0+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H3 200 css
fonts.googleapis.com/ 2 KB
525 B 52ms
23ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/wp-content/uploads/pum/pum-site-styles.css?generated=1649162010&ver=1.16.7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e9fbf3d824fd46e5a95966458246d1f26baae0e47d3dc732e2ce0f51b14d772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/wp-content/uploads/pum/pum-site-styles.css?generated=1649162010&ver=1.16.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 20:21:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Apr 2022 22:08:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Apr 2022 22:08:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/ 364 KB
145 KB 61ms
14ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4d47dd6793fe24c23ab3c34f630ce5d0f42ef12a9e19eabd2fba286296647e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 20:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147479
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 04:06:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 20:00:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 83 KB
33 KB 65ms
29ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TR2MNXD

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6141ee63d3796612130280197e1b684aab78b39402157bdffc55dbc61ff9b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33133
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Apr 2022 22:08:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: 7Aqx1xHD7m69/DKrLhvH6LoAqeM0k+SZQEtmsYsCFIrin2WIRsLYSKcr6SMbflFmtOulBUhDdFio7Yiyh2zVSA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 22 Apr 2022 22:08:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 109 KB
43 KB 48ms
30ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5N8X83

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19d81d3a837c0874eeb9b3fb1fbb502d275e006f06d122dede7444a0dc7bab2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43746
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Apr 2022 22:08:00 GMT

GET
H3 200 logo.png
ohiodems.org/wp-content/themes/ohiodems/dist/images/ 4 KB
5 KB 466ms
466ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ohiodems.org/wp-content/themes/ohiodems/dist/images/logo.png

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/wp-content/themes/ohiodems/dist/styles/main-48ef26500a.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4f722d770732e5a7a11518982ec3339298bf91fe1eaf4ebfc310e280cbc98b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/wp-content/themes/ohiodems/dist/styles/main-48ef26500a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 22 Apr 2022 22:08:01 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra19145-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Jun 2021 20:29:46 GMT
server: cloudflare
x-timer: S1650665281.706962,VS0,VE432
x-fw-hash: exinsehpq5
etag: W/"60c7bc3a-1102"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6zOnkXRAOAAuUEte6aQ3%2Fy0x5zmXeYm5TYPG15NZtUYjLWIiXWwpszUR6eMq04xih0qMCPZpTxascmjh8Wl6NBDHK03LgA8okAqZ5Tym3xEPcvs6xHJH%2B5ZV3l%2FQbBdue0Wkxm8Sx2lRMM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 7001acf44dfc5b8c-FRA
x-fw-version: 5.0.0

GET
H3 200 video-still.jpg
ohiodems.org/wp-content/uploads/2018/10/ 389 KB
390 KB 936ms
936ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ohiodems.org/wp-content/uploads/2018/10/video-still.jpg

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53d10ba372155a0657ebd8cefe2c76f1a6bb8e27dcfd04bb1401f457cf926a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 22 Apr 2022 22:08:01 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra19127-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Oct 2018 18:43:46 GMT
server: cloudflare
x-timer: S1650665281.715477,VS0,VE888
x-fw-hash: exinsehpq5
etag: W/"5bc63162-61537"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcCckMDIoRYzbKlrD1XT4w5%2FtE0XFnh7m4fyFoNt8spJrczg9w8rpm8942hlohf9nWeKcvhK0p07HkiNF2Hb%2FTdY0y98EKI7ZgKTsnDxS2eH8vmrCKAoWGVkbbU6GtXZTn%2Bya37KHWXPlOM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 7001acf44dfd5b8c-FRA
x-fw-version: 5.0.0

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 49ms
14ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 187768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Apr 2023 17:58:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 53ms
18ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 187901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Apr 2023 17:56:19 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 63ms
28ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 01:31:09 GMT
x-content-type-options: nosniff
age: 74211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 01:31:09 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v22/ 24 KB
24 KB 69ms
34ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 01:53:46 GMT
x-content-type-options: nosniff
age: 72854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24448
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 01:53:46 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/ 69 KB
70 KB 49ms
35ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
age: 88890
cdn-proxyver: 1.02
cdn-cachedat: 04/08/2022 21:01:05
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70728
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "926c93d201fe51c8f351e858468980c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e3888cd7dd78d618588a541586e53393
accept-ranges: bytes
cf-ray: 7001acf478a291fb-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 meta-runforoffice-295x115.png
ohiodems.org/wp-content/uploads/2015/09/ 48 KB
49 KB 674ms
673ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ohiodems.org/wp-content/uploads/2015/09/meta-runforoffice-295x115.png

