www.demconvention.com Open in urlscan Pro
192.0.66.208 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.demconvention.com/
Submission: On August 28 via manual (August 28th 2020, 9:22:54 am UTC) from DE

Summary HTTP 59 Redirects Links 43 Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 17 domains to perform 59 HTTP transactions. The main IP is 192.0.66.208, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.demconvention.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 15th 2020. Valid for: 3 months.

This is the only time www.demconvention.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	192.0.66.208 192.0.66.208	2635 (AUTOMATTIC) (AUTOMATTIC)
8	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff0b	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
1	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE)
4	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.128.194.224 108.128.194.224	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:10c... 2a02:26f0:10c:396::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
5	54.160.143.236 54.160.143.236	14618 (AMAZON-AES) (AMAZON-AES)
1	92.122.255.233 92.122.255.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	3.221.126.143 3.221.126.143	14618 (AMAZON-AES) (AMAZON-AES)
8	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
3	52.216.27.84 52.216.27.84	16509 (AMAZON-02) (AMAZON-02)
1 1	2a03:2880:f21... 2a03:2880:f21c:81e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f24... 2a03:2880:f246:ca:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
59	19

15 192.0.66.208 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

www.demconvention.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a01:4a0:1338:28::c38a:ff0b (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.194.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-194-224.eu-west-1.compute.amazonaws.com

addevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:396::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.160.143.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-143-236.compute-1.amazonaws.com

cdn.curator.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.122.255.233 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-255-233.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.221.126.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-126-143.compute-1.amazonaws.com

api.curator.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.216.27.84 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

curatorio.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:81e5:face:b00c:0:4420 (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f246:ca:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-hel2-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	demconvention.com www.demconvention.com	730 KB
9	typekit.net use.typekit.net p.typekit.net	179 KB
8	twimg.com pbs.twimg.com	423 KB
6	curator.io cdn.curator.io api.curator.io	86 KB
5	google-analytics.com 1 redirects www.google-analytics.com ssl.google-analytics.com	36 KB
3	amazonaws.com curatorio.s3.amazonaws.com	281 KB
3	addthis.com s7.addthis.com m.addthis.com	114 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
1	cdninstagram.com scontent-hel2-1.cdninstagram.com	96 KB
1	instagram.com 1 redirects www.instagram.com	1 KB
1	doubleclick.net stats.g.doubleclick.net	442 B
1	googleapis.com fonts.googleapis.com	873 B
1	addthisedge.com v1.addthisedge.com	325 B
1	moatads.com z.moatads.com	1 KB
1	youtube.com www.youtube.com
1	addevent.com addevent.com	8 KB
1	googletagmanager.com www.googletagmanager.com	30 KB
59	17

	Domain	Requested by
15	www.demconvention.com	www.demconvention.com
8	pbs.twimg.com
8	use.typekit.net	www.demconvention.com use.typekit.net
5	cdn.curator.io	www.demconvention.com cdn.curator.io
3	curatorio.s3.amazonaws.com
3	www.google-analytics.com	www.googletagmanager.com www.demconvention.com
2	ssl.google-analytics.com	1 redirects www.demconvention.com
2	s7.addthis.com	www.demconvention.com s7.addthis.com
1	scontent-hel2-1.cdninstagram.com
1	www.instagram.com	1 redirects
1	api.curator.io	cdn.curator.io
1	stats.g.doubleclick.net	www.demconvention.com
1	fonts.googleapis.com	www.demconvention.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	pixel.wp.com	www.demconvention.com
1	z.moatads.com	s7.addthis.com
1	p.typekit.net	use.typekit.net
1	www.youtube.com	www.demconvention.com
1	stats.wp.com	www.demconvention.com
1	addevent.com	www.demconvention.com
1	www.googletagmanager.com	www.demconvention.com
59	22

This site contains links to these domains. Also see Links.

Domain
dncstore.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.snapchat.com
www.twitter.com
t.co
wideeye.co
wpvip.com

Subject Issuer	Validity	Valid
demconvention.com Let's Encrypt Authority X3	`2020-08-15` - `2020-11-13`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
addevent.com Amazon	`2020-03-13` - `2021-04-13`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.curator.io Amazon	`2020-04-21` - `2021-05-21`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	a year	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2020-07-09` - `2020-10-07`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.demconvention.com/
Frame ID: 81D0B224D4AB740D79A24D517253E961
Requests: 56 HTTP requests in this frame

Frame: https://www.youtube.com/embed/j578HetKqtQ?feature=oembed
Frame ID: 9C3729CDFC1033A23B1204DFC19643D8
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 3650E059E8E0B3806B88727ED0567791
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: C2EE1EC0E79C8DE7CDD2610752CBB451
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

59
Requests

98 %
HTTPS

58 %
IPv6

17
Domains

22
Subdomains

19
IPs

6
Countries

1989 kB
Transfer

12798 kB
Size

15
Cookies

43 Outgoing links

These are links going to different origins than the main page.

URL: https://dncstore.com/
Title: StoreOpens in a new window

Search URL Search Domain Scan URL

URL: https://www.facebook.com/demconvention
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/DemConvention
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/demconvention/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/demconvention
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/demconvention
Title: Snapchat

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=WfO4jxvcPQM
Title: ASL

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3Dj578HetKqtQ&t=
Title: Share this Video on Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3Dj578HetKqtQ&text=Democratic%20National%20Convention:%20Day%204&via=DemConvention
Title: Share this Video on Twitter

Search URL Search Domain Scan URL

URL: https://www.twitter.com/JoeBiden
Title: Joe Biden

Search URL Search Domain Scan URL

URL: https://twitter.com/search?q=%23DemConvention
Title: #DemConvention

Search URL Search Domain Scan URL

URL: https://t.co/SyIBZuP8mW
Title: https://t.co/SyIBZuP8mW

Search URL Search Domain Scan URL

URL: https://twitter.com/JoeBiden/statuses/1296640164274548737
Title: 1 week ago

Search URL Search Domain Scan URL

URL: https://twitter.com/search?q=%23DemConvention.
Title: #DemConvention.

Search URL Search Domain Scan URL

URL: https://t.co/K6ESiCUYp1
Title: https://t.co/K6ESiCUYp1

Search URL Search Domain Scan URL

URL: https://twitter.com/JoeBiden/statuses/1296609210252304386
Title: 1 week ago

Search URL Search Domain Scan URL

URL: https://www.twitter.com/DemConvention
Title: 2020 #DemConvention ??

Search URL Search Domain Scan URL

URL: https://twitter.com/JoeBiden
Title: @JoeBiden

Search URL Search Domain Scan URL

URL: https://t.co/NEJtNqxFPV
Title: https://t.co/NEJtNqxFPV

Search URL Search Domain Scan URL

URL: https://t.co/TkL0Rx0VzL
Title: https://t.co/TkL0Rx0VzL

Search URL Search Domain Scan URL

URL: https://twitter.com/DemConvention/statuses/1296515508917936130
Title: 1 week ago

