ohiodems.org Open in urlscan Pro
2606:4700:10::6816:2c4c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ohiodems.org/
Submission: On March 11 via api (March 11th 2024, 11:06:33 pm UTC) from DE — Scanned from DE

Summary HTTP 79 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 16 domains to perform 79 HTTP transactions. The main IP is 2606:4700:10::6816:2c4c, located in United States and belongs to CLOUDFLARENET, US. The main domain is ohiodems.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 2nd 2023. Valid for: a year.

This is the only time ohiodems.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	2606:4700:10:... 2606:4700:10::6816:2c4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:280... 2a02:26f0:280:6::213:7ad8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
7	2600:9000:249... 2600:9000:2490:3200:3:1d53:4780:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:280... 2a02:26f0:280:6::213:7ac6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	44.210.169.185 44.210.169.185	14618 (AMAZON-AES) (AMAZON-AES)
6	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 _) (CDN77 _)
4	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
1	18.172.112.95 18.172.112.95	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1f14:5db... 2600:1f14:5db:eb11:95e1:dfa8:1dff:1d	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
79	20

35 2606:4700:10::6816:2c4c (United States)

ASN13335 (CLOUDFLARENET, US)

ohiodems.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:280:6::213:7ad8 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2490:3200:3:1d53:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:280:6::213:7ac6 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.210.169.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-169-185.compute-1.amazonaws.com

t.spbx.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.112.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-95.fra60.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:5db:eb11:95e1:dfa8:1dff:1d (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	ohiodems.org ohiodems.org	2 MB
7	userway.org cdn.userway.org — Cisco Umbrella Rank: 3126 api.userway.org — Cisco Umbrella Rank: 3117	62 KB
7	everyaction.com static.everyaction.com — Cisco Umbrella Rank: 85029	379 KB
4	ngpvan.com profile.ngpvan.com — Cisco Umbrella Rank: 55853 secure.ngpvan.com — Cisco Umbrella Rank: 152884 fastaction.ngpvan.com Failed	6 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2089	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	253 KB
3	typekit.net use.typekit.net — Cisco Umbrella Rank: 457 p.typekit.net — Cisco Umbrella Rank: 552	16 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 ajax.googleapis.com — Cisco Umbrella Rank: 368	32 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	306 B
2	spbx.app t.spbx.app	743 B
1	google.de www.google.de — Cisco Umbrella Rank: 6744	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	242 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2656	54 B
1	verygoodvault.com js.verygoodvault.com — Cisco Umbrella Rank: 22942	44 KB
1	gstatic.com fonts.gstatic.com	34 KB
79	16

	Domain	Requested by
35	ohiodems.org	ohiodems.org
7	static.everyaction.com	ohiodems.org static.everyaction.com
6	cdn.userway.org	ohiodems.org cdn.userway.org
3	secure.ngpvan.com	static.everyaction.com ohiodems.org
3	connect.facebook.net	ohiodems.org connect.facebook.net
3	www.googletagmanager.com	ohiodems.org www.googletagmanager.com www.google-analytics.com
2	www.facebook.com	ohiodems.org
2	t.spbx.app	www.googletagmanager.com ohiodems.org
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	use.typekit.net	ohiodems.org use.typekit.net
2	fonts.googleapis.com	ohiodems.org
1	api.userway.org	cdn.userway.org
1	www.google.de	ohiodems.org
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	js.verygoodvault.com	static.everyaction.com
1	profile.ngpvan.com	static.everyaction.com
1	fonts.gstatic.com	fonts.googleapis.com
1	p.typekit.net	use.typekit.net
1	ajax.googleapis.com	ohiodems.org
0	fastaction.ngpvan.com Failed	static.everyaction.com
79	22

This site contains links to these domains. Also see Links.

Domain
secure.actblue.com
792c17.myshopify.com
www.facebook.com
twitter.com
www.instagram.com
fastaction.ngpvan.com
www.mobilize.us
www.voteohio.gov

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
static.everyaction.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-20` - `2024-03-19`	3 months	crt.sh
t.spbx.app Amazon RSA 2048 M01	`2023-04-13` - `2024-05-11`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2024-02-27` - `2024-05-27`	3 months	crt.sh
*.ngpvan.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-11-07` - `2024-11-06`	a year	crt.sh
*.verygoodvault.com Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ohiodems.org/
Frame ID: 2A5B85988ED74338E529E10F297DC7A5
Requests: 79 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ohio Democrats - Fighting For Ohio Workers

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

79
Requests

97 %
HTTPS

84 %
IPv6

16
Domains

22
Subdomains

20
IPs

3
Countries

2852 kB
Transfer

7240 kB
Size

10
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.actblue.com/donate/odpwebsite_22
Title: Donate

Search URL Search Domain Scan URL

URL: https://792c17.myshopify.com/
Title: Store

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OHDems

Search URL Search Domain Scan URL

URL: https://twitter.com/OHDems

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ohdems/

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/ohiodemsinvest_2024?refcode=website&amount=5&recurring=true
Title: $5

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/ohiodemsinvest_2024?refcode=website&amount=10&recurring=true
Title: 10

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/ohiodemsinvest_2024?refcode=website&amount=20.24&recurring=true
Title: $20.24

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/ohiodemsinvest_2024?refcode=website&amount=50&recurring=true
Title: $50

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/ohiodemsinvest_2024?refcode=website&amount=100&recurring=true
Title: $100

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/ohiodemsinvest_2024?refcode=website&amount=250&recurring=true
Title: $250

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/ohiodemsinvest_2024?refcode=website&amount=500&recurring=true
Title: $500

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/ohiodemsinvest_2024?refcode=website&amount=1000&recurring=true
Title: $1000

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: https://www.mobilize.us/ohdems/
Title: Get Involved

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/dcccfrontlineohio_24?refcode=website
Title: Act Now!