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bab7e59de498e1e76a05252c66d7fe1e32b1d73fecad8708970b4e693146c51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 22 Apr 2022 22:08:01 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4026-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 05 Sep 2019 16:02:16 GMT
server: cloudflare
x-timer: S1650665281.734148,VS0,VE648
x-fw-hash: exinsehpq5
etag: W/"5d713188-bf1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usxRF8XCozl4UaLdtcVeNhwTGJu6j5D4RCCLpHiE7mKQFed2yhf6NhTWOPPK8uFfeWthUWCCQidooH%2Fnr%2BVMNS%2BfqumEmBxT1HTLrkNohE%2BagBgdCd3y%2FAt1ZjOWPZbGPl6262HtH6oRpYk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 7001acf47e315b8c-FRA
x-fw-version: 5.0.0

GET
H3 206 hero-background.mp4
ohiodems.org/wp-content/uploads/2018/06/ 157 KB
0 691ms
691ms Media
video/mp4 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-content/uploads/2018/06/hero-background.mp4

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://ohiodems.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Range: bytes=0-

Response headers

x-fw-static: NO
date: Fri, 22 Apr 2022 22:08:01 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
Content-Range: bytes 0-1334062/1334063
x-cache-hits: 0
vary: Authorization, Accept-Encoding
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra19150-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Sep 2018 19:55:00 GMT
server: cloudflare
x-timer: S1650665281.739159,VS0,VE659
x-fw-hash: exinsehpq5
etag: "5b996f14-145b2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juEckAsFw%2B4BFzVUej4aLOaIx6Zd%2BGBcNr2Bzt3KKtnrrzkDegmZwUBgMRqzguMyO5iErJEH%2FWS9eWHXCsrBUQHXyPyjp2InasqDKYlgwsiuK9ASFk6Xa3t8o8qUNGL7TMP5mkArE9uD3fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
Content-Length: 1334063
cf-ray: 7001acf48e345b8c-FRA
x-fw-version: 5.0.0

GET
H3 200 UPDATEDmask-295x115.png
ohiodems.org/wp-content/uploads/2018/10/ 23 KB
24 KB 46ms
45ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ohiodems.org/wp-content/uploads/2018/10/UPDATEDmask-295x115.png

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8499f481f7d550511361c4b6978f2a14fb1dbc3c24554355da84600715d6e130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 22 Apr 2022 22:08:00 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4025-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Jun 2020 14:49:05 GMT
server: cloudflare
x-timer: S1650665281.756036,VS0,VE2
x-fw-hash: exinsehpq5
etag: W/"5ed7b861-5d28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYC8%2BzbhHamDGLL%2BAVVak73oVQeZSEQittcCVOvuWRiRY9XTIm3cfsYaYEHYnMRzT7Pil024JHOvhyYcCHLtr%2FHfYKGIxY5W7kz0Ol0NbxNOQbiPLswEX76Xjhg1Ek7oHVbPaMXn0HblokE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 7001acf4ae425b8c-FRA
x-fw-version: 5.0.0

GET
H3 200 DSC_0011-1-295x115.png
ohiodems.org/wp-content/uploads/2019/09/ 67 KB
68 KB 353ms
352ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ohiodems.org/wp-content/uploads/2019/09/DSC_0011-1-295x115.png

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3037e5f992beda4fda32b590e897a0806fe95aeb592114396e9b222668f1208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 22 Apr 2022 22:08:01 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra19147-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Jul 2020 23:56:37 GMT
server: cloudflare
x-timer: S1650665281.760044,VS0,VE323
x-fw-hash: exinsehpq5
etag: W/"5f07aeb5-10c5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OZ%2BmJAcVfnOGexbvvM3dgNq0py6gojjvf%2FNt8dxLXJuJxBXyaCxvr%2FHs2QJZgwKT18wGPn8lSWeR8aUe3nAW%2BxOSP7efkTymlXdoWc4qR8qyVzwt1MGf%2B1vfsd8eFbDgKRtW4hQzBy4Su4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 7001acf4ae455b8c-FRA
x-fw-version: 5.0.0

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 57ms
28ms XHR
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ohiodems.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
43 KB 71ms
23ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af504c4d74dcd34dc54571eaa09d299cc7ca2c4ebfdc66a02061258ad39c57a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43650
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Apr 2022 22:08:00 GMT

GET
H2 200 extra.min.css
d3rse9xjbp8270.cloudfront.net/ 93 KB
16 KB 11ms
10ms Stylesheet
text/css 2600:9000:224a:f600:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:f600:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85a09f0bbb280312bff0e4f79e942191a1dfddcbcef85132c583c288d404a740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 14:33:40 GMT
content-encoding: gzip
age: 27300
x-cache: Hit from cloudfront
content-length: 15866
access-control-allow-origin: *
last-modified: Tue, 19 Apr 2022 14:32:53 GMT
server: AmazonS3
etag: "78b6992f49ffe45348251c5c730521a5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: P5MSCQGfxCgywn31EDyuFmUQM-y1bcmKYOdLiuQIXzIQLWCC-QmVaw==