Search URL Search Domain Scan URL

URL: https://t.co/MMP6gCDeJS
Title: https://t.co/MMP6gCDeJS

Search URL Search Domain Scan URL

URL: https://twitter.com/JoeBiden/statuses/1296632614636253184
Title: 1 week ago

Search URL Search Domain Scan URL

URL: https://t.co/Vxch9xBxz7
Title: https://t.co/Vxch9xBxz7

Search URL Search Domain Scan URL

URL: https://t.co/xG4JRePFDE
Title: https://t.co/xG4JRePFDE

Search URL Search Domain Scan URL

URL: https://twitter.com/JoeBiden/statuses/1296527421391298560
Title: 1 week ago

Search URL Search Domain Scan URL

URL: https://twitter.com/StaceyAbrams
Title: @StaceyAbrams

Search URL Search Domain Scan URL

URL: https://twitter.com/Tim_Walz
Title: @Tim_Walz

Search URL Search Domain Scan URL

URL: https://twitter.com/AndyBeshearKY
Title: @AndyBeshearKY

Search URL Search Domain Scan URL

URL: https://twitter.com/Tony4WI
Title: @Tony4WI

Search URL Search Domain Scan URL

URL: https://twitter.com/GretchenWhitmer
Title: @GretchenWhitmer

Search URL Search Domain Scan URL

URL: https://twitter.com/search?q=%23DemGovsGetItDone
Title: #DemGovsGetItDone

Search URL Search Domain Scan URL

URL: https://t.co/oFL9su88G4
Title: https://t.co/oFL9su88G4

Search URL Search Domain Scan URL

URL: https://twitter.com/DemConvention/statuses/1296487239984316424
Title: 1 week ago

Search URL Search Domain Scan URL

URL: https://t.co/fRAr5Mijst
Title: https://t.co/fRAr5Mijst

Search URL Search Domain Scan URL

URL: https://twitter.com/JoeBiden/statuses/1296621289935781889
Title: 1 week ago

Search URL Search Domain Scan URL

URL: https://www.facebook.com/search/top/?q=%23DemConvention
Title: #DemConvention

Search URL Search Domain Scan URL

URL: https://www.facebook.com/5550624217/posts/10159352590389218/
Title: 1 week ago

Search URL Search Domain Scan URL

URL: https://www.instagram.com/JoeBiden/
Title: @JoeBiden

Search URL Search Domain Scan URL

URL: https://www.instagram.com/explore/tags/DemConvention./
Title: #DemConvention.

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CEHwXAdgTct/
Title: 1 week ago

Search URL Search Domain Scan URL

URL: https://wideeye.co/
Title: Wide Eye

Search URL Search Domain Scan URL

URL: https://wpvip.com/
Title: WordPress VIP

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1867947003&utmhn=www.demconvention.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=2020%20Democratic%20National%20Convention&utmhid=1247623766&utmr=-&utmp=%2F&utmht=1598606553861&utmac=UA-76676252-1&utmcc=__utma%3D119275804.1253146622.1598606553.1598606554.1598606554.1%3B%2B__utmz%3D119275804.1598606554.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=684111580&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76676252-1&cid=1253146622.1598606553&jid=684111580&_v=5.7.2&z=1867947003

Request Chain 55

https://www.instagram.com/p/CEHwXAdgTct/media/?size=l HTTP 302
https://scontent-hel2-1.cdninstagram.com/v/t51.2885-15/e35/118054820_692608728136029_9097510449946012554_n.jpg?_nc_ht=scontent-hel2-1.cdninstagram.com&_nc_cat=109&_nc_ohc=JZXVyzVEKvQAX8rIhmU&oh=cd228a58489292a9eb9236ec675ee3cd&oe=5F713D33

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.demconvention.com/ 126 KB
29 KB 157ms
46ms Document
text/html 192.0.66.208
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demconvention.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.208 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx / WordPress VIP <https://wpvip.com>
Resource Hash: e014be4ee9aa1f782221f8ba4a2b816b958ddb2bd6a3a02d820b5967d3f19797

Request headers

:method: GET
:authority: www.demconvention.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Fri, 28 Aug 2020 09:22:33 GMT
content-type: text/html; charset=UTF-8
content-length: 29336
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.demconvention.com/wp-json/>; rel="https://api.w.org/" <https://www.demconvention.com/wp-json/wp/v2/pages/41>; rel="alternate"; type="application/json" <https://www.demconvention.com/>; rel=shortlink
content-encoding: gzip
x-rq: fra2 119 78 3128
cache-control: max-age=300, must-revalidate
age: 1770
x-cache: hit
vary: Accept-Encoding
accept-ranges: bytes

GET
H2 200 /
www.demconvention.com/_static/ 685 KB
92 KB 55ms
54ms Stylesheet
text/css 192.0.66.208
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demconvention.com/_static/??-eJx1jkFqw0AMRS9URRjahCxKzzJRZFutZixGGkJ6+o5Nsgi4O/H5X+/hzYCWElwCTdskxZGax5IhbhLBFUbmK5L3PEbwuCv7IUs59OgNd+YuwVbZHXLTEJUytaRA2TE4m6ZgR01rOjF4p9DMtUc8JbqDigfMS5Xf/jcpbsT/YZwqzTCKrqpWF7R2USFM7hy+eb90dtVj5tylrFVTfk4vTfT6wO+NcoOnxTeHJfrZaI97rX/lz+HjfDoez+/D8Afv6YkN
Requested by: Host: www.demconvention.com
URL: https://www.demconvention.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.208 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 679f73616e33ef75ef1925e195a946cbfdff297f16137badf56b44b58f721021

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
content-encoding: gzip
x-rq: fra2 116 182 3080
last-modified: Tue, 18 Aug 2020 00:47:14 GMT
server: nginx
age: 183571
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 94459

GET
H2 200 / Show response
www.demconvention.com/_static/ 188 KB
58 KB 92ms
91ms Script
application/x-javascript 192.0.66.208
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demconvention.com/_static/??-eJylzsEKwjAQBNAfMl0CWulB/JZ2u9oN2yRms4h/b7Beei4MzGV4DLyz44hiMymElpdR+fyrC3qCNsAUK8UKWezJUUFpLLi4B0ul4nJJkG0SRhhVqf6c/WQylrlbOR4QcUlKDdiebdZ9vfnLcO374ex9+AL1EEua
Requested by: Host: www.demconvention.com
URL: https://www.demconvention.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.208 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d508940c51b5d414ceccf6a6bec509c569fe38e42465ba219352a61eebbb743f

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
content-encoding: gzip
x-rq: fra2 112 118 3185
last-modified: Tue, 18 Aug 2020 00:40:01 GMT
server: nginx
age: 183572
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 59220

GET
H2 200 rmt7nyf.css
use.typekit.net/ 15 KB
2 KB 183ms
174ms Stylesheet
text/css 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/rmt7nyf.css

Requested by

Host: www.demconvention.com
URL: https://www.demconvention.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),

Reverse DNS

Software

nginx /

Resource Hash

84a3930a654afdf77ee4098d15777c02bd80a1120acd2fde7798d501da3cff7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200
date: Fri, 28 Aug 2020 09:22:33 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 1448

GET
H2 200 biden_placeholder1.jpg
www.demconvention.com/wp-content/uploads/2020/08/ 24 KB
24 KB 48ms
47ms Image
image/webp 192.0.66.208
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.demconvention.com/wp-content/uploads/2020/08/biden_placeholder1.jpg?resize=640,780
Requested by: Host: www.demconvention.com
URL: https://www.demconvention.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.208 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: afa1250c29715cb0e632bcac7d3f8844026d6cb1f028b1037f8a54c60ffbc103

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
x-rq: fra2 109 28 443
last-modified: Mon, 10 Aug 2020 23:07:26 GMT
server: nginx
etag: "83dc7865c8598522"
vary: Accept
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 24174
expires: Tue, 10 Aug 2021 23:07:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 79 KB
30 KB 23ms
21ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NX528GP

Requested by

Host: www.demconvention.com
URL: https://www.demconvention.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2ea47eb9f3e4a9e1b00fed7bb000e7f3934d6c4cab4b33b9a6b4827f0e903fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30591
x-xss-protection: 0
last-modified: Fri, 28 Aug 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Aug 2020 09:22:33 GMT