Search URL Search Domain Scan URL

URL: https://www.voteohio.gov/
Title: Ohio Voter Information Center www.voteohio.gov

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ohiodems.org/ 38 KB
10 KB 1389ms
1151ms Document
text/html 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: d530a9cfdecc1885f577fe4987862765a9d6f6a9c0bb99e437823321c3235df4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 862f31df685491d5-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 11 Mar 2024 23:06:25 GMT
link: <https://ohiodems.org/wp-json/>; rel="https://api.w.org/"
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 style.min.css
ohiodems.org/wp-includes/css/dist/block-library/ 108 KB
14 KB 643ms
640ms Stylesheet
text/css 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 24 Jan 2024 19:02:28 GMT
server: cloudflare
etag: W/"6c06da-1ae43-60fb5b4423900-br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 862f31e69be691d5-FRA

GET
H2 200 styles.css
ohiodems.org/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 596ms
593ms Stylesheet
text/css 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.6
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Thu, 18 Jan 2024 19:09:08 GMT
server: cloudflare
etag: W/"6c1405-b4e-60f3d1910a43b-br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 862f31e69be991d5-FRA

GET
H2 200 style.css
ohiodems.org/wp-content/themes/altitude-pro/ 68 KB
13 KB 606ms
604ms Stylesheet
text/css 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/altitude-pro/style.css?ver=3.5.0.12620241955
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 938b69396c1ec191929ff15badb7b213106417883c72522e656eec491154c631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 26 Jan 2024 19:55:37 GMT
server: cloudflare
etag: W/"6c594a-11168-60fdeae0c4349-br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 862f31e69bea91d5-FRA

GET
H2 200 dashicons.min.css
ohiodems.org/wp-includes/css/ 58 KB
35 KB 632ms
629ms Stylesheet
text/css 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-includes/css/dashicons.min.css?ver=6.4.3
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: cloudflare
etag: W/"6c765d-e688-5bca85cdbf580-br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 862f31e69bec91d5-FRA

GET
H2 200 css
fonts.googleapis.com/ 2 KB
543 B 126ms
45ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ek+Mukta%3A200%2C800&display=swap&ver=1.5.0

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a181707b62a2e32de395e98e92a7dc71e5007be0a540343a006c415ccbdbef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Mar 2024 23:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 23:06:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Mar 2024 23:06:25 GMT

GET
H2 200 style.css
ohiodems.org/wp-content/plugins/cf7-conditional-fields/ 2 KB
648 B 601ms
599ms Stylesheet
text/css 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/plugins/cf7-conditional-fields/style.css?ver=2.4.6
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cedc9155263d1f634191e71f3c9ce256b315f833e375739ed0e65087996428cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Thu, 18 Jan 2024 19:09:06 GMT
server: cloudflare
etag: W/"6c13e3-651-60f3d18fdb870-br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 862f31e69bee91d5-FRA

GET
H2 200 jquery.min.js Show response
ohiodems.org/wp-includes/js/jquery/ 86 KB
30 KB 607ms
605ms Script
application/javascript 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 08 Nov 2023 14:35:09 GMT
server: cloudflare
etag: W/"6c7c0e-15601-609a4fe800695-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f31e69bef91d5-FRA

GET
H2 200 jquery-migrate.min.js Show response
ohiodems.org/wp-includes/js/jquery/ 13 KB
5 KB 603ms
602ms Script
application/javascript 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: cloudflare
etag: W/"6c7c06-3509-5fdabee5f2100-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f31e69bf191d5-FRA

GET
H2 200 tug2lqm.css
use.typekit.net/ 2 KB
866 B 329ms
170ms Stylesheet
text/css 2a02:26f0:280:6::213:7ad8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/tug2lqm.css

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:6::213:7ad8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

ed2681d2b550fc2c261293fa14245dbba6b883c4b5677aa56e4d616cf9e85b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 11 Mar 2024 23:06:25 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 643

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 124ms
45ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;600&display=swap

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af409b4de6ea0c9908395ec5191eff44782cb993eb745da5be594df285f309ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Mar 2024 23:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 23:06:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Mar 2024 23:06:25 GMT

GET
H2 200 nav_fb.png
ohiodems.org/wp-content/uploads/2024/01/ 5 KB
5 KB 596ms
595ms Image
image/png 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2024/01/nav_fb.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98debd222cf3f23b9b38e0a431e1bd41e839eb44855611b8f4d6573ded1ee43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Jan 2024 19:33:00 GMT
server: cloudflare
etag: "6c03c0-1327-60f3d6e704cc9"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862f31e69bf291d5-FRA
content-length: 4903

GET
H2 200 nav_tw.png
ohiodems.org/wp-content/uploads/2024/01/ 6 KB
6 KB 598ms
597ms Image
image/png 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2024/01/nav_tw.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bddcb23a065db2df2d6c8298e0c41a8eb5a04d28b641ac3100392fe921522782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Jan 2024 19:33:00 GMT
server: cloudflare
etag: "6c03bd-1966-60f3d6e69ccb5"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862f31e69bf391d5-FRA
content-length: 6502

GET
H2 200 nav_ig.png
ohiodems.org/wp-content/uploads/2024/01/ 7 KB
7 KB 184ms
180ms Image
image/png 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2024/01/nav_ig.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7906e66d33a65d36b932b9cf49fce90202c3b87c68ccf7f08c48d2770bff258d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Jan 2024 19:32:59 GMT
server: cloudflare
etag: "6c03bb-1cb9-60f3d6e639ac2"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862f31ea6db191d5-FRA
content-length: 7353

GET
H2 200 hero_logo.png
ohiodems.org/wp-content/uploads/2022/06/ 44 KB
44 KB 594ms
591ms Image
image/png 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2022/06/hero_logo.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98c0ce38c154317731becfe02c80432cc6b0ccd92a677e638067c638cfa7ada3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
cf-cache-status: MISS
last-modified: Tue, 28 Jun 2022 13:20:02 GMT
server: cloudflare
etag: "6e1778-b01b-5e281e4e5e136"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862f31ea6db291d5-FRA
content-length: 45083

GET
H2 200 webpopup.jpg
ohiodems.org/wp-content/uploads/2023/11/ 164 KB
165 KB 727ms
722ms Image
image/jpeg 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2023/11/webpopup.jpg
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9144aa9dfd0644f2f333905a018bcda112d775b372436d30e183d79cd2610d00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:27 GMT
cf-cache-status: MISS
last-modified: Wed, 08 Nov 2023 02:50:00 GMT
server: cloudflare
etag: "960464-29163-6099b24b0145e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862f31eade0d91d5-FRA
content-length: 168291

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 115ms
38ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 12:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Mar 2025 12:53:06 GMT

GET
H2 200 at.js Show response
static.everyaction.com/ea-actiontag/ 842 KB
236 KB 139ms
38ms Script
application/javascript 2600:9000:2490:3200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bedb8798259dcc4e32a7cf1c3867680d285be84c4081b4a7fe73b745202b0dc

Request headers

Referer: https://ohiodems.org/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 04:21:05 GMT
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 67521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 241400
last-modified: Tue, 05 Mar 2024 15:40:47 GMT
server: AmazonS3
etag: "b0b37f17f9dfdaa4aa2eb6ba17f3968a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: Qs3IW3QB2MkwwMLym2ljrjevVy70sY0EVtlWTfeU7TzkugBva03VPQ==

