ohiodems.org Open in urlscan Pro
2606:4700:10::6816:2d4c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ohiodems.org/
Submission: On March 12 via api (March 12th 2024, 11:07:39 pm UTC) from DE — Scanned from DE

Summary HTTP 79 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 17 domains to perform 79 HTTP transactions. The main IP is 2606:4700:10::6816:2d4c, located in United States and belongs to CLOUDFLARENET, US. The main domain is ohiodems.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 2nd 2023. Valid for: a year.

This is the only time ohiodems.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	2606:4700:10:... 2606:4700:10::6816:2d4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:249... 2600:9000:2490:9e00:3:1d53:4780:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
6	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 _) (CDN77 _)
4	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
1	18.172.112.16 18.172.112.16	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	35.169.67.61 35.169.67.61	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:1f14:5db... 2600:1f14:5db:eb00:117:26e:7bdd:51f8	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:225... 2600:9000:2251:d000:12:303c:8700:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
79	20

35 2606:4700:10::6816:2d4c (United States)

ASN13335 (CLOUDFLARENET, US)

ohiodems.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2490:9e00:3:1d53:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.112.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-16.fra60.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.169.67.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-67-61.compute-1.amazonaws.com

t.spbx.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:5db:eb00:117:26e:7bdd:51f8 (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2251:d000:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)

d3rse9xjbp8270.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	ohiodems.org ohiodems.org	6 MB
7	userway.org cdn.userway.org — Cisco Umbrella Rank: 3126 api.userway.org — Cisco Umbrella Rank: 3117	62 KB
4	cloudfront.net d3rse9xjbp8270.cloudfront.net	116 KB
4	ngpvan.com profile.ngpvan.com — Cisco Umbrella Rank: 55853 secure.ngpvan.com — Cisco Umbrella Rank: 152884 fastaction.ngpvan.com Failed	6 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2089	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	254 KB
3	everyaction.com static.everyaction.com — Cisco Umbrella Rank: 85029	263 KB
3	typekit.net use.typekit.net — Cisco Umbrella Rank: 457 p.typekit.net — Cisco Umbrella Rank: 552	16 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 ajax.googleapis.com — Cisco Umbrella Rank: 368	32 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	305 B
2	spbx.app t.spbx.app	744 B
1	google.de www.google.de — Cisco Umbrella Rank: 6744	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	251 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2656	54 B
1	verygoodvault.com js.verygoodvault.com — Cisco Umbrella Rank: 22942	44 KB
1	gstatic.com fonts.gstatic.com	34 KB
79	17

	Domain	Requested by
35	ohiodems.org	ohiodems.org
6	cdn.userway.org	ohiodems.org cdn.userway.org
4	d3rse9xjbp8270.cloudfront.net	static.everyaction.com d3rse9xjbp8270.cloudfront.net
3	connect.facebook.net	ohiodems.org connect.facebook.net
3	secure.ngpvan.com	static.everyaction.com ohiodems.org
3	www.googletagmanager.com	ohiodems.org www.googletagmanager.com www.google-analytics.com
3	static.everyaction.com	ohiodems.org static.everyaction.com
2	www.facebook.com	ohiodems.org
2	t.spbx.app	www.googletagmanager.com ohiodems.org
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	use.typekit.net	ohiodems.org use.typekit.net
2	fonts.googleapis.com	ohiodems.org
1	www.google.de	ohiodems.org
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	api.userway.org	cdn.userway.org
1	region1.google-analytics.com	www.googletagmanager.com
1	js.verygoodvault.com	static.everyaction.com
1	profile.ngpvan.com	static.everyaction.com
1	fonts.gstatic.com	fonts.googleapis.com
1	p.typekit.net	use.typekit.net
1	ajax.googleapis.com	ohiodems.org
0	fastaction.ngpvan.com Failed	static.everyaction.com
79	23

This site contains links to these domains. Also see Links.