GET
H2 204 identity Show response
profile.ngpvan.com/ 0
767 B 409ms
361ms Script
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:00 GMT
reason: Returned 204 - No Content. Referrer not whitelisted
server: Microsoft-IIS/10.0
x-powered-by: Express, ASP.NET
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-iinfo: 14-114451375-114451380 NNNN CT(85 176 0) RT(1650665280178 11) q(0 0 3 0) r(4 4) U5
x-cdn: Imperva
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 200
OK widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html Show response
platform.twitter.com/widgets/ Frame E7EF 319 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fohiodems.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer: https://ohiodems.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 171781
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Fri, 22 Apr 2022 22:08:00 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 13 Apr 2022 12:15:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BC)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H/1.1 200
OK AC2nt8erbFu3svSWxmyTZr1b.js Show response
js2.verygoodvault.com/vgs-collect/1/ 76 KB
24 KB 125ms
47ms Script
application/javascript 2600:9000:2190:6000:14:79be:a380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js2.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:6000:14:79be:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18c7974cdab32e0e913639d2a48b6b5015677b61e6a6c92abbfaeae341b37799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id: s108w9ESk9MsUpkYVuIVY.XmC2guOF28
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 24 Apr 2020 20:22:27 GMT
Server: AmazonS3
Age: 30
ETag: W/"9b953aa54ddcf3f41bc5a40e25cf8452"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Fri, 22 Apr 2022 22:07:34 GMT
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: PwXbIGFmeeI8LUDoHJdtwO3XwJ2o0Z8OFgo18b_stvt-0MmenxYavQ==

GET
H2 200 vGsz3qFuOkqSPswtciZgag2 Show response
secure.ngpvan.com/v1/Forms/ 2 KB
2 KB 477ms
449ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/v1/Forms/vGsz3qFuOkqSPswtciZgag2

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ef5460203f0f5412e534fa35b0b55f8e10a98b83418496b034c4ad4ba293cffc

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ohiodems.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 14-114451375-114449528 2NNN RT(1650665280178 48) q(0 0 0 1) r(4 4)
vary: Origin,Accept-Encoding
content-length: 1299
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ohiodems.org
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.57

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20656
x-xss-protection: 0
pragma: public
x-fb-debug: izTVV+dcGqQq7vNHfMg2H/m3P0ahNpAuddNbq+bQ7N/Q2nRZC7IHDawHz8qaHWfVip6mHCT3FAKwsPTlaPy3YQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 22 Apr 2022 22:08:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 830442327491061 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 96ms
87ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/830442327491061?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b99458781298a9a98e615f990c6e70063be85647969eeae50abdcb637d49a10c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: MSil7FvRc+2r8EUfCFCUlADdDadim3DhBG4Ujq2nuC2muUnAkg7YgxCQ3bDvr6Rt8qtHM58beyIley/HYyE1Ew==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 22 Apr 2022 22:08:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1650665280987
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T0MC8QX2ZT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR2MNXD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c794481b347eacdc6180e321db52a7b7c41035e56c8fcb321a49094e01649b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67822
x-xss-protection: 0
expires: Fri, 22 Apr 2022 22:08:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 73ms
27ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N8X83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14892
x-xss-protection: 0
server: cafe
etag: 4605403730725282575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 22:08:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame E7EF 169 B
424 B 204ms
123ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=6a1f23b2579eee11817819177c6ad78180273d14

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fohiodems.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

d7f2a53ec64c3613054b8aca405af6eeb1e8dc1bf371d4676f5dbe917e3986d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-response-time: 114
date: Fri, 22 Apr 2022 22:08:00 GMT
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 22:08:01 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 0903c42df904b1b420d3a83eca81f9a193e9aed20b27397a21c9b2665168c457
content-length: 143

POST
H2 204 collect
www.google-analytics.com/g/ 0
344 B 72ms
23ms Ping
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-T0MC8QX2ZT&gtm=2oe4k0&_p=1149865948&_z=ccd.NbB&cid=1050760682.1650665281&ul=en-us&sr=1600x1200&_s=1&sid=1650665280&sct=1&seg=0&dl=https%3A%2F%2Fohiodems.org%2F&dt=Ohio%20Democratic%20Party&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T0MC8QX2ZT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 22:08:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4908867975871926 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 57ms
57ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/4908867975871926?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a22fa3b803eb72fb296c9874eba3d223f727a2a2fd1858e9f5e4871cef45a8a4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: jHFs0BIXpQlkdQFEUmIaP07iWxZNSwArugayEXQ9j+XHnI3wWzBLv8gM/m380Yc+elcUKkDInEc2xTJlWpngKw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 22 Apr 2022 22:08:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1650665281081
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 24ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=830442327491061&ev=PageView&dl=https%3A%2F%2Fohiodems.org%2F&rl=&if=false&ts=1650665281027&sw=1600&sh=1200&v=2.9.57&r=stable&a=wordpress-5.9.3-3.0.6&ec=0&o=30&fbp=fb.1.1650665281018.508661149&it=1650665280893&coo=false&exp=p1&rqm=GET