GET
H2 200 at.min.css
static.everyaction.com/ea-actiontag/ 59 KB
12 KB 140ms
38ms Stylesheet
text/css 2600:9000:2490:3200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.min.css
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ace7e5a67aeec033127347fe6d0e13b7ec27746fd1af2f8914efabce105451c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 04:04:01 GMT
content-encoding: gzip
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 68546
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11617
last-modified: Tue, 05 Mar 2024 15:40:47 GMT
server: AmazonS3
etag: "90d4effc4878fc473505b2be5f900a5e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: 4CiQYtaVy-acHgk8BqX8xePbgHXhkp0etF-g0axz-5S7aB3Ki1hHSQ==

GET
H2 200 overhanglogo.png
ohiodems.org/wp-content/uploads/2022/04/ 9 KB
9 KB 631ms
629ms Image
image/png 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2022/04/overhanglogo.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 687fb27ed8df51935a6b49f3c2b9da41176ffbd2a81b824af23302c5e50de199

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Apr 2022 19:53:06 GMT
server: cloudflare
etag: "6e0bcd-2463-5dc29f17409f9"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862f31eb0e6391d5-FRA
content-length: 9315

GET
H2 200 cutouts.jpg
ohiodems.org/wp-content/uploads/2022/04/ 222 KB
222 KB 758ms
755ms Image
image/jpeg 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2022/04/cutouts.jpg
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43629ae2d4da09b8bd9312007e071ebff300e4e5e81e4b8b3e4f5e2a5820774c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:27 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Apr 2022 19:42:43 GMT
server: cloudflare
etag: "6e0bc4-376d6-5dc29cc585f9f"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862f31eb0e6491d5-FRA
content-length: 227030

GET
H2 200 foot_fb.png
ohiodems.org/wp-content/uploads/2022/07/ 5 KB
5 KB 625ms
622ms Image
image/png 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2022/07/foot_fb.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8a5f5ebe2803d1a4c14ba8d7fcf37e8446061c0fc382776fbfec789409f384f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Jul 2022 20:56:13 GMT
server: cloudflare
etag: "90384a-123b-5e3293316197f"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862f31eb0e6591d5-FRA
content-length: 4667

GET
H2 200 foot_tw.png
ohiodems.org/wp-content/uploads/2022/07/ 6 KB
6 KB 623ms
621ms Image
image/png 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2022/07/foot_tw.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec9784521c4a1d560257c24e0ba9e1d74a18b56c6cd0dd1bda0f6fa295f00a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 06 Jul 2022 20:56:14 GMT
server: cloudflare
etag: "90384d-1869-5e3293319f1e6"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862f31eb0e6691d5-FRA
content-length: 6249

GET
H2 200 foot_ig.png
ohiodems.org/wp-content/uploads/2022/07/ 7 KB
7 KB 628ms
626ms Image
image/png 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2022/07/foot_ig.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28627331b8e328fd30a18b05cba4ac67c91d50549b5c8eba81868fcd64ab9702

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Jul 2022 20:56:14 GMT
server: cloudflare
etag: "90384f-1b75-5e329331dab0c"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862f31eb0e6791d5-FRA
content-length: 7029

GET
H2 200 index.js Show response
ohiodems.org/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 597ms
592ms Script
application/javascript 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.6
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Thu, 18 Jan 2024 19:09:08 GMT
server: cloudflare
etag: W/"6c1433-2b6d-60f3d1910bf93-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f31eade0e91d5-FRA

GET
H2 200 index.js Show response
ohiodems.org/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 596ms
591ms Script
application/javascript 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.6
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Thu, 18 Jan 2024 19:09:08 GMT
server: cloudflare
etag: W/"6c1411-337e-60f3d1910aff3-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f31eade0f91d5-FRA

GET
H2 200 hoverIntent.min.js Show response
ohiodems.org/wp-includes/js/ 1 KB
813 B 593ms
589ms Script
application/javascript 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: cloudflare
etag: W/"6c7ad1-5db-5dc2a2438e980-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f31eade1091d5-FRA

GET
H2 200 superfish.min.js Show response
ohiodems.org/wp-content/themes/genesis/lib/js/menu/ 4 KB
2 KB 604ms
599ms Script
application/javascript 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2024 16:04:12 GMT
server: cloudflare
etag: W/"7a202c-1193-60fdb7275fbef-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f31eade1191d5-FRA

GET
H2 200 superfish.args.min.js Show response
ohiodems.org/wp-content/themes/genesis/lib/js/menu/ 132 B
230 B 597ms
593ms Script
application/javascript 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=3.5.0
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 26 Jan 2024 16:04:12 GMT
server: cloudflare
etag: W/"7a202e-84-60fdb7275fbef-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f31eade1291d5-FRA

GET
H2 200 skip-links.min.js Show response
ohiodems.org/wp-content/themes/genesis/lib/js/ 386 B
368 B 596ms
592ms Script
application/javascript 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.5.0
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 26 Jan 2024 16:04:12 GMT
server: cloudflare
etag: W/"7a2014-182-60fdb7275c53f-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f31eade1491d5-FRA

GET
H2 200 global.js Show response
ohiodems.org/wp-content/themes/altitude-pro/js/ 507 B
373 B 594ms
590ms Script
application/javascript 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/altitude-pro/js/global.js?ver=1.5.0
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2acd56db5d22e817a6aed118c4506e242e22b747af782a0d1b4bcf7ec493c7b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 30 Mar 2022 19:06:34 GMT
server: cloudflare
etag: W/"6e1172-1fb-5db743e7a8a62-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f31eade1791d5-FRA

GET
H2 200 responsive-menus.min.js Show response
ohiodems.org/wp-content/themes/altitude-pro/js/ 4 KB
1 KB 594ms
590ms Script
application/javascript 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/altitude-pro/js/responsive-menus.min.js?ver=1.5.0
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fd951519999c4f446db71f347635025addb27c21d3b5915d498732ea1eec927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 30 Mar 2022 19:06:34 GMT
server: cloudflare
etag: W/"6e1174-e64-5db743e8056cc-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f31eade1891d5-FRA

GET
H2 200 home.js Show response
ohiodems.org/wp-content/themes/altitude-pro/js/ 1 KB
659 B 593ms
589ms Script
application/javascript 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/altitude-pro/js/home.js?ver=1.5.0
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58ec10da0d86efff8c2f3846a190dfea204226424bcb714593d8d04e8e716fad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 30 Mar 2022 19:06:34 GMT
server: cloudflare
etag: W/"6e1173-444-5db743e7fca2b-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f31eade1a91d5-FRA