Domain
secure.actblue.com
792c17.myshopify.com
www.facebook.com
twitter.com
www.instagram.com
fastaction.ngpvan.com
www.mobilize.us
www.voteohio.gov

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
static.everyaction.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
1667503734.rsc.cdn77.org R3	`2024-02-27` - `2024-05-27`	3 months	crt.sh
*.ngpvan.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-11-07` - `2024-11-06`	a year	crt.sh
*.verygoodvault.com Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-21` - `2024-03-20`	3 months	crt.sh
t.spbx.app Amazon RSA 2048 M01	`2023-04-13` - `2024-05-11`	a year	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ohiodems.org/
Frame ID: DC44F94019E514160CDFA60B20ED50C6
Requests: 79 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ohio Democrats - Fighting For Ohio Workers

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

79
Requests

97 %
HTTPS

84 %
IPv6

17
Domains

23
Subdomains

20
IPs

3
Countries

6711 kB
Transfer

9024 kB
Size

10
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.actblue.com/donate/odpwebsite_22
Title: Donate

Search URL Search Domain Scan URL

URL: https://792c17.myshopify.com/
Title: Store

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OHDems

Search URL Search Domain Scan URL

URL: https://twitter.com/OHDems

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ohdems/

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/ohiodemsinvest_2024?refcode=website&amount=5&recurring=true
Title: $5

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/ohiodemsinvest_2024?refcode=website&amount=10&recurring=true
Title: 10

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/ohiodemsinvest_2024?refcode=website&amount=20.24&recurring=true
Title: $20.24

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/ohiodemsinvest_2024?refcode=website&amount=50&recurring=true
Title: $50

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/ohiodemsinvest_2024?refcode=website&amount=100&recurring=true
Title: $100

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/ohiodemsinvest_2024?refcode=website&amount=250&recurring=true
Title: $250

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/ohiodemsinvest_2024?refcode=website&amount=500&recurring=true
Title: $500

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/ohiodemsinvest_2024?refcode=website&amount=1000&recurring=true
Title: $1000

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: https://www.mobilize.us/ohdems/
Title: Get Involved

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/dcccfrontlineohio_24?refcode=website
Title: Act Now!

Search URL Search Domain Scan URL

URL: https://www.voteohio.gov/
Title: Ohio Voter Information Center www.voteohio.gov

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ohiodems.org/ 37 KB
10 KB 811ms
772ms Document
text/html 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: ad4a306b1f51f38e21d5e719b2d7ab77d7baac7044f4e725015e358e0610f3cc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 863770e2b99a718b-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 12 Mar 2024 23:07:32 GMT
link: <https://ohiodems.org/wp-json/>; rel="https://api.w.org/"
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 style.min.css
ohiodems.org/wp-includes/css/dist/block-library/ 108 KB
14 KB 583ms
581ms Stylesheet
text/css 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 24 Jan 2024 19:02:28 GMT
server: cloudflare
etag: W/"6c06da-1ae43-60fb5b4423900-br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 863770e79de0718b-FRA

GET
H2 200 styles.css
ohiodems.org/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 582ms
580ms Stylesheet
text/css 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.6
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:32 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Thu, 18 Jan 2024 19:09:08 GMT
server: cloudflare
etag: W/"6c1405-b4e-60f3d1910a43b-br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 863770e79de2718b-FRA

GET
H2 200 style.css
ohiodems.org/wp-content/themes/altitude-pro/ 68 KB
13 KB 583ms
582ms Stylesheet
text/css 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/altitude-pro/style.css?ver=3.5.0.12620241955
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 938b69396c1ec191929ff15badb7b213106417883c72522e656eec491154c631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2024 19:55:37 GMT
server: cloudflare
etag: W/"6c594a-11168-60fdeae0c4349-br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 863770e79de4718b-FRA