GET
H2 200 /
www.demconvention.com/_static/ 131 KB
49 KB 46ms
46ms Stylesheet
text/css 192.0.66.208
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demconvention.com/_static/??-eJyVjkEKwzAMBD9URRjalBxK3yIcJ1GxZRHJhPy+PvQB6XWYHRYPBZaY25wMoxnOZBvHKjYUlqGTG3alA0/iqLmtLIbC8iFY6l4MySz5b8ymmU6oysK9AZnXzf+tLF0DOpLVkq6+gNKyMyjtfu3Qu7zCY3qO43QP4Qs73mI8
Requested by: Host: www.demconvention.com
URL: https://www.demconvention.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.208 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: fd25f4efe7a4f39bf3fca301c8f3c4686519945e26751466d489c5835338ca70

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
content-encoding: gzip
x-rq: fra2 115 223 3081
last-modified: Tue, 18 Aug 2020 00:48:08 GMT
server: nginx
age: 183572
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 49792

GET
H2 200 core.min.js Show response
www.demconvention.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 50ms
48ms Script
application/x-javascript 192.0.66.208
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demconvention.com/wp-includes/js/jquery/ui/core.min.js?m=1597173079g
Requested by: Host: www.demconvention.com
URL: https://www.demconvention.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.208 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 46e6f42a22054a793841935920cbbc723856e339fead50fa33c1f1bb3ec5a251

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
content-encoding: gzip
x-rq: fra2 118 22 3133
last-modified: Tue, 11 Aug 2020 19:11:28 GMT
server: nginx
age: 183572
etag: W/"5f32ed60-f5b"
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1814
expires: Sat, 28 Aug 2021 09:22:33 GMT

GET
H2 200 datepicker.min.js Show response
www.demconvention.com/wp-includes/js/jquery/ui/ 36 KB
11 KB 51ms
49ms Script
application/x-javascript 192.0.66.208
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demconvention.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
Requested by: Host: www.demconvention.com
URL: https://www.demconvention.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.208 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 79d249bab4461fa4adc1fab32de3371bf64689f83b9d77929279fc7e4af7d929

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
content-encoding: gzip
x-rq: fra2 116 149 3121
last-modified: Wed, 29 Apr 2020 18:56:24 GMT
server: nginx
age: 6883790
etag: W/"5ea9cdd8-8e1c"
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10955
expires: Sat, 28 Aug 2021 09:22:33 GMT

GET
H2 200 / Show response
www.demconvention.com/_static/ 585 KB
177 KB 53ms
51ms Script
application/x-javascript 192.0.66.208
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demconvention.com/_static/??-eJyl0N0KwjAMBeAXsgsDnexCfJb+ZK6zTUvS6utbBAWHCOp1zsc5BK5ZebKhOhRYBCo5ZLGJsYueukU2sEoYbc8m0cvdJipIBXKoJ08C5GnRakocBbQIlrtsACZuUYXklMMsf/g1LTPGNjBXzgEfyFQfHFxaPLG8G/xBmfaKgEoH5PIljVoK8m99M2r3tMd46HfjfhjGbd8vN9i8n5E=
Requested by: Host: www.demconvention.com
URL: https://www.demconvention.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.208 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e1f7b5b727a8c4152f4369dcfffbfc4fd52a4cd56194c7b84f1f2fd6ba454ab2

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
content-encoding: gzip
x-rq: fra2 119 73 3273
last-modified: Tue, 18 Aug 2020 00:48:04 GMT
server: nginx
age: 183572
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 180462

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 151ms
51ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js?ver=1598604840

Requested by

Host: www.demconvention.com
URL: https://www.demconvention.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
date: Fri, 28 Aug 2020 09:22:33 GMT
x-host: s7.addthis.com
content-length: 116324

GET
H/1.1 200
OK atc.min.js Show response
addevent.com/libs/atc/1.6.1/ 31 KB
8 KB 270ms
68ms Script
text/javascript 108.128.194.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://addevent.com/libs/atc/1.6.1/atc.min.js?ver=1598604840

Requested by

Host: www.demconvention.com
URL: https://www.demconvention.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.194.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-194-224.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ce91f5b5be9bdfa865d86c8a3ab6e14fee3513d78c6ff0dc22c0bcc743c441a9

Security Headers

Name	Value
X-Content-Security-Policy	allow 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 28 Aug 2020 09:22:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 7798
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 13 Aug 2020 17:32:56 GMT
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public, must-revalidate
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
X-Content-Security-Policy: allow 'self';

GET
H2 200 / Show response
www.demconvention.com/_static/ 24 KB
6 KB 64ms
63ms Script
application/x-javascript 192.0.66.208
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demconvention.com/_static/??-eJyFzEEKgCAQQNELZYNQhovoLFIaIzqKM9L1qwvU+vMfXFXthcSTQE39RGIgpOhUKC3z2w4ULOQSg2P2whAZMhKE9nzK0zFGHuDHyT0JquqafChbXvVsF2PspHW8Af4MORU=
Requested by: Host: www.demconvention.com
URL: https://www.demconvention.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.208 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3fd29baee334a13d54d6708216f04ba62b3a0a08b0bfac73c5acf7f2be21123

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
content-encoding: gzip
x-rq: fra2 117 248 3216
last-modified: Tue, 18 Aug 2020 00:37:12 GMT
server: nginx
age: 183572
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6138

GET
H2 200 e-202035.js Show response
stats.wp.com/ 9 KB
3 KB 154ms
53ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202035.js
Requested by: Host: www.demconvention.com
URL: https://www.demconvention.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
expires: Sun, 15 Aug 2021 00:39:54 GMT

GET
H2 200 j578HetKqtQ
www.youtube.com/embed/ Frame 9C37 0
0 120ms
108ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/j578HetKqtQ?feature=oembed

Requested by

Host: www.demconvention.com
URL: https://www.demconvention.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/j578HetKqtQ?feature=oembed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.demconvention.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.demconvention.com/

Response headers

status: 200
strict-transport-security: max-age=31536000
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-encoding: br
cache-control: no-cache
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-length: 10648
date: Fri, 28 Aug 2020 09:22:33 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=A3WMEwuCliM; path=/; domain=.youtube.com; secure; expires=Wed, 24-Feb-2021 09:22:33 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=A3WMEwuCliM; path=/; domain=.youtube.com; secure; expires=Wed, 24-Feb-2021 09:22:33 GMT; httponly; samesite=None YSC=ZEZCUDb_xWs; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 28-Aug-2020 09:52:33 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NX528GP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 413
date: Fri, 28 Aug 2020 09:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Fri, 28 Aug 2020 11:15:40 GMT

GET
H2 200 D20_StreamingThumbnail_Youtube_main_4.png
www.demconvention.com/wp-content/uploads/2020/08/ 105 KB
106 KB 49ms
49ms Image
image/webp 192.0.66.208
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.demconvention.com/wp-content/uploads/2020/08/D20_StreamingThumbnail_Youtube_main_4.png?resize=780,520
Requested by: Host: www.demconvention.com
URL: https://www.demconvention.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.208 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c10d1b574052379de620984927b4481c920dd2d8c7737b5823e894cb7cbff010

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
x-rq: fra2 109 139 443
last-modified: Thu, 20 Aug 2020 11:17:50 GMT
server: nginx
etag: "7e9137c5eaf0b162"
vary: Accept
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 107874
expires: Fri, 20 Aug 2021 11:17:50 GMT