GET
H2 200 scripts.js Show response
ohiodems.org/wp-content/plugins/cf7-conditional-fields/js/ 54 KB
12 KB 631ms
627ms Script
application/javascript 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.4.6
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0a0d87f2d0f9b7a37982c54b57129bf7d2b74b6e401cdd9adbe43e760c89bc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Thu, 18 Jan 2024 19:09:06 GMT
server: cloudflare
etag: W/"6c13df-d9c4-60f3d18fdb0a0-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f31eb0e6291d5-FRA

GET
BLOB 200
OK 5e19c6c6-1eb1-48c2-9321-7d553c578c2f
https://ohiodems.org/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ohiodems.org/5e19c6c6-1eb1-48c2-9321-7d553c578c2f
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 220 KB
79 KB 130ms
56ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W998DQN

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

975509ca3c482ec0fa51debff6a08e0f493b4d58aa8133b9b69c691e325f4d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80282
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 21:21:34 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Mar 2024 23:06:26 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 203ms
50ms Stylesheet
text/css 2a02:26f0:280:6::213:7ac6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=tug2lqm&ht=tk&f=1757.1758&a=87808323&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tug2lqm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:280:6::213:7ac6 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 ODP_sherrod.mp4
ohiodems.org/wp-content/uploads/homevideo/ 2 MB
0 770ms
769ms Media
video/mp4 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/uploads/homevideo/ODP_sherrod.mp4
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ohiodems.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 11 Mar 2024 23:06:27 GMT
cf-cache-status: MISS
last-modified: Wed, 25 Jan 2023 19:21:04 GMT
server: cloudflare
etag: W/"6c25af-3c32f1-5f31b888dccd5-br"
vary: Accept-Encoding
content-type: video/mp4
cache-control: max-age=14400
cf-ray: 862f31eb0e6891d5-FRA

GET
H2 200 navlogo.png
ohiodems.org/wp-content/uploads/2022/04/ 3 KB
4 KB 592ms
592ms Image
image/png 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2022/04/navlogo.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f80fe32374201408d84bfa0f7a67e325c38d4c4a8f44517ce3e1373c4de9fa7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:27 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Apr 2022 19:17:59 GMT
server: cloudflare
etag: "6e0123-def-5dc2973e6d7fa"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862f31ec2edc91d5-FRA
content-length: 3567

GET
H2 200 splashex.png
ohiodems.org/wp-content/uploads/2023/06/ 3 KB
3 KB 591ms
590ms Image
image/png 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2023/06/splashex.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/wp-content/themes/altitude-pro/style.css?ver=3.5.0.12620241955
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20b48b9529dd98ff865d7cba801abbcd1006e7a18804b477dfb96cb848f690c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/wp-content/themes/altitude-pro/style.css?ver=3.5.0.12620241955
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:27 GMT
cf-cache-status: MISS
last-modified: Wed, 07 Jun 2023 17:47:52 GMT
server: cloudflare
etag: "8e2760-a50-5fd8dbc28234b"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862f31ec2ede91d5-FRA
content-length: 2640

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ 34 KB
34 KB 108ms
34ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 02:41:24 GMT
x-content-type-options: nosniff
age: 591902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34328
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 01:54:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 02:41:24 GMT

GET
H2 200 l
use.typekit.net/af/8a5466/0000000000000000773598c3/30/ 15 KB
15 KB 187ms
48ms Font
application/font-woff2 2a02:26f0:280:6::213:7ad8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8a5466/0000000000000000773598c3/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tug2lqm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:280:6::213:7ad8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3ceb0522bf2a32da9c67d49e211bed847d761f1f0495d030734f75e725598dce

Request headers

Referer: https://use.typekit.net/tug2lqm.css
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
server: nginx
etag: "01fe4e911d7beee6e4b155fedcfa329f094a89d5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15544

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
87 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SYH1Q91FVJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W998DQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b29f516afd45c976320627c1c65c04fc5ec1eab3149afd4d45bdce3ef87a0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89179
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 23:06:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 110ms
34ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W998DQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 21:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5264
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 11 Mar 2024 23:38:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 215 KB
58 KB 108ms
33ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 11 Mar 2024 23:06:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=12, mss=1294, tbw=2808, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: C0SZZche5xvHUieNUSX0fAhZxD60unDUcL9kQZIC8Ctmzx4mXLpsO1Px6mXaQUZz4w8xF8joc+p/iL9p7fDseQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 wire.js Show response
t.spbx.app/ 205 B
411 B 508ms
148ms Script
text/javascript 44.210.169.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://t.spbx.app/wire.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W998DQN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.210.169.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-169-185.compute-1.amazonaws.com
Software: /
Resource Hash: e394cc0aceb1a95f48644d373ceb7a7cb2cd3a1b2976b9cb72f59385642ca5df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Mon, 11 Mar 2024 23:06:27 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
last-modified: Mon, 11 Mar 2024 23:06:27 GMT
content-length: 205
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 141ms
33ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: adaa123fa1d0f7f5193b7bb75a292de024c06db7633318fa179b94a3479df99d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 11 Mar 2024 23:06:26 GMT
via: 1.1 adffa554e502bb59dc89f14ddc6170ce.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 620
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 2087
x-accel-date: 1710196299
x-77-nzt: EgwBw7WqEQH3JwgAAAwB1GY4EQH3BwAAAA
x-accel-expires: @1710199899
x-77-age: 2094
last-modified: Sat, 09 Mar 2024 18:19:13 GMT
server: CDN77-Turbo
etag: W/"14400e3cc853150c8b7727d281dc1424"
x-77-nzt-ray: 4c156224d141c651728eef6549db3d2e
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: ahPRguBhTM4bl51Yz9NXxiCSDbZ09TQ3YMpmxssx5glslcy1b1YcAg==

GET
H2 200 extra.min.css
static.everyaction.com/ea-actiontag/ 78 KB
14 KB 38ms
38ms Stylesheet
text/css 2600:9000:2490:3200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63a66e1b3bb126e774cd303a9e80cc8615c66c6056fad6b8e303984772460b15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 05:08:59 GMT
content-encoding: gzip
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 64648
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 14162
last-modified: Tue, 05 Mar 2024 15:40:47 GMT
server: AmazonS3
etag: "65083c7a2444ef6ebb83a6283c170621"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: 3rs1HJ9DqD1YXek8dVWrNgVAqglS3B9VuECFVC71iFMiMLCrIm_U_w==