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 22 Apr 2022 22:08:01 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/998315148/ 2 KB
2 KB 64ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998315148/?random=1650665281034&cv=9&fst=1650665281034&num=1&label=6pLRCNqVxmUQjKmE3AM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fohiodems.org%2F&tiba=Ohio%20Democratic%20Party&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c771968d1978fff4c40b56d69fff197a2fcfe202f760a97cef646a501c6e833f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 22:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1062
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 500223356832946 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 156ms
156ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/500223356832946?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e2cd96af8e4c6700800058070b365d0c846c4b006518c323a8a15d6312e1aa24

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: EJiDGNeFp8MGY9pU+Rmajgm+mDZ9qAuGf4UWoAHIYUfSiMuZBSRrrtPZgsrJmsaxdVxaQjDMnNiAxjgDc5XFSw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 22 Apr 2022 22:08:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1650665281257
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4908867975871926&ev=PageView&dl=https%3A%2F%2Fohiodems.org%2F&rl=&if=false&ts=1650665281104&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650665281018.508661149&it=1650665280893&coo=false&exp=p1&rqm=GET

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 22 Apr 2022 22:08:01 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/998315148/ 42 B
64 B 57ms
25ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/998315148/?random=1650665281034&cv=9&fst=1650664800000&num=1&label=6pLRCNqVxmUQjKmE3AM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&frm=0&url=https%3A%2F%2Fohiodems.org%2F&tiba=Ohio%20Democratic%20Party&async=1&fmt=3&is_vtc=1&random=444629924&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 22:08:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/998315148/ 42 B
548 B 69ms
25ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/998315148/?random=1650665281034&cv=9&fst=1650664800000&num=1&label=6pLRCNqVxmUQjKmE3AM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&frm=0&url=https%3A%2F%2Fohiodems.org%2F&tiba=Ohio%20Democratic%20Party&async=1&fmt=3&is_vtc=1&random=444629924&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 22:08:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK moment~timeline.55634fd8bf871f86dbe537f50a41349e.js Show response
platform.twitter.com/js/ 25 KB
8 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.55634fd8bf871f86dbe537f50a41349e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6794) /
Resource Hash: 4fce02aef5542a40509dce7f66aec864d7a2a070ac671b06ed235cbcd4743821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 22:08:01 GMT
Content-Encoding: gzip
Age: 171785
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 8084
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:14:39 GMT
Server: ECS (frb/6794)
Etag: "8d39588ffce9da16e8e735f3fdd8f990+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2002b66aa236ee3e1e6728119a7c4b98.js Show response
platform.twitter.com/js/ 20 KB
7 KB 17ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.2002b66aa236ee3e1e6728119a7c4b98.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: a37d848620d81a5fd27dff6e15af34f37fd05384f7d5337053c98efd0fe5a7d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 22:08:01 GMT
Content-Encoding: gzip
Age: 171782
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 6371
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:14:40 GMT
Server: ECS (frb/6772)
Etag: "57d65599f609862f8724a6a6475c8c7a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 11 KB
4 KB 465ms
158ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_OHDems_old&dnt=false&domain=ohiodems.org&lang=en&screen_name=OHDems&suppress_response_codes=true&t=1834072&tweet_limit=1&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

5f63d8779e9570927f01dc9aad8f4738f3bfb257d196d54910bb3cf40547eedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=147
content-length: 3294
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 132
last-modified: Fri, 22 Apr 2022 22:08:01 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ", VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 4251037e5495fa3cd9144f78e2d82d5bc5b8af3752d53a7dee57d26780a84365
timing-allow-origin: *
x-transaction: e9c1e74dbd7f92aa
expires: Fri, 22 Apr 2022 22:13:01 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=500223356832946&ev=PageView&dl=https%3A%2F%2Fohiodems.org%2F&rl=&if=false&ts=1650665281274&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650665281018.508661149&it=1650665280893&coo=false&exp=p1&rqm=GET

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 22 Apr 2022 22:08:01 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 42ms
13ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1991
date: Fri, 22 Apr 2022 21:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 22 Apr 2022 23:34:50 GMT

GET
H2 200 identity Show response
fastaction.ngpvan.com/api/v1/ 182 B
820 B 403ms
375ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1650665281338=