GET
H2 200 fontawesome-webfont.woff2
www.demconvention.com/wp-content/themes/purple/assets/fonts/ 70 KB
70 KB 52ms
52ms Font
application/font-woff2 192.0.66.208
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demconvention.com/wp-content/themes/purple/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.demconvention.com
URL: https://www.demconvention.com/_static/??-eJx1jkFqw0AMRS9URRjahCxKzzJRZFutZixGGkJ6+o5Nsgi4O/H5X+/hzYCWElwCTdskxZGax5IhbhLBFUbmK5L3PEbwuCv7IUs59OgNd+YuwVbZHXLTEJUytaRA2TE4m6ZgR01rOjF4p9DMtUc8JbqDigfMS5Xf/jcpbsT/YZwqzTCKrqpWF7R2USFM7hy+eb90dtVj5tylrFVTfk4vTfT6wO+NcoOnxTeHJfrZaI97rX/lz+HjfDoez+/D8Afv6YkN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.208 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Origin: https://www.demconvention.com
Referer: https://www.demconvention.com/_static/??-eJx1jkFqw0AMRS9URRjahCxKzzJRZFutZixGGkJ6+o5Nsgi4O/H5X+/hzYCWElwCTdskxZGax5IhbhLBFUbmK5L3PEbwuCv7IUs59OgNd+YuwVbZHXLTEJUytaRA2TE4m6ZgR01rOjF4p9DMtUc8JbqDigfMS5Xf/jcpbsT/YZwqzTCKrqpWF7R2USFM7hy+eb90dtVj5tylrFVTfk4vTfT6wO+NcoOnxTeHJfrZaI97rX/lz+HjfDoez+/D8Afv6YkN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
x-rq: fra2 119 78 3128
last-modified: Mon, 17 Aug 2020 13:03:31 GMT
server: nginx
age: 1016
etag: "5f3a8023-118d8"
x-cache: hit
content-type: application/font-woff2
status: 200
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 71896
expires: Sat, 28 Aug 2021 09:22:33 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/r/ 35 B
79 B 14ms
14ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1247623766&t=pageview&_s=1&dl=https%3A%2F%2Fwww.demconvention.com%2F&ul=en-us&de=UTF-8&dt=2020%20Democratic%20National%20Convention&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=2104586552&gjid=455946328&cid=1253146622.1598606553&tid=UA-158183866-2&_gid=733509741.1598606553&_r=1&gtm=2wg8j2NX528GP&z=1445047416

Requested by

Host: www.demconvention.com
URL: https://www.demconvention.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Aug 2020 09:22:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 7ms
6ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=1247623766&t=pageview&_s=1&dl=https%3A%2F%2Fwww.demconvention.com%2F&ul=en-us&de=UTF-8&dt=2020%20Democratic%20National%20Convention&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEAB~&jid=&gjid=&cid=1253146622.1598606553&tid=UA-158183866-2&_gid=733509741.1598606553&gtm=2wg8j2NX528GP&z=1218089074

Requested by

Host: www.demconvention.com
URL: https://www.demconvention.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Aug 2020 14:01:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1452088
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
149 B 29ms
9ms Stylesheet
text/css 2a02:26f0:10c:396::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=rmt7nyf&ht=tk&f=39488.39489.39490.39491.39492.39493.39494.39495.39496.39497.39498.39499.39500.39501.39502.39503.39504.39505.39506.39507.39508.39509&a=354400&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rmt7nyf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:396::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/rmt7nyf.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
last-modified: Wed, 24 Jun 2020 21:03:30 GMT
server: nginx
etag: "5ef3bfa2-5"
status: 200
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5

GET
H2 200 l
use.typekit.net/af/d562ce/00000000000000003b9b204c/27/ 25 KB
25 KB 17ms
9ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d562ce/00000000000000003b9b204c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rmt7nyf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1f86855eed5dfa085ca62ef7a301e94d1f82c34f426ddfd54fe66b15d632db90

Request headers

Origin: https://www.demconvention.com
Referer: https://use.typekit.net/rmt7nyf.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
server: nginx
etag: "79b73a8b60023503d1f34e07b81f37976902b3f9"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 25780

GET
H2 200 l
use.typekit.net/af/1285d2/00000000000000003b9b2050/27/ 26 KB
26 KB 61ms
53ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1285d2/00000000000000003b9b2050/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rmt7nyf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: d2890a7571c76cb78d37cfab9683ff6ce30fbc24fc12081c6b1b8fe7aa3624f2

Request headers

Origin: https://www.demconvention.com
Referer: https://use.typekit.net/rmt7nyf.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
server: nginx
etag: "e68101615fe9bc1349a450cd234730437a1cabb7"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 26280

GET
H2 200 l
use.typekit.net/af/abbb5b/00000000000000003b9b2054/27/ 27 KB
27 KB 98ms
91ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/abbb5b/00000000000000003b9b2054/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rmt7nyf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 99d9ff2aef8cda6a27e1246b4267347520f2b115b72bd0bf61b547f718effdf6

Request headers

Origin: https://www.demconvention.com
Referer: https://use.typekit.net/rmt7nyf.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
server: nginx
etag: "30eac03d4fed943e8e8321fd67359d6ebd846789"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 27776

GET
H2 200 l
use.typekit.net/af/28f000/00000000000000003b9b2048/27/ 23 KB
23 KB 48ms
48ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/28f000/00000000000000003b9b2048/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rmt7nyf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 21401cceea1bdefe201130dd7544e61fe474be3769631cc0d51c1d0a0dca0c44

Request headers

Origin: https://www.demconvention.com
Referer: https://use.typekit.net/rmt7nyf.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
server: nginx
etag: "5d5df1b25290dc82b22a668f0395604299f16750"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 23180

GET
H2 200 l
use.typekit.net/af/8a200c/00000000000000003b9b204a/27/ 24 KB
24 KB 5ms
5ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8a200c/00000000000000003b9b204a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rmt7nyf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 6a3ca54f77d4efa225bb8d473c8460fd76c1fd1be46e58c6ea069e6780bafaa9

Request headers

Origin: https://www.demconvention.com
Referer: https://use.typekit.net/rmt7nyf.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
server: nginx
etag: "98e94e3a4f18a4bde13fe394b9115dd62fc5445b"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 24444

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 20ms
5ms Script
text/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.demconvention.com
URL: https://www.demconvention.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3882
date: Fri, 28 Aug 2020 08:17:51 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 28 Aug 2020 10:17:51 GMT

GET
H2 200 1893c26e-6536-4d53-bbdc-8e184d5b4746.js Show response
cdn.curator.io/published/ 2 KB
1 KB 414ms
132ms Script
application/javascript 54.160.143.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.curator.io/published/1893c26e-6536-4d53-bbdc-8e184d5b4746.js
Requested by: Host: www.demconvention.com
URL: https://www.demconvention.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.143.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-143-236.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 536b3acd2449d15d4dcc8618910443498b63464d7c3f8dcfe7a2d44093d57663

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
content-encoding: gzip
last-modified: Mon, 29 Jun 2020 19:29:35 GMT
server: nginx
status: 200
etag: W/"5efa411f-99e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *

GET
H2 200 fontawesome-webfont.woff2
www.demconvention.com/wp-content/plugins/ninja-forms/assets/fonts/ 65 KB
65 KB 201ms
200ms Font
application/font-woff2 192.0.66.208
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demconvention.com/wp-content/plugins/ninja-forms/assets/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: www.demconvention.com
URL: https://www.demconvention.com/_static/??-eJyVjkEKwzAMBD9URRjalBxK3yIcJ1GxZRHJhPy+PvQB6XWYHRYPBZaY25wMoxnOZBvHKjYUlqGTG3alA0/iqLmtLIbC8iFY6l4MySz5b8ymmU6oysK9AZnXzf+tLF0DOpLVkq6+gNKyMyjtfu3Qu7zCY3qO43QP4Qs73mI8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.208 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Origin: https://www.demconvention.com
Referer: https://www.demconvention.com/_static/??-eJyVjkEKwzAMBD9URRjalBxK3yIcJ1GxZRHJhPy+PvQB6XWYHRYPBZaY25wMoxnOZBvHKjYUlqGTG3alA0/iqLmtLIbC8iFY6l4MySz5b8ymmU6oysK9AZnXzf+tLF0DOpLVkq6+gNKyMyjtfu3Qu7zCY3qO43QP4Qs73mI8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
age: 0
x-cache: miss
status: 200
content-length: 66624
x-rq: fra2 113 150 3260
last-modified: Tue, 18 Aug 2020 00:38:34 GMT
server: nginx
etag: "5f3b230a-10440"
vary: X-Mobile-Class, X-Query-Args, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Aug 2021 09:22:33 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 191ms
62ms Script
application/x-javascript 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=1598604840
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 61EC92F13BB22DD4
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21189
accept-ranges: bytes
content-length: 948
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 65ms
62ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A8.8.2&blog=174012960&post=41&tz=-5&srv=www.demconvention.com&host=www.demconvention.com&ref=&fcp=604&rand=0.7209926452502577
Requested by: Host: www.demconvention.com
URL: https://www.demconvention.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 28 Aug 2020 09:22:33 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-51c770552f90ce31/ 166 B
325 B 141ms
139ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-51c770552f90ce31/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=1598604840
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
content-encoding: gzip
etag: 659743217
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=11, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 154

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 148ms
146ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5f48ccd9a2d42963&bkl=0&bl=1&pdt=191&sid=5f48ccd9a2d42963&pub=ra-51c770552f90ce31&rev=v8.28.7-wp&ln=en&pc=men&cb=0&ab=-&dp=www.demconvention.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1598606553715&jsl=33&uvs=5f48ccd940c30a70000&skipb=1&callback=addthis.cbs.jsonp__49117230567798910
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=1598604840
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1a95e91d5e78738a5d50e9b41f5bd26430b86e1de14ca169bee9b979c9f46e0c

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Fri, 28 Aug 2020 09:22:33 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 3650 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame C2EE 0
0 52ms
51ms Document
text/html 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=1598604840

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.demconvention.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.demconvention.com/

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 09 Sep 2019 15:34:57 GMT
etag: W/"5d767121-1115f"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 25412
date: Fri, 28 Aug 2020 09:22:33 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 l
use.typekit.net/af/9395af/00000000000000003b9b2046/27/ 24 KB
24 KB 38ms
37ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9395af/00000000000000003b9b2046/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rmt7nyf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: ee9cd51774e3ce4eccd91266a76587108f800f7c5ed047c573db7fe35783a264

Request headers

Origin: https://www.demconvention.com
Referer: https://use.typekit.net/rmt7nyf.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
server: nginx
etag: "19de6d6ee3080011144f46822cf6f3ef40f2c6a8"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 24788

GET
H2 200 css
fonts.googleapis.com/ 7 KB
873 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600

Requested by

Host: www.demconvention.com
URL: https://www.demconvention.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e757953a1fdf109e10ae7a38bf78632a0010e7ce1f2805e159f44d847de719fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Aug 2020 08:55:59 GMT
server: ESF
date: Fri, 28 Aug 2020 09:22:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Aug 2020 09:22:33 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1867947003&utmhn=www.demconvention.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76676252-1&cid=1253146622.1598606553&jid=684111580&_v=5.7.2&z=1867947003

35 B
442 B

44ms
15ms

Image
image/gif

2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76676252-1&cid=1253146622.1598606553&jid=684111580&_v=5.7.2&z=1867947003

Requested by

Host: www.demconvention.com
URL: https://www.demconvention.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 28 Aug 2020 09:22:33 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Aug 2020 09:22:33 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76676252-1&cid=1253146622.1598606553&jid=684111580&_v=5.7.2&z=1867947003
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 370
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 DNCC_P4_Topper-Video.mp4
www.demconvention.com/wp-content/uploads/2020/08/ 80 KB
0 49ms
46ms Media
video/mp4 192.0.66.208
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demconvention.com/wp-content/uploads/2020/08/DNCC_P4_Topper-Video.mp4
Requested by: Host: www.demconvention.com
URL: https://www.demconvention.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.208 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.demconvention.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
x-rq: fra2 109 84 443
last-modified: Mon, 10 Aug 2020 20:29:32 GMT
server: nginx
etag: "4d0a151deec698cf"
x-cache: HIT
content-type: video/mp4
status: 206
cache-control: max-age=2592000
Content-Range: bytes 0-14329189/14329190
Content-Length: 14329190
expires: Tue, 10 Aug 2021 20:38:04 GMT

GET
H2 200 curator.css
cdn.curator.io/4.0/css/ 72 KB
11 KB 136ms
136ms Stylesheet
text/css 54.160.143.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.curator.io/4.0/css/curator.css
Requested by: Host: cdn.curator.io
URL: https://cdn.curator.io/published/1893c26e-6536-4d53-bbdc-8e184d5b4746.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.143.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-143-236.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6fbc06d9fa3288d69c54cdb7f7cea47644d89cef612f88a900afddd1597b28c2

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
content-encoding: gzip
last-modified: Tue, 09 Jun 2020 04:52:59 GMT
server: nginx
status: 200
etag: W/"5edf15ab-1213a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *

GET
H2 206 DNCC_P4_Topper-Video.mp4
www.demconvention.com/wp-content/uploads/2020/08/ 41 KB
41 KB 58ms
58ms Media
video/mp4 192.0.66.208
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demconvention.com/wp-content/uploads/2020/08/DNCC_P4_Topper-Video.mp4
Requested by: Host: www.demconvention.com
URL: https://www.demconvention.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.208 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: b0a2f758bb7bfb18c9940b81292b12a92d34101b46e37226ec561c4e0c8d75c9

Request headers

Referer: https://www.demconvention.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=14286848-

Response headers

date: Fri, 28 Aug 2020 09:22:33 GMT
x-rq: fra2 109 84 443
last-modified: Mon, 10 Aug 2020 20:29:32 GMT
server: nginx
etag: "4d0a151deec698cf"
x-cache: HIT
content-type: video/mp4
status: 206
cache-control: max-age=2592000
Content-Range: bytes 14286848-14329189/14329190
Content-Length: 42342
expires: Tue, 10 Aug 2021 20:38:04 GMT

GET
H2 206 DNCC_P4_Topper-Video.mp4
www.demconvention.com/wp-content/uploads/2020/08/ 9 MB
0 46ms
46ms Media
video/mp4 192.0.66.208
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demconvention.com/wp-content/uploads/2020/08/DNCC_P4_Topper-Video.mp4
Requested by: Host: www.demconvention.com
URL: https://www.demconvention.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.208 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.demconvention.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=65536-

Response headers

date: Fri, 28 Aug 2020 09:22:34 GMT
x-rq: fra2 109 84 443
last-modified: Mon, 10 Aug 2020 20:29:32 GMT
server: nginx
etag: "4d0a151deec698cf"
x-cache: HIT
content-type: video/mp4
status: 206
cache-control: max-age=2592000
Content-Range: bytes 65536-14329189/14329190
Content-Length: 14263654
expires: Tue, 10 Aug 2021 20:38:04 GMT