GET
H2 204 identity Show response
profile.ngpvan.com/ 0
635 B 596ms
485ms Script
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:27 GMT
reason: Returned 204 - No Content. Referrer not whitelisted
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express, ASP.NET
x-iinfo: 14-136585208-136585229 NNNN CT(93 224 0) RT(1710198386019 58) q(0 0 3 1) r(5 5) U24
x-incap-sess-cookie-hdr: WCyuM52PwRKVCt7qMebfEXKO72UAAAAA37CN90txW+p4wjSn5DfZqA==
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 doublearrow.png
ohiodems.org/wp-content/uploads/2022/04/ 1 KB
2 KB 591ms
591ms Image
image/png 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2022/04/doublearrow.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/wp-content/themes/altitude-pro/style.css?ver=3.5.0.12620241955
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0258d5c0d15c32511b30a8ca0a0df3fc93a6174244c3f8d011c781a6948760ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/wp-content/themes/altitude-pro/style.css?ver=3.5.0.12620241955
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:27 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Apr 2022 17:56:27 GMT
server: cloudflare
etag: "6e0019-5d0-5dc64a9d3c05d"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862f31ecdf2e91d5-FRA
content-length: 1488

GET
H2 200 Congressional-Endorsement-Cropped-1.jpg
ohiodems.org/wp-content/uploads/2024/01/ 184 KB
184 KB 731ms
731ms Image
image/jpeg 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2024/01/Congressional-Endorsement-Cropped-1.jpg
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27639455f2e9c87b8e9d22993f53b52711e6c0317cf66876a3e16db8af535686

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:27 GMT
cf-cache-status: MISS
last-modified: Fri, 19 Jan 2024 18:39:25 GMT
server: cloudflare
etag: "6c03cd-2dffb-60f50cca14dc5"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862f31ecdf2f91d5-FRA
content-length: 188411

GET
H2 200 DNC-Obama-scaled.jpg
ohiodems.org/wp-content/uploads/2023/08/ 1 MB
1 MB 727ms
726ms Image
image/jpeg 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2023/08/DNC-Obama-scaled.jpg
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc54c5c825952e09b726710b25fa6c04bfec351663d88c7fffa11444bf76d94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:27 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Aug 2023 17:13:55 GMT
server: cloudflare
etag: "8e5ecb-118099-60321897c6a1b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862f31ecdf3091d5-FRA
content-length: 1147033

GET
H/1.1 200
OK vgs-collect.js Show response
js.verygoodvault.com/vgs-collect/2.18.4/ 134 KB
44 KB 227ms
59ms Script
application/javascript 18.172.112.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-95.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
Content-Encoding: gzip
Via: 1.1 c0ddd35bae9510a7268b5854c63453cc.cloudfront.net (CloudFront)
Date: Mon, 11 Mar 2024 23:06:24 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 5
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:55 GMT
Server: AmazonS3
ETag: W/"156be461dd96d02fce3792c020f7748a"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
X-Amz-Cf-Id: MvtU2G7d6UA1yGVBKcS8WGTXtuqGCnTxq0nTZjMrwK664qHfzg6pzQ==

GET
H2 200 VcPCd5Dn0Ua_PjWti7X70w2 Show response
secure.ngpvan.com/v1/Forms/ 12 KB
5 KB 612ms
488ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/v1/Forms/VcPCd5Dn0Ua_PjWti7X70w2

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

84d34890d670cc72630c39d56f144fa87bf328c3a9775398f3c41387fea0c4d7

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ohiodems.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 14-136585223-134968858 2NNN RT(1710198386059 96) q(0 0 0 4) r(4 4)
content-length: 4497
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ohiodems.org
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: Qfe5ANGxdBK4Ct7qMebfEXKO72UAAAAAYvaDfDNDjIOd4SkaUZUtuA==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 120ms
43ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SYH1Q91FVJ&gtm=45je4360v893053656z8893054107za200&_p=1710198386353&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2066923401.1710198387&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710198386&sct=1&seg=0&dl=https%3A%2F%2Fohiodems.org%2F&dt=Ohio%20Democrats%20-%20Fighting%20For%20Ohio%20Workers&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2482
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SYH1Q91FVJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 23:06:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
218 B 44ms
43ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1654032438&t=pageview&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democrats%20-%20Fighting%20For%20Ohio%20Workers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1102680899&gjid=832480293&cid=2066923401.1710198387&tid=UA-239877196-1&_gid=201334116.1710198387&_r=1&_slc=1&gtm=45He4360n81W998DQNv893054107za220&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=2033185398

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6fa1b4e37d7b21750150144adba6bb4514bcff546ff9accff2571e61d6ddeac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 23:06:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 502143008408261 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 169ms
169ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/502143008408261?v=2.9.148&r=stable&domain=ohiodems.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

603e4347a4c475b4aad4eca3dcf8cec81a67c8c275fb41ee75b926e7c648888f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 11 Mar 2024 23:06:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=65, mss=1294, tbw=62514, tp=-1, tpl=-1, uplat=129, ullat=0
pragma: public
x-fb-debug: j2Et2dhPd8MNn/1/pEh0ERa6juib7RHRyC8TEKHLwV+Z6jRQohXqh67QNMlSsxAvtBXowaQFpMAv+jJChcjDkQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
87 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JQFF480XQ0&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

940fe5d834e04fbc5c7324598493a8bc541782860906eebb9bf086d267a40da2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 23:06:26 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 42ms
41ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JQFF480XQ0&gtm=45je4360v9133832381za220&_p=1710198386353&_gaz=1&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=2066923401.1710198387&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&dt=Ohio%20Democrats%20-%20Fighting%20For%20Ohio%20Workers&sid=1710198386&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2731
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JQFF480XQ0&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 23:06:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 131ms
44ms Ping
text/plain 2a00:1450:400c:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JQFF480XQ0&cid=2066923401.1710198387&gtm=45je4360v9133832381za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JQFF480XQ0&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 23:06:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 122ms
46ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JQFF480XQ0&cid=2066923401.1710198387&gtm=45je4360v9133832381za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1&z=468190397

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 23:06:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1125958801654956 Show response
connect.facebook.net/signals/config/ 28 KB
5 KB 274ms
273ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1125958801654956?v=2.9.148&r=stable&domain=ohiodems.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C207%2C144%2C105%2C127%2C120%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

af337a5f2c932e9b0e897ac887fd78d805ef7a1ef097c4e248afa8eb1ffba426

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 11 Mar 2024 23:06:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4334, tp=9, tpl=0, uplat=237, ullat=1
pragma: public
x-fb-debug: lPx19g+J1EdhkYUT4OzM0g1XEiWhwF/dEuwaNTlO4CMMANbur8eSEFbLXQdgy6YJVsiaC7AEaMbt1Ck2ZJnHYQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 wp-emoji-release.min.js Show response
ohiodems.org/wp-includes/js/ 18 KB
5 KB 183ms
183ms Script
application/javascript 2606:4700:10::6816:2c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:06:27 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: cloudflare
etag: W/"6c7c9f-4904-5f3acfe01ab40-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f31ef183f91d5-FRA