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

16b8899186ae132656e221c4c72988322236f228dfc0fc1e69b7064ff876d47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-powered-by: Express, ASP.NET
vary: Accept-Encoding,Accept-Encoding
p3p: CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo: 14-114451375-114451553 NNNN CT(87 174 0) RT(1650665280178 529) q(0 0 2 2) r(3 3) U4
date: Fri, 22 Apr 2022 22:08:01 GMT
x-cdn: Imperva
content-type: text/javascript; charset=utf-8
content-length: 296
etag: W/"b6-M9bfx7GQhFnh+ViNXwZuWVfC70I"
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 glyphicons-regular.woff2
d3rse9xjbp8270.cloudfront.net/assets/fonts/ 94 KB
95 KB 11ms
10ms Font
application/font-woff2 2600:9000:224a:f600:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/fonts/glyphicons-regular.woff2
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:f600:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Referer: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 07:40:22 GMT
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
age: 52094
x-cache: Hit from cloudfront
content-length: 96388
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "aca35251952e72d9e32d41217f0f97ab"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: mMaqqESINL_nT1jivpIpTRhBiDPM-31NGGUBIfIXjgRu76eLvN_1iw==

GET
H2 200 vGsz3qFuOkqSPswtciZgag2
secure.ngpvan.com/v1/Track/ 0
367 B 113ms
113ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.ngpvan.com/v1/Track/vGsz3qFuOkqSPswtciZgag2?formSessionId=cfc6d4fc-f8ab-4809-9063-070eb6861e0d&bName=chrome&dType=desktop&fUrl=aHR0cHM6Ly9vaGlvZGVtcy5vcmcv&fRef=

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 22:08:00 GMT
x-content-type-options: nosniff
expires: -1
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 14-114451375-114451551 NNNY CT(86 175 0) RT(1650665280178 523) q(0 0 0 3) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H3 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 47ms
17ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 01:57:41 GMT
x-content-type-options: nosniff
age: 72620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17484
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 01:57:41 GMT

GET
H3 206 hero-background.mp4
ohiodems.org/wp-content/uploads/2018/06/ 23 KB
24 KB 27ms
26ms Media
video/mp4 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-content/uploads/2018/06/hero-background.mp4

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deed0cca828e10820588f046f3c492360a07f32007d9fdb4cef8249baded73d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://ohiodems.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Range: bytes=1310720-

Response headers

x-fw-static: NO
date: Fri, 22 Apr 2022 22:08:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 0
x-fw-server: Flywheel/5.1.0
x-cache: MISS
Content-Range: bytes 1310720-1334062/1334063
x-cache-hits: 0
vary: Authorization, Accept-Encoding
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra19150-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Sep 2018 19:55:00 GMT
server: cloudflare
x-timer: S1650665281.739159,VS0,VE659
x-fw-hash: exinsehpq5
etag: "5b996f14-145b2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrKiSrf41a8whPRZ9cXM%2B7Fr19CT8DKu6fT7ckcKysTN%2BTWExJ%2Bm1l9%2Bnmy8wtUseIiy%2BybQP5yGPidLAmnIrFXEuEDEzgOl5DF9mBzvp8ttz06sSUpxZAxi4uUfxNHqYmsHD1xT2dp0cmc%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
Content-Length: 23343
cf-ray: 7001acf8faa75b8c-FRA
x-fw-version: 5.0.0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 20ms
20ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1149865948&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Downloading&utt=481&_u=YADAAEABAAAAAC~&jid=425991438&gjid=2039750750&cid=1050760682.1650665281&tid=UA-28243511-22&_gid=698640677.1650665281&_r=1&gtm=2wg4k05L2FSL&z=1995763375

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 22:08:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 397ms
348ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-28243511-23&cid=1050760682.1650665281&jid=1767114638&gjid=1941506141&_gid=698640677.1650665281&_u=YCDAgEABAAAAAG~&z=1800099298

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 22 Apr 2022 22:08:01 GMT
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1149865948&t=pageview&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAC~&jid=1767114638&gjid=1941506141&cid=1050760682.1650665281&tid=UA-28243511-23&_gid=698640677.1650665281&gtm=2wg4k05L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP21%2F1%2F89247&cd5=Website%20Signup&cd6=vGsz3qFuOkqSPswtciZgag2&z=1535518347

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 18:55:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11565
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1149865948&t=event&ni=1&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SignupForm&ea=Form%20Load&el=Minimal&ev=3&_u=YCDAgEABAAAAAG~&jid=&gjid=&cid=1050760682.1650665281&tid=UA-28243511-23&_gid=698640677.1650665281&gtm=2wg4k05L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP21%2F1%2F89247&cd5=Website%20Signup&cd6=vGsz3qFuOkqSPswtciZgag2&z=646556757

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 18:55:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11565
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1149865948&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Processing&utt=6&_u=YCDAAEABAAAAAG~&jid=&gjid=&cid=1050760682.1650665281&tid=UA-28243511-22&_gid=698640677.1650665281&gtm=2wg4k05L2FSL&z=1671481723