GET
H2 200 1893c26e-6536-4d53-bbdc-8e184d5b4746.css
cdn.curator.io/published-css/ 109 B
304 B 133ms
133ms Stylesheet
text/css 54.160.143.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.curator.io/published-css/1893c26e-6536-4d53-bbdc-8e184d5b4746.css
Requested by: Host: cdn.curator.io
URL: https://cdn.curator.io/published/1893c26e-6536-4d53-bbdc-8e184d5b4746.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.143.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-143-236.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8a78cd73edac9a080607a038966f503144e98ba7b61b439ef91890cab0d9da08

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:34 GMT
content-encoding: gzip
last-modified: Mon, 29 Jun 2020 19:29:36 GMT
server: nginx
status: 200
etag: W/"5efa4120-6d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *

GET
H2 200 curator.embed.min.js Show response
cdn.curator.io/4.0/js/ 273 KB
62 KB 370ms
369ms Script
application/javascript 54.160.143.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.curator.io/4.0/js/curator.embed.min.js
Requested by: Host: cdn.curator.io
URL: https://cdn.curator.io/published/1893c26e-6536-4d53-bbdc-8e184d5b4746.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.143.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-143-236.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 83e274f23f2716e6b4fa11cfc4be2809def8e7a98f960da4620c152b36058989

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:34 GMT
content-encoding: gzip
last-modified: Tue, 09 Jun 2020 04:53:03 GMT
server: nginx
status: 200
etag: W/"5edf15af-4426d"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *

GET
H2 200 posts Show response
api.curator.io/restricted/feeds/1893c26e-6536-4d53-bbdc-8e184d5b4746/ 15 KB
3 KB 418ms
156ms XHR
application/json 3.221.126.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.curator.io/restricted/feeds/1893c26e-6536-4d53-bbdc-8e184d5b4746/posts?limit=9&hasPoweredBy=false&version=4.0
Requested by: Host: cdn.curator.io
URL: https://cdn.curator.io/4.0/js/curator.embed.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.126.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-126-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 728cfe0cf155d91714f22f706989aadaf82509c0868710ac25defd8f4a896f68

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:35 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private

GET
H2 200 crt-icon.woff2
cdn.curator.io/4.0/fonts/ 8 KB
9 KB 406ms
139ms Font
font/woff2 54.160.143.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.curator.io/4.0/fonts/crt-icon.woff2?32623403
Requested by: Host: cdn.curator.io
URL: https://cdn.curator.io/4.0/css/curator.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.143.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-143-236.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4c645066ca3a11ca4bfa58b72a71fd93fa3fa222d40e5c4759e6e771b6f2b784

Request headers

Origin: https://www.demconvention.com
Referer: https://cdn.curator.io/4.0/css/curator.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:35 GMT
last-modified: Fri, 08 May 2020 22:30:01 GMT
server: nginx
etag: "5eb5dd69-21a0"
status: 200
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8608

GET
H2 200 l
use.typekit.net/af/032bac/00000000000000003b9b2051/27/ 27 KB
27 KB 39ms
38ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/032bac/00000000000000003b9b2051/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rmt7nyf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: db372087e68fb0ee411bd24b71538a22ca5169431f7c2887e4ef851527c8d3de

Request headers

Origin: https://www.demconvention.com
Referer: https://use.typekit.net/rmt7nyf.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:35 GMT
server: nginx
etag: "9ecf4e8a8300341e5a370de479d1f3a64fcff2de"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 27780

GET
H2 200 Dz0jfTcdzTHgc0_E.jpg:medium
pbs.twimg.com/amplify_video_thumb/1296518120706891776/img/ 114 KB
114 KB 33ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/amplify_video_thumb/1296518120706891776/img/Dz0jfTcdzTHgc0_E.jpg:medium

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A8) /

Resource Hash

65725ea0389b3218ae684c794bd6577f67e83b33423ffa39014536c124a7e4c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:35 GMT
x-content-type-options: nosniff
age: 22809
x-cache: HIT
status: 200
content-length: 116889
x-response-time: 120
surrogate-key: amplify_video_thumb amplify_video_thumb/bucket/8 amplify_video_thumb/1296518120706891776
last-modified: Thu, 20 Aug 2020 18:41:02 GMT
server: ECS (fcn/41A8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 61f82ad33ddeec2b1856ef652809c2f5
accept-ranges: bytes

GET
H2 200 hHLf-P8l_normal.jpg
pbs.twimg.com/profile_images/1276548577058344960/ 2 KB
2 KB 32ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1276548577058344960/hHLf-P8l_normal.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A0) /

Resource Hash

7f7cedc6ca9eb8bbebe7e6889a3f119d3130ab9fff511de481991d00e3da9836

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:35 GMT
x-content-type-options: nosniff
age: 580174
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/7 profile_images/1276548577058344960
last-modified: Fri, 26 Jun 2020 16:09:12 GMT
server: ECS (fcn/41A0)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8aabf939c6943b0c3412db2f9fc58c15
accept-ranges: bytes

GET
H2 200 Ef4TqvHWoAUBTfK.jpg:medium
pbs.twimg.com/media/ 61 KB
61 KB 47ms
22ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ef4TqvHWoAUBTfK.jpg:medium

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418A) /

Resource Hash

27308631a7c402f6d193e891ae0459384802c85747033ad720701f8d69924cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:35 GMT
x-content-type-options: nosniff
age: 25267
x-cache: HIT
status: 200
content-length: 62461
x-response-time: 119
surrogate-key: media media/bucket/5 media/1296495367652024325
last-modified: Thu, 20 Aug 2020 17:10:38 GMT
server: ECS (fcn/418A)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 84f666db66d30d11223eff2ad9541ca2
accept-ranges: bytes

GET
H2 200 Ef6FlgvXYAEgvPO.jpg:medium
pbs.twimg.com/media/ 66 KB
66 KB 47ms
23ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ef6FlgvXYAEgvPO.jpg:medium

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B0) /

Resource Hash

7aada3ce1996868aa38b19ba1589077a21a6ea1d199eaf2e799b9c4c43a8dfe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:35 GMT
x-content-type-options: nosniff
age: 25612
x-cache: HIT
status: 200
content-length: 67759
x-response-time: 118
surrogate-key: media media/bucket/9 media/1296620622219534337
last-modified: Fri, 21 Aug 2020 01:28:21 GMT
server: ECS (fcn/40B0)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a8373ebf3b8205816e9c8efd509b33ea
accept-ranges: bytes

GET
H2 200 Ef4wPX6XsAAeV4F.jpg:medium
pbs.twimg.com/media/ 85 KB
85 KB 47ms
23ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ef4wPX6XsAAeV4F.jpg:medium

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419B) /

Resource Hash

2e9edbd71ae7588b4b478bc108ea2ff89b94661431b9bd9b65efb37dfbdd3649

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:35 GMT
x-content-type-options: nosniff
age: 50465
x-cache: HIT
status: 200
content-length: 86542
x-response-time: 114
surrogate-key: media media/bucket/0 media/1296526783404290048
last-modified: Thu, 20 Aug 2020 19:15:28 GMT
server: ECS (fcn/419B)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3daed84116b504c62159130ae8f5a355
accept-ranges: bytes

GET
H/1.1 200
OK 126225092.png
curatorio.s3.amazonaws.com/1893c26e-6536-4d53-bbdc-8e184d5b4746/ 253 KB
254 KB 556ms
151ms Image
image/png 52.216.27.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://curatorio.s3.amazonaws.com/1893c26e-6536-4d53-bbdc-8e184d5b4746/126225092.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.27.84 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e8de3af5c308ccf8258354397a6d9ee21dd21d0cf67abc558fc8fa740b4def51