GET
H2 200 widget_app_base_1710008228184.js Show response
cdn.userway.org/widgetapp/2024-03-09-18-17-08/ 151 KB
43 KB 140ms
72ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-03-09-18-17-08/widget_app_base_1710008228184.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 14e60d13b93db6d3362c04b714da622840a3736df9bd592b2acf0e599a04416b

Request headers

Referer: https://ohiodems.org/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 11 Mar 2024 23:06:27 GMT
via: 1.1 18a0c3f5e09e58d51d2e5d6f596d202e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 624
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 189333
x-accel-date: 1710009054
x-77-nzt: EgwBw7WqEQH3leMCAAwBJRPCNAH3AQAAAA
x-accel-expires: @1735929053
x-77-age: 189334
last-modified: Sat, 09 Mar 2024 18:19:08 GMT
server: CDN77-Turbo
etag: W/"e2a2ae135ae5445364dcf413e0b89810"
x-77-nzt-ray: 4c156224f435ae55738eef6568c79d07
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: piqZcxFeIApNwbEBXmrEtYRBNHB6lbXi0qNUB0SX_0cSmMA6_QmmmA==

GET
H2 200 wire
t.spbx.app/ 43 B
332 B 1146ms
1146ms Image
image/gif 44.210.169.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.spbx.app/wire?u=https%3A%2F%2Fohiodems.org%2F
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.210.169.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-169-185.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 11 Mar 2024 23:06:28 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
last-modified: Mon, 11 Mar 2024 23:06:28 GMT
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

POST
H2 200 R4wkoOZoql Show response
api.userway.org/api/tunings/ 504 B
890 B 588ms
193ms XHR
application/json 2600:1f14:5db:eb11:95e1:dfa8:1dff:1d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/R4wkoOZoql
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-09-18-17-08/widget_app_base_1710008228184.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb11:95e1:dfa8:1dff:1d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9fcedc14a76730f7c9fcd7e9dc42bf6c4f15a2d1557926dc42f6cf42c4c9a356

Request headers

Referer: https://ohiodems.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 23:06:27 GMT
etag: W/"1f8-OAN7f0aPhFGlCxKN7Pwxjez3Gp8"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr5a630b98e9bf4a8
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 504
x-service-version: uw-pr

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 161ms
33ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=502143008408261&ev=PageView&dl=https%3A%2F%2Fohiodems.org%2F&rl=&if=false&ts=1710198387326&sw=1600&sh=1200&v=2.9.148&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1710198387324.1924899167&ler=empty&cdl=API_unavailable&it=1710198386823&coo=false&rqm=GET

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1294, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 11 Mar 2024 23:06:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 161ms
33ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1125958801654956&ev=PageView&dl=https%3A%2F%2Fohiodems.org%2F&rl=&if=false&ts=1710198387331&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1710198387324.1924899167&ler=empty&cdl=API_unavailable&cs_est=true&it=1710198386823&coo=false&rqm=GET

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1294, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 11 Mar 2024 23:06:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET identity
fastaction.ngpvan.com/api/v2/ 0
0

GET
H2 200 intlTelInput.min.css
static.everyaction.com/ea-actiontag/assets/styles/ 19 KB
20 KB 42ms
42ms Stylesheet
text/css 2600:9000:2490:3200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/assets/styles/intlTelInput.min.css
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80174969764673851b6aa49f7f2db4e556666c28a1a23466ab984b1743eb0aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 04:21:10 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jul 2022 18:06:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 67518
etag: "7e7462900c78bbf73c9dfde6c0b617fc"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 19755
x-amz-cf-id: Ol718TWcAEoPGcGX3zTgFHyUd8ruYvsMt0Dwo6XqI5w31K_IsmwFzA==

GET
H2 200 intlTelInput.js Show response
static.everyaction.com/ea-actiontag/assets/js/ 87 KB
21 KB 50ms
49ms Script
application/javascript 2600:9000:2490:3200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/assets/js/intlTelInput.js
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8591bd5866850d9ce6364055d34f31055fef11f1705518cae23d87a57ef99933

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:41:36 GMT
content-encoding: gzip
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 545092
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 20855
last-modified: Tue, 11 Apr 2023 14:36:16 GMT
server: AmazonS3
etag: "0d84f90a2a517cacd498722e0fe0500e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: hZq4HRnAC19mlBY45g5mglygM0Tke22nqLbE5Q8Gg3eBPe87tvSm9g==

GET
H2 200 intl-tel.input.utils.js Show response
static.everyaction.com/ea-actiontag/assets/js/ 245 KB
55 KB 72ms
72ms Script
application/javascript 2600:9000:2490:3200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/assets/js/intl-tel.input.utils.js
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:41:36 GMT
content-encoding: gzip
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 545092
x-cache: Hit from cloudfront
content-length: 56004
last-modified: Tue, 12 Apr 2022 14:33:00 GMT
server: AmazonS3
etag: "4b9bf850ee4aa76202eb0e6f5948bfa8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Yp6_WC20Ai3DJ-YFaVFbjyyLz0I7Am8tmbhYB9x47DDfJMqklNrS1w==

GET
H2 200 VcPCd5Dn0Ua_PjWti7X70w2
secure.ngpvan.com/v1/Track/ 0
227 B 570ms
569ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.ngpvan.com/v1/Track/VcPCd5Dn0Ua_PjWti7X70w2?formSessionId=d9f30e9e-3cc7-49a0-af39-61feed056c83&bName=chrome&dType=desktop&formVersion=6/30/2023%208:50:13%20PM|8/17/2022%202:52:39%20PM&fUrl=aHR0cHM6Ly9vaGlvZGVtcy5vcmcv&fRef=