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 18:55:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11565
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
15ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1149865948&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Render&utt=12&_u=YCDAAEABAAAAAG~&jid=&gjid=&cid=1050760682.1650665281&tid=UA-28243511-22&_gid=698640677.1650665281&gtm=2wg4k05L2FSL&z=1643549794

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 18:55:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11565
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
16ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1149865948&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Fill&utt=2&_u=YCDAAEABAAAAAG~&jid=&gjid=&cid=1050760682.1650665281&tid=UA-28243511-22&_gid=698640677.1650665281&gtm=2wg4k05L2FSL&z=27096174

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 18:55:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11565
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
16ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1149865948&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Form&utt=505&_u=YCDAAEABAAAAAG~&jid=&gjid=&cid=1050760682.1650665281&tid=UA-28243511-22&_gid=698640677.1650665281&gtm=2wg4k05L2FSL&z=376654553

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 18:55:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11565
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
16ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1149865948&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Total&utt=563&_u=YCDAAEABAAAAAG~&jid=&gjid=&cid=1050760682.1650665281&tid=UA-28243511-22&_gid=698640677.1650665281&gtm=2wg4k05L2FSL&z=1995918314

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 18:55:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11565
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 206 hero-background.mp4
ohiodems.org/wp-content/uploads/2018/06/ 1 MB
0 21ms
20ms Media
video/mp4 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiodems.org/wp-content/uploads/2018/06/hero-background.mp4

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://ohiodems.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Range: bytes=131072-

Response headers

x-fw-static: NO
date: Fri, 22 Apr 2022 22:08:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 0
x-fw-server: Flywheel/5.1.0
x-cache: MISS
Content-Range: bytes 131072-1334062/1334063
x-cache-hits: 0
vary: Authorization, Accept-Encoding
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra19150-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Sep 2018 19:55:00 GMT
server: cloudflare
x-timer: S1650665281.739159,VS0,VE659
x-fw-hash: exinsehpq5
etag: "5b996f14-145b2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53io1DJwEwHYa%2BZTZPR8cW8MOpPI2yhzXP4%2BtN8wkPcoH06BLth851FhGiIbMzi0ynVd%2FSn90wNda%2FQHi2aemaqisAehMihVwQgP5JNop1CDuR%2F0rlU8%2FU2Z6zO8MLiaoOeABU1xcaSbUfw%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
Content-Length: 1202991
cf-ray: 7001acf9ac255b8c-FRA
x-fw-version: 5.0.0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 19C6 0
15 B 27ms
25ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ohiodems.org
Referer: https://ohiodems.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://ohiodems.org
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 22:08:01 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 1D20 0
15 B 20ms
19ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ohiodems.org
Referer: https://ohiodems.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://ohiodems.org
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 22:08:01 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 MizNWBgz
pbs.twimg.com/card_img/1515633504415096833/ Frame AE06 25 KB
25 KB 389ms
317ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1515633504415096833/MizNWBgz?format=jpg&name=600x314

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

39ced3142799eb86b7b87f189dac913e6207612f07fffd0871d1357adb95fc67

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=95.101.78.85,b=121238005,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__SCHIPHOL,o=20940],[c=w,n=US_IL_CHICAGO,o=20940],[c=w,n=US_IL_CHICAGO,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 25330
x-response-time: 51
last-modified: Sun, 17 Apr 2022 10:07:21 GMT
server: tsa_a
date: Fri, 22 Apr 2022 22:08:02 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b3ca618465fd4989c0df4c104044782a641c3e961db39c4a4f862e29cec13288
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame AE06 53 KB
12 KB 14ms
13ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 22:08:01 GMT
Content-Encoding: gzip
Age: 171785
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:14:32 GMT
Server: ECS (frb/6796)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 14ms
14ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 22:08:01 GMT
Content-Encoding: gzip
Age: 171785
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:14:32 GMT
Server: ECS (frb/6796)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 dAFiiu_L_normal.jpg
pbs.twimg.com/profile_images/1323436115647434752/ Frame AE06 2 KB
3 KB 152ms
108ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1323436115647434752/dAFiiu_L_normal.jpg

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

aa5fde55a9650051343a8a6e018d6103b7e807d700b23a09978834b7a1e7ffa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=95.101.78.85,b=121238006,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__SCHIPHOL,o=20940],[c=w,n=US_NJ_SECAUCUS,o=20940],[c=w,n=US_NJ_SECAUCUS,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 2187
x-response-time: 20
last-modified: Tue, 03 Nov 2020 01:23:32 GMT
server: tsa_b
date: Fri, 22 Apr 2022 22:08:01 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 747b4c1a7549c4bb01faa1c61c9c1afd54e9f467159a5f80f134394c10e95695
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame AE06 44 KB
7 KB 42ms
8ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124785
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 7
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 1864f28c81ab35589c2193fe644c8a49d99fa70c21e2284c428d7be4b92013fe
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 29 Apr 2022 22:08:01 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 48ms
14ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124785
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 7
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 1864f28c81ab35589c2193fe644c8a49d99fa70c21e2284c428d7be4b92013fe
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 29 Apr 2022 22:08:01 GMT