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 28 Aug 2020 09:22:36 GMT
Last-Modified: Thu, 20 Aug 2020 23:06:26 GMT
Server: AmazonS3
x-amz-request-id: E7F969733E641871
ETag: "68b7d31487ed839e11d58642f1ffb5bf"
Content-Type: image/png
x-amz-storage-class: INTELLIGENT_TIERING
Accept-Ranges: bytes
Content-Length: 259581
x-amz-id-2: wW/m0XVpNg3qTmiZnGwhmBVb26DDcp9+79qNd7pWJkAnVge0v2UZQUQ8ikRi8Q45qf8rZM0e2i4=

GET
H/1.1 200
OK 126225092_user_image.png
curatorio.s3.amazonaws.com/1893c26e-6536-4d53-bbdc-8e184d5b4746/ 4 KB
5 KB 565ms
158ms Image
image/png 52.216.27.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://curatorio.s3.amazonaws.com/1893c26e-6536-4d53-bbdc-8e184d5b4746/126225092_user_image.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.27.84 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7841a01475c82365dd28e0263655f0fa44b270d581b31e4fba29972409be4f77

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 28 Aug 2020 09:22:36 GMT
Last-Modified: Thu, 27 Aug 2020 23:15:08 GMT
Server: AmazonS3
x-amz-request-id: 8D37B2E005463FA4
ETag: "f33fbe57845afa6e8ffe7874c2b44470"
Content-Type: image/png
x-amz-storage-class: INTELLIGENT_TIERING
Accept-Ranges: bytes
Content-Length: 4547
x-amz-id-2: lg7l/5++CkUztDCVH+8QZaFvAkyBSovDBV4USmDr8Mquw7oex0a98/OqqPShI3QBiaSVY5I+sv8=

GET
H2 200 Ef4l68JXYAAL7Kw.jpg:medium
pbs.twimg.com/tweet_video_thumb/ 44 KB
45 KB 47ms
23ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/Ef4l68JXYAAL7Kw.jpg:medium

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40EA) /

Resource Hash

1f16c897ef650c8116787863739e1d02e6d369c444483798b5a98c568679a292

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:35 GMT
x-content-type-options: nosniff
age: 49620
x-cache: HIT
status: 200
content-length: 45520
x-response-time: 123
surrogate-key: tweet_video_thumb tweet_video_thumb/bucket/4 tweet_video_thumb/1296515437237329920
last-modified: Thu, 20 Aug 2020 18:30:22 GMT
server: ECS (fcn/40EA)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a2f7ad385d7e4cb6ee1ba52d660a8ea8
accept-ranges: bytes

GET
H2 200 O1qGUS01_normal.jpg
pbs.twimg.com/profile_images/1231978498023215104/ 2 KB
2 KB 16ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1231978498023215104/O1qGUS01_normal.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418F) /

Resource Hash

1f05a6aa188eba38746dadaf8e5cc9a5a7cb146a0461752462a0ac0cddb2f424

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:35 GMT
x-content-type-options: nosniff
age: 252045
x-cache: HIT
status: 200
content-length: 1883
x-response-time: 115
surrogate-key: profile_images profile_images/bucket/6 profile_images/1231978498023215104
last-modified: Mon, 24 Feb 2020 16:23:37 GMT
server: ECS (fcn/418F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 90d0bfdade9dd7fdd8335a76d744fe41
accept-ranges: bytes

GET
H2

200

118054820_692608728136029_9097510449946012554_n.jpg
scontent-hel2-1.cdninstagram.com/v/t51.2885-15/e35/
Redirect Chain

https://www.instagram.com/p/CEHwXAdgTct/media/?size=l
https://scontent-hel2-1.cdninstagram.com/v/t51.2885-15/e35/118054820_692608728136029_9097510449946012554_n.jpg?_nc_ht=scontent-hel2-1.cdninstagram.com&_nc_cat=109&_nc_ohc=JZXVyzVEKvQAX8rIhmU&oh=cd2...

96 KB
96 KB

99ms
33ms

Image
image/jpeg

2a03:2880:f246:ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-hel2-1.cdninstagram.com/v/t51.2885-15/e35/118054820_692608728136029_9097510449946012554_n.jpg?_nc_ht=scontent-hel2-1.cdninstagram.com&_nc_cat=109&_nc_ohc=JZXVyzVEKvQAX8rIhmU&oh=cd228a58489292a9eb9236ec675ee3cd&oe=5F713D33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f246:ca:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 7d6d4b1d5980d29b3cff7971e1e33680474107d3583dc7737536ea4a2b5c691c

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 1491771822
date: Fri, 28 Aug 2020 09:22:35 GMT
x-fb-trip-id: 382461245
last-modified: Thu, 20 Aug 2020 18:27:49 GMT
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-needle-checksum: 958654090
x-fb-config-version-olb-prod: 894
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 97923

Redirect headers

date: Fri, 28 Aug 2020 09:22:35 GMT
x-content-type-options: nosniff
x-aed: 16
status: 302
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-trip-id: 1679558926
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-frame-options: SAMEORIGIN
x-ig-push-state: c2
strict-transport-security: max-age=31536000
content-language: en
location: https://scontent-hel2-1.cdninstagram.com/v/t51.2885-15/e35/118054820_692608728136029_9097510449946012554_n.jpg?_nc_ht=scontent-hel2-1.cdninstagram.com&_nc_cat=109&_nc_ohc=JZXVyzVEKvQAX8rIhmU&oh=cd228a58489292a9eb9236ec675ee3cd&oe=5F713D33
vary: Accept-Language, Cookie
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
access-control-expose-headers: X-IG-Set-WWW-Claim

GET
H/1.1 200
OK 126224988_user_image.jpg
curatorio.s3.amazonaws.com/1893c26e-6536-4d53-bbdc-8e184d5b4746/ 22 KB
23 KB 565ms
156ms Image
image/jpeg 52.216.27.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://curatorio.s3.amazonaws.com/1893c26e-6536-4d53-bbdc-8e184d5b4746/126224988_user_image.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.27.84 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 34a1a51e5dbc558bf160fe3ed6d3fcf5d2ddf0625e98063992e13689f595599a

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 28 Aug 2020 09:22:36 GMT
Last-Modified: Thu, 27 Aug 2020 23:59:08 GMT
Server: AmazonS3
x-amz-request-id: CWDV6G7M1W7K0Z5R
ETag: "aeeab299f1453616fe1836abb3b83bcd"
Content-Type: image/jpeg
x-amz-storage-class: INTELLIGENT_TIERING
Accept-Ranges: bytes
Content-Length: 22838
x-amz-id-2: s/uku51N5KttiSVxfZiKCuFF5Fj5q2LIbGh77jqXJjUjh6R9acdoyEpX08nh0hSzqaW2Sq5Jx9s=

GET
H2 200 Ef4L8_5WsAUZmVf.png:medium
pbs.twimg.com/media/ 47 KB
47 KB 15ms
15ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ef4L8_5WsAUZmVf.png:medium