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Mon, 11 Mar 2024 23:06:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 14-136585223-136585364 NNNN CT(133 228 0) RT(1710198386059 596) q(0 0 4 -1) r(5 5) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
x-incap-sess-cookie-hdr: EZ2rWFGIT3u4Ct7qMebfEXOO72UAAAAAVcHr47wk2OmOzZY7iGLM6g==
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 flags.png
static.everyaction.com/ea-actiontag/assets/images/ 20 KB
20 KB 37ms
37ms Image
image/png 2600:9000:2490:3200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.everyaction.com/ea-actiontag/assets/images/flags.png
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/assets/styles/intlTelInput.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.everyaction.com/ea-actiontag/assets/styles/intlTelInput.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 09:13:32 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 14219576
x-cache: Hit from cloudfront
content-length: 20389
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
server: AmazonS3
etag: "4e54a2ee652e9cddbd4ef6f8c46e5390"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-cf-id: xkuHtRCjyee9STEb7hjY2nJ_BIt_rmgS7o_i9200xR8oPOsNepS5_w==

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-03-09-18-17-08/locales/ 621 B
1006 B 38ms
37ms XHR
application/json 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-03-09-18-17-08/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-09-18-17-08/widget_app_base_1710008228184.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 11 Mar 2024 23:06:27 GMT
via: 1.1 577d8c1d3279d6a0f53cebe01ead8c6e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 613
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 189324
x-accel-date: 1710009063
x-77-nzt: EgwBw7WqEQH3jOMCAAwBJRPCMQH3EAAAAA
x-accel-expires: @1735929047
x-77-age: 189340
last-modified: Sat, 09 Mar 2024 18:19:07 GMT
server: CDN77-Turbo
etag: W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray: 4c156224f435ae55738eef652891d132
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: Unmd_baIo9Rd3zZ2n025NeppBcducDdjS20qEEetszk5l9mFxrTeWw==

GET
H2 200 remediation-tool-free.js Show response
cdn.userway.org/remediation/free/ 28 KB
12 KB 45ms
44ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1710008228184
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-09-18-17-08/widget_app_base_1710008228184.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d8cbb12d7b6332a9170b8a586eb8249477ce2b92ff714d225918fd5aedbc995f

Request headers

Referer: https://ohiodems.org/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 11 Mar 2024 23:06:28 GMT
via: 1.1 c53fb2c65e26830010100e7d773f73ae.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 622
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 189330
x-accel-date: 1710009058
x-77-nzt: EgwBw7WqEQH3kuMCAAwBJRPCNAH3BQAAAA
x-accel-expires: @1735929053
x-77-age: 189335
last-modified: Sat, 09 Mar 2024 18:19:12 GMT
server: CDN77-Turbo
etag: W/"62d721500af46ecc61ba9a22ff0abe06"
x-77-nzt-ray: 4c156224f435ae55748eef65f3757615
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: WmSMQcSq6NszyHzlCal8orwjGagMD942rEG2PY_0bchMwTad8_flQA==

GET
H2 200 wheel_left_wh.svg
cdn.userway.org/widgetapp/images/ 3 KB
2 KB 37ms
36ms Image
image/svg+xml 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/wheel_left_wh.svg
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a02859d522d0ddc8d1bb3162c80270a2b60578134c209bedc0d020d1647780c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 11 Mar 2024 23:06:28 GMT
via: 1.1 7bf4f64fa64e134b5dbb63cabb0aa9e4.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: MUC50-P4
age: 7
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 189297
x-accel-date: 1710009091
x-77-nzt: EgwBw7WqEQH3ceMCAAwBisclwQH3JQAAAA
x-accel-expires: @1735929054
x-77-age: 189334
last-modified: Wed, 27 Dec 2023 13:17:34 GMT
server: CDN77-Turbo
etag: W/"9a2b8dbb4f8fa2f684bee94032650d79"
x-77-nzt-ray: 4c156224d141c651748eef65b102971a
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: PQDDyXe5V8ucoGKoX8e65SBnVzuRetcClc4Ffo1zjI7ukr_GSDP3yQ==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 38ms
37ms Image
image/svg+xml 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 11 Mar 2024 23:06:28 GMT
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 189333
x-accel-date: 1710009055
x-77-nzt: EgwBw7WqEQH3leMCAAwB1GY4EQH3BwAAAA
x-accel-expires: @1735929048
x-77-age: 189340
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: 4c156224d141c651748eef65a0759d1a
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: z1O0IrM_OV18s2GxoOTCn6D7RSlzCFYvGQxoHUDWTwyhX27D21tNmw==

GET
H2 200 VcPCd5Dn0Ua_PjWti7X70w2
secure.ngpvan.com/v1/Track/ 0
193 B 162ms
162ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Mon, 11 Mar 2024 23:06:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 14-136585223-136585364 PNNN RT(1710198386059 2180) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
x-incap-sess-cookie-hdr: ojcnEPu443y4Ct7qMebfEXSO72UAAAAAYV0eOXblS6Xb+Ko46bhh2g==
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fastaction.ngpvan.com
URL: https://fastaction.ngpvan.com/api/v2/identity

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ohiodems.org/	1970-01-20 19:03:20	Name: __cf_bm Value: ttReQ_yX7ZwMPXGbTOVOwzNM3jdP.dOLQpKKXyQwwQM-1710198385-1.0.1.1-MPLEjO_CObas5eddvgRH9ri1NkiYli1sLdJp8v2LnaRcOBnEnyUzPwOTLhu0yVAzHqq0XtslkwkWyJ8p.APi9w
.ohiodems.org/	1970-01-21 04:39:18	Name: _ga_SYH1Q91FVJ Value: GS1.1.1710198386.1.0.1710198386.0.0.0
.ohiodems.org/	1970-01-21 04:39:18	Name: _ga Value: GA1.2.2066923401.1710198387
.ohiodems.org/	1970-01-20 19:04:44	Name: _gid Value: GA1.2.201334116.1710198387
.ohiodems.org/	1970-01-20 19:03:18	Name: _gat_UA-239877196-1 Value: 1
.ohiodems.org/	1970-01-21 04:39:18	Name: _ga_JQFF480XQ0 Value: GS1.2.1710198386.1.0.1710198386.60.0.0
.ngpvan.com/	1970-01-21 03:48:53	Name: visid_incap_1002065 Value: DPON+u6QSla+LVdL2/XsJnKO72UAAAAAQUIPAAAAAAASeSysM4dChvcr9dBZ88wM
.ngpvan.com/	1969-12-31 23:59:59	Name: incap_ses_1288_1002065 Value: UVyRcoB+4QG4Ct7qMebfEXKO72UAAAAAA+wsxfVCM9lNpoF7pZiZUA==
.ngpvan.com/	1969-12-31 23:59:59	Name: nlbi_1002065 Value: dOh6eljfemJSiGrm0IOYSwAAAAAyPeK5XOgd4n1AeIYMPagf
.ohiodems.org/	1970-01-20 21:12:54	Name: _fbp Value: fb.1.1710198387324.1924899167