GET
DATA 200
OK truncated
/ Frame AE06 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame AE06 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame AE06 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame AE06 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame AE06 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 15E2 0
15 B 8ms
8ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ohiodems.org
Referer: https://ohiodems.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://ohiodems.org
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 22:08:01 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
357 B 126ms
125ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fohiodems.org%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22ohdems%22%2C%22widget_data_source%22%3A%22profile%3AOHDems%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1650665281842%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D&session_id=6a1f23b2579eee11817819177c6ad78180273d14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Fri, 22 Apr 2022 22:08:01 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 0903c42df904b1b420d3a83eca81f9a193e9aed20b27397a21c9b2665168c457
x-transaction: e4a684370ea4286d
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/48/10/intl/de_ALL/ 82 KB
30 KB 48ms
20ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/48/10/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

585eac76ebafa3fd2bd62e2e5a38798e0d5705b4e8c332a91d63e5bd0924e025

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 18:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30524
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 19:49:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Apr 2023 18:53:20 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/48/10/intl/de_ALL/ 308 KB
92 KB 42ms
14ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/48/10/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddff2fc030e835a876bfe0c87adb7f984644d0a76b277a299766ebe70163321b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 18:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93838
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 19:49:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Apr 2023 18:53:20 GMT

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ohiodems.org/	1970-01-23 18:07:05	Name: optimizelyEndUserId Value: oeu1650665280595r0.8556847785383974
.ohiodems.org/	1970-01-23 18:07:05	Name: optimizelySegments Value: %7B%22338746200%22%3A%22direct%22%2C%22339344593%22%3A%22false%22%2C%22339910449%22%3A%22gc%22%7D
.ohiodems.org/	1970-01-23 18:07:05	Name: optimizelyBuckets Value: %7B%7D
.ohiodems.org/	1970-01-20 02:31:05	Name: optimizelyPendingLogEvents Value: %5B%5D
.ohiodems.org/	1970-01-20 20:02:17	Name: _ga_T0MC8QX2ZT Value: GS1.1.1650665280.1.0.1650665280.0
.ohiodems.org/	1970-01-20 04:40:41	Name: _fbp Value: fb.1.1650665281018.508661149
.doubleclick.net/	1970-01-20 02:31:06	Name: test_cookie Value: CheckForPermission
.profile.ngpvan.com/	1970-01-20 02:31:08	Name: TiPMix Value: 71.63546945856577
.profile.ngpvan.com/	1970-01-20 02:31:08	Name: x-ms-routing-name Value: self
.secure.ngpvan.com/	1970-01-20 02:31:08	Name: TiPMix Value: 34.37815425985289
.secure.ngpvan.com/	1970-01-20 02:31:08	Name: x-ms-routing-name Value: self
.ngpvan.com/	1969-12-31 23:59:59	Name: nlbi_1002065 Value: Ax3NB4/rnXJ1MmrC0IOYSwAAAAD2Mlype5FxAgB3gv+CSC1+
.ohiodems.org/	1970-01-20 20:02:17	Name: _ga Value: GA1.2.1050760682.1650665281
.ohiodems.org/	1970-01-20 02:32:31	Name: _gid Value: GA1.2.698640677.1650665281
.ohiodems.org/	1970-01-20 02:31:05	Name: _gat_UA-28243511-22 Value: 1
.ohiodems.org/	1970-01-20 02:31:05	Name: _dc_gtm_UA-28243511-23 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.optimizely.com
cdn.syndication.twimg.com
code.jquery.com
connect.facebook.net
d3rse9xjbp8270.cloudfront.net
fastaction.ngpvan.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
iwillvote.com
js2.verygoodvault.com
maps.googleapis.com
maxcdn.bootstrapcdn.com
ohiodems.org
pbs.twimg.com
platform.twitter.com
profile.ngpvan.com
secure.ngpvan.com
stats.g.doubleclick.net
syndication.twitter.com
ton.twimg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.244.42.72
142.250.185.226
18.66.248.30
2001:4de0:ac18::1:a:1b
2600:1480:3000:e5::
2600:9000:2190:6000:14:79be:a380:93a1
2600:9000:224a:f600:12:303c:8700:21
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:bcf