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D8) /

Resource Hash

bc5e800396cae661af01d2c39b8029ee42731ab4b36cc5ea56282bc31fb5a41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.demconvention.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 09:22:35 GMT
x-content-type-options: nosniff
age: 52958
x-cache: HIT
status: 200
content-length: 47857
x-response-time: 121
surrogate-key: media media/bucket/4 media/1296486885301334021
last-modified: Thu, 20 Aug 2020 16:36:55 GMT
server: ECS (fcn/41D8)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 24a9d64001899919c8852614ea63492d
accept-ranges: bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.addthis.com/	1970-01-19 21:33:40	Name: loc Value: MDAwMDBFVVBMMTIyMzAxMTk5OTAwMDAwMDBDSA==
.addthis.com/	1970-01-19 21:33:40	Name: uvc Value: 1%7C35
.youtube.com/	1970-01-19 16:22:38	Name: VISITOR_INFO1_LIVE Value: A3WMEwuCliM
.demconvention.com/	1970-01-19 12:03:27	Name: __utmt Value: 1
.demconvention.com/	1970-01-19 14:13:02	Name: _gcl_au Value: 1.1.526038149.1598606553
.demconvention.com/	1970-01-19 16:26:14	Name: __utmz Value: 119275804.1598606554.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
www.demconvention.com/	1970-01-19 12:03:28	Name: __atuvs Value: 5f48ccd940c30a70000
www.demconvention.com/	1970-01-19 21:33:40	Name: __atuvc Value: 1%7C35
.demconvention.com/	1970-01-20 05:34:38	Name: _ga Value: GA1.2.1253146622.1598606553
.demconvention.com/	1970-01-19 12:03:26	Name: _gat_UA-158183866-2 Value: 1
.demconvention.com/	1969-12-31 23:59:59	Name: __utmc Value: 119275804
.demconvention.com/	1970-01-19 12:04:52	Name: _gid Value: GA1.2.733509741.1598606553
.demconvention.com/	1970-01-19 12:03:28	Name: __utmb Value: 119275804.1.10.1598606554
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ZEZCUDb_xWs
.demconvention.com/	1970-01-20 05:34:38	Name: __utma Value: 119275804.1253146622.1598606553.1598606554.1598606554.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addevent.com
api.curator.io
cdn.curator.io
curatorio.s3.amazonaws.com
fonts.googleapis.com
m.addthis.com
p.typekit.net
pbs.twimg.com
pixel.wp.com
s7.addthis.com
scontent-hel2-1.cdninstagram.com
ssl.google-analytics.com
stats.g.doubleclick.net
stats.wp.com
use.typekit.net
v1.addthisedge.com
www.demconvention.com
www.google-analytics.com
www.googletagmanager.com
www.instagram.com
www.youtube.com
z.moatads.com
s7.addthis.com
108.128.194.224
192.0.66.208
192.0.76.3
23.210.248.44
2606:2800:134:fa2:1627:1fe:edb:1665
2a00:1450:4001:801::2008
2a00:1450:4001:801::200e
2a00:1450:4001:808::200e
2a00:1450:4001:817::200a
2a00:1450:4001:820::2008
2a00:1450:400c:c06::9b
2a01:4a0:1338:28::c38a:ff0b
2a02:26f0:10c:396::19fd
2a03:2880:f21c:81e5:face:b00c:0:4420
2a03:2880:f246:ca:face:b00c:0:43fe
3.221.126.143
52.216.27.84
54.160.143.236
92.122.255.233
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1a95e91d5e78738a5d50e9b41f5bd26430b86e1de14ca169bee9b979c9f46e0c
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f05a6aa188eba38746dadaf8e5cc9a5a7cb146a0461752462a0ac0cddb2f424
1f16c897ef650c8116787863739e1d02e6d369c444483798b5a98c568679a292
1f86855eed5dfa085ca62ef7a301e94d1f82c34f426ddfd54fe66b15d632db90
21401cceea1bdefe201130dd7544e61fe474be3769631cc0d51c1d0a0dca0c44
27308631a7c402f6d193e891ae0459384802c85747033ad720701f8d69924cf3
2e9edbd71ae7588b4b478bc108ea2ff89b94661431b9bd9b65efb37dfbdd3649
34a1a51e5dbc558bf160fe3ed6d3fcf5d2ddf0625e98063992e13689f595599a
46e6f42a22054a793841935920cbbc723856e339fead50fa33c1f1bb3ec5a251
4c645066ca3a11ca4bfa58b72a71fd93fa3fa222d40e5c4759e6e771b6f2b784
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
536b3acd2449d15d4dcc8618910443498b63464d7c3f8dcfe7a2d44093d57663
65725ea0389b3218ae684c794bd6577f67e83b33423ffa39014536c124a7e4c0
679f73616e33ef75ef1925e195a946cbfdff297f16137badf56b44b58f721021
6a3ca54f77d4efa225bb8d473c8460fd76c1fd1be46e58c6ea069e6780bafaa9
6fbc06d9fa3288d69c54cdb7f7cea47644d89cef612f88a900afddd1597b28c2
728cfe0cf155d91714f22f706989aadaf82509c0868710ac25defd8f4a896f68
7841a01475c82365dd28e0263655f0fa44b270d581b31e4fba29972409be4f77
79d249bab4461fa4adc1fab32de3371bf64689f83b9d77929279fc7e4af7d929
7aada3ce1996868aa38b19ba1589077a21a6ea1d199eaf2e799b9c4c43a8dfe5
7d6d4b1d5980d29b3cff7971e1e33680474107d3583dc7737536ea4a2b5c691c
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f7cedc6ca9eb8bbebe7e6889a3f119d3130ab9fff511de481991d00e3da9836
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e274f23f2716e6b4fa11cfc4be2809def8e7a98f960da4620c152b36058989
84a3930a654afdf77ee4098d15777c02bd80a1120acd2fde7798d501da3cff7f
8a78cd73edac9a080607a038966f503144e98ba7b61b439ef91890cab0d9da08
99d9ff2aef8cda6a27e1246b4267347520f2b115b72bd0bf61b547f718effdf6
afa1250c29715cb0e632bcac7d3f8844026d6cb1f028b1037f8a54c60ffbc103
b0a2f758bb7bfb18c9940b81292b12a92d34101b46e37226ec561c4e0c8d75c9
bc5e800396cae661af01d2c39b8029ee42731ab4b36cc5ea56282bc31fb5a41f
c10d1b574052379de620984927b4481c920dd2d8c7737b5823e894cb7cbff010
ce91f5b5be9bdfa865d86c8a3ab6e14fee3513d78c6ff0dc22c0bcc743c441a9
d2890a7571c76cb78d37cfab9683ff6ce30fbc24fc12081c6b1b8fe7aa3624f2
d508940c51b5d414ceccf6a6bec509c569fe38e42465ba219352a61eebbb743f
db372087e68fb0ee411bd24b71538a22ca5169431f7c2887e4ef851527c8d3de
e014be4ee9aa1f782221f8ba4a2b816b958ddb2bd6a3a02d820b5967d3f19797
e1f7b5b727a8c4152f4369dcfffbfc4fd52a4cd56194c7b84f1f2fd6ba454ab2
e2ea47eb9f3e4a9e1b00fed7bb000e7f3934d6c4cab4b33b9a6b4827f0e903fb
e3fd29baee334a13d54d6708216f04ba62b3a0a08b0bfac73c5acf7f2be21123
e757953a1fdf109e10ae7a38bf78632a0010e7ce1f2805e159f44d847de719fb
e8de3af5c308ccf8258354397a6d9ee21dd21d0cf67abc558fc8fa740b4def51
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
ee9cd51774e3ce4eccd91266a76587108f800f7c5ed047c573db7fe35783a264
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fd25f4efe7a4f39bf3fca301c8f3c4686519945e26751466d489c5835338ca70
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.demconvention.com Open in urlscan Pro 192.0.66.208 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

59 Requests

98 %HTTPS

58 %IPv6

17 Domains

22 Subdomains

19 IPs

6 Countries

1989 kBTransfer

12798 kBSize

15 Cookies

43 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.demconvention.com Open in urlscan Pro
192.0.66.208 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

98 %
HTTPS

58 %
IPv6

17
Domains

22
Subdomains

19
IPs

6
Countries

1989 kB
Transfer

12798 kB
Size

15
Cookies

59 HTTP transactions
0 data transactions