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/502143008408261?v=2.9.148&r=stable&domain=ohiodems.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://ohiodems.org/ Message: Access to XMLHttpRequest at 'https://fastaction.ngpvan.com/api/v2/identity' from origin 'https://ohiodems.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fastaction.ngpvan.com/api/v2/identity Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.userway.org
cdn.userway.org
connect.facebook.net
fastaction.ngpvan.com
fonts.googleapis.com
fonts.gstatic.com
js.verygoodvault.com
ohiodems.org
p.typekit.net
profile.ngpvan.com
region1.analytics.google.com
region1.google-analytics.com
secure.ngpvan.com
static.everyaction.com
stats.g.doubleclick.net
t.spbx.app
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
fastaction.ngpvan.com
18.172.112.95
2001:4860:4802:32::36
2600:1f14:5db:eb11:95e1:dfa8:1dff:1d
2600:9000:2490:3200:3:1d53:4780:93a1
2606:4700:10::6816:2c4c
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:809::2008
2a00:1450:4001:812::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:828::200a
2a00:1450:400c:c1d::9c
2a02:26f0:280:6::213:7ac6
2a02:26f0:280:6::213:7ad8
2a02:6ea0:c700::19
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
44.210.169.185
45.60.33.183
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
0258d5c0d15c32511b30a8ca0a0df3fc93a6174244c3f8d011c781a6948760ce
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca
14e60d13b93db6d3362c04b714da622840a3736df9bd592b2acf0e599a04416b
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5
20b48b9529dd98ff865d7cba801abbcd1006e7a18804b477dfb96cb848f690c9
27639455f2e9c87b8e9d22993f53b52711e6c0317cf66876a3e16db8af535686
28627331b8e328fd30a18b05cba4ac67c91d50549b5c8eba81868fcd64ab9702
2acd56db5d22e817a6aed118c4506e242e22b747af782a0d1b4bcf7ec493c7b3
3ceb0522bf2a32da9c67d49e211bed847d761f1f0495d030734f75e725598dce
43629ae2d4da09b8bd9312007e071ebff300e4e5e81e4b8b3e4f5e2a5820774c
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4a181707b62a2e32de395e98e92a7dc71e5007be0a540343a006c415ccbdbef1
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538
4bedb8798259dcc4e32a7cf1c3867680d285be84c4081b4a7fe73b745202b0dc
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
58ec10da0d86efff8c2f3846a190dfea204226424bcb714593d8d04e8e716fad
603e4347a4c475b4aad4eca3dcf8cec81a67c8c275fb41ee75b926e7c648888f
63a66e1b3bb126e774cd303a9e80cc8615c66c6056fad6b8e303984772460b15
687fb27ed8df51935a6b49f3c2b9da41176ffbd2a81b824af23302c5e50de199
6ace7e5a67aeec033127347fe6d0e13b7ec27746fd1af2f8914efabce105451c
6b29f516afd45c976320627c1c65c04fc5ec1eab3149afd4d45bdce3ef87a0e8
6ec9784521c4a1d560257c24e0ba9e1d74a18b56c6cd0dd1bda0f6fa295f00a4
6fa1b4e37d7b21750150144adba6bb4514bcff546ff9accff2571e61d6ddeac8
6fd951519999c4f446db71f347635025addb27c21d3b5915d498732ea1eec927
7906e66d33a65d36b932b9cf49fce90202c3b87c68ccf7f08c48d2770bff258d
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
80174969764673851b6aa49f7f2db4e556666c28a1a23466ab984b1743eb0aa7
8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d
84d34890d670cc72630c39d56f144fa87bf328c3a9775398f3c41387fea0c4d7
8591bd5866850d9ce6364055d34f31055fef11f1705518cae23d87a57ef99933
9144aa9dfd0644f2f333905a018bcda112d775b372436d30e183d79cd2610d00
938b69396c1ec191929ff15badb7b213106417883c72522e656eec491154c631
940fe5d834e04fbc5c7324598493a8bc541782860906eebb9bf086d267a40da2
975509ca3c482ec0fa51debff6a08e0f493b4d58aa8133b9b69c691e325f4d56
98c0ce38c154317731becfe02c80432cc6b0ccd92a677e638067c638cfa7ada3
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9fcedc14a76730f7c9fcd7e9dc42bf6c4f15a2d1557926dc42f6cf42c4c9a356
a02859d522d0ddc8d1bb3162c80270a2b60578134c209bedc0d020d1647780c5
a8a5f5ebe2803d1a4c14ba8d7fcf37e8446061c0fc382776fbfec789409f384f
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
adaa123fa1d0f7f5193b7bb75a292de024c06db7633318fa179b94a3479df99d
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
af337a5f2c932e9b0e897ac887fd78d805ef7a1ef097c4e248afa8eb1ffba426
af409b4de6ea0c9908395ec5191eff44782cb993eb745da5be594df285f309ec
b98debd222cf3f23b9b38e0a431e1bd41e839eb44855611b8f4d6573ded1ee43
bddcb23a065db2df2d6c8298e0c41a8eb5a04d28b641ac3100392fe921522782
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cedc9155263d1f634191e71f3c9ce256b315f833e375739ed0e65087996428cc
cfc54c5c825952e09b726710b25fa6c04bfec351663d88c7fffa11444bf76d94
d530a9cfdecc1885f577fe4987862765a9d6f6a9c0bb99e437823321c3235df4
d8cbb12d7b6332a9170b8a586eb8249477ce2b92ff714d225918fd5aedbc995f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e394cc0aceb1a95f48644d373ceb7a7cb2cd3a1b2976b9cb72f59385642ca5df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
ed2681d2b550fc2c261293fa14245dbba6b883c4b5677aa56e4d616cf9e85b0d
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a0d87f2d0f9b7a37982c54b57129bf7d2b74b6e401cdd9adbe43e760c89bc3
f80fe32374201408d84bfa0f7a67e325c38d4c4a8f44517ce3e1373c4de9fa7d

ohiodems.org Open in urlscan Pro 2606:4700:10::6816:2c4c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

79 Requests

97 %HTTPS

84 %IPv6

16 Domains

22 Subdomains

20 IPs

3 Countries

2852 kBTransfer

7240 kBSize

10 Cookies

20 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ohiodems.org Open in urlscan Pro
2606:4700:10::6816:2c4c Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

97 %
HTTPS

84 %
IPv6

16
Domains

22
Subdomains

20
IPs

3
Countries

2852 kB
Transfer

7240 kB
Size

10
Cookies

79 HTTP transactions
0 data transactions