2a00:1450:4001:800::200e
2a00:1450:4001:808::2003
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c09::9c
2a02:26f0:1700:797::13b8
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3120::7
45.60.33.183
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
08dd67a1f23a1f0929ab6aecb2ae6bba654fedc2e1fb4c52a685e67a23a122c2
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16b8899186ae132656e221c4c72988322236f228dfc0fc1e69b7064ff876d47e
18c7974cdab32e0e913639d2a48b6b5015677b61e6a6c92abbfaeae341b37799
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
19d81d3a837c0874eeb9b3fb1fbb502d275e006f06d122dede7444a0dc7bab2a
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
2e9fbf3d824fd46e5a95966458246d1f26baae0e47d3dc732e2ce0f51b14d772
321b9a36ae5789d37e5acf19b6d12bd1edf31407f3f28344478d8e8c7c4b7815
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
370f049a2458c34f7dc8d6eda8bc03c3a0f2ce147ceaab3e9dac9cae4a6109ca
39ced3142799eb86b7b87f189dac913e6207612f07fffd0871d1357adb95fc67
39e923cd9b7b0e8f56dcb069a582132aa850d546ddf5ad9477e5b029dfca96b1
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762
4fce02aef5542a40509dce7f66aec864d7a2a070ac671b06ed235cbcd4743821
53d10ba372155a0657ebd8cefe2c76f1a6bb8e27dcfd04bb1401f457cf926a6c
5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005
585eac76ebafa3fd2bd62e2e5a38798e0d5705b4e8c332a91d63e5bd0924e025
5a0acf53d682ac1c6f258ee17d0b4a8836db6c683d20daafbbede56459b84b56
5f63d8779e9570927f01dc9aad8f4738f3bfb257d196d54910bb3cf40547eedb
631dd665d698d6f57e419ac9a7de2153e0002a255a1db8dea40da318fad21260
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6fffc6df3e955cb0426d46fecba4ffd23e605f1da2055b9212bb652a1440dc65
7bab7e59de498e1e76a05252c66d7fe1e32b1d73fecad8708970b4e693146c51
7cd72a40e5b18c07a4946978ffad3205ef00f9411dac392f4989b35df4377f8d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8499f481f7d550511361c4b6978f2a14fb1dbc3c24554355da84600715d6e130
85916579e50ad5dd5e61c2e521f9eaadd8ca03fa60d94764b14c16533b7b6d76
85a09f0bbb280312bff0e4f79e942191a1dfddcbcef85132c583c288d404a740
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a22fa3b803eb72fb296c9874eba3d223f727a2a2fd1858e9f5e4871cef45a8a4
a37d848620d81a5fd27dff6e15af34f37fd05384f7d5337053c98efd0fe5a7d7
a4d47dd6793fe24c23ab3c34f630ce5d0f42ef12a9e19eabd2fba286296647e9
a4f722d770732e5a7a11518982ec3339298bf91fe1eaf4ebfc310e280cbc98b0
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
aa5fde55a9650051343a8a6e018d6103b7e807d700b23a09978834b7a1e7ffa6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af504c4d74dcd34dc54571eaa09d299cc7ca2c4ebfdc66a02061258ad39c57a4
b406d2cc4fdd6c4f67848e56eeabc12ede28232e6d390020e35055acd1f514ed
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
b99458781298a9a98e615f990c6e70063be85647969eeae50abdcb637d49a10c
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
bf903f87d898f573399da576e5fe313b96225298e8a5f17af0dab29516144a46
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c771968d1978fff4c40b56d69fff197a2fcfe202f760a97cef646a501c6e833f
c794481b347eacdc6180e321db52a7b7c41035e56c8fcb321a49094e01649b9e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d6141ee63d3796612130280197e1b684aab78b39402157bdffc55dbc61ff9b34
d7f2a53ec64c3613054b8aca405af6eeb1e8dc1bf371d4676f5dbe917e3986d8
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
ddff2fc030e835a876bfe0c87adb7f984644d0a76b277a299766ebe70163321b
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
deed0cca828e10820588f046f3c492360a07f32007d9fdb4cef8249baded73d0
e2cd96af8e4c6700800058070b365d0c846c4b006518c323a8a15d6312e1aa24
e3037e5f992beda4fda32b590e897a0806fe95aeb592114396e9b222668f1208
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5460203f0f5412e534fa35b0b55f8e10a98b83418496b034c4ad4ba293cffc
f2470c6c388ac442808a285250328ffd6f010a2d3dacde4a41dc45fafefc2c97
f97a112994bdf14e3b6ad86c849b3d7a66c7a3d7f518219b28db161b52b5dc25
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

ohiodems.org Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

100 %HTTPS

85 %IPv6

20 Domains

28 Subdomains

27 IPs

4 Countries

2517 kBTransfer

7472 kBSize

16 Cookies

12 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ohiodems.org Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

100 %
HTTPS

85 %
IPv6

20
Domains

28
Subdomains

27
IPs

4
Countries

2517 kB
Transfer

7472 kB
Size

16
Cookies

86 HTTP transactions
6 data transactions