GET
H2 200 dashicons.min.css
ohiodems.org/wp-includes/css/ 58 KB
35 KB 575ms
574ms Stylesheet
text/css 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-includes/css/dashicons.min.css?ver=6.4.3
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:32 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: cloudflare
etag: W/"6c765d-e688-5bca85cdbf580-br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 863770e79de6718b-FRA

GET
H2 200 css
fonts.googleapis.com/ 2 KB
902 B 121ms
43ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ek+Mukta%3A200%2C800&display=swap&ver=1.5.0

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a181707b62a2e32de395e98e92a7dc71e5007be0a540343a006c415ccbdbef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Mar 2024 23:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Mar 2024 23:07:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Mar 2024 23:07:32 GMT

GET
H2 200 style.css
ohiodems.org/wp-content/plugins/cf7-conditional-fields/ 2 KB
648 B 594ms
593ms Stylesheet
text/css 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/plugins/cf7-conditional-fields/style.css?ver=2.4.6
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cedc9155263d1f634191e71f3c9ce256b315f833e375739ed0e65087996428cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 18 Jan 2024 19:09:06 GMT
server: cloudflare
etag: W/"6c13e3-651-60f3d18fdb870-br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 863770e79de7718b-FRA

GET
H2 200 jquery.min.js Show response
ohiodems.org/wp-includes/js/jquery/ 86 KB
30 KB 599ms
598ms Script
application/javascript 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 08 Nov 2023 14:35:09 GMT
server: cloudflare
etag: W/"6c7c0e-15601-609a4fe800695-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 863770e79de8718b-FRA

GET
H2 200 jquery-migrate.min.js Show response
ohiodems.org/wp-includes/js/jquery/ 13 KB
5 KB 573ms
572ms Script
application/javascript 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:32 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: cloudflare
etag: W/"6c7c06-3509-5fdabee5f2100-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 863770e79de9718b-FRA

GET
H2 200 tug2lqm.css
use.typekit.net/ 2 KB
866 B 201ms
171ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/tug2lqm.css

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

ed2681d2b550fc2c261293fa14245dbba6b883c4b5677aa56e4d616cf9e85b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 12 Mar 2024 23:07:32 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 643

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
723 B 122ms
44ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;600&display=swap

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af409b4de6ea0c9908395ec5191eff44782cb993eb745da5be594df285f309ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Mar 2024 23:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Mar 2024 23:07:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Mar 2024 23:07:32 GMT

GET
H2 200 nav_fb.png
ohiodems.org/wp-content/uploads/2024/01/ 5 KB
5 KB 571ms
570ms Image
image/png 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2024/01/nav_fb.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98debd222cf3f23b9b38e0a431e1bd41e839eb44855611b8f4d6573ded1ee43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:32 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Jan 2024 19:33:00 GMT
server: cloudflare
etag: "6c03c0-1327-60f3d6e704cc9"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 863770e79dec718b-FRA
content-length: 4903

GET
H2 200 nav_tw.png
ohiodems.org/wp-content/uploads/2024/01/ 6 KB
6 KB 567ms
567ms Image
image/png 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2024/01/nav_tw.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bddcb23a065db2df2d6c8298e0c41a8eb5a04d28b641ac3100392fe921522782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:32 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 18 Jan 2024 19:33:00 GMT
server: cloudflare
etag: "6c03bd-1966-60f3d6e69ccb5"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 863770e79dee718b-FRA
content-length: 6502

GET
H2 200 nav_ig.png
ohiodems.org/wp-content/uploads/2024/01/ 7 KB
7 KB 597ms
597ms Image
image/png 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2024/01/nav_ig.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7906e66d33a65d36b932b9cf49fce90202c3b87c68ccf7f08c48d2770bff258d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 18 Jan 2024 19:32:59 GMT
server: cloudflare
etag: "6c03bb-1cb9-60f3d6e639ac2"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 863770eb18bf718b-FRA
content-length: 7353

GET
H2 200 hero_logo.png
ohiodems.org/wp-content/uploads/2022/06/ 44 KB
44 KB 573ms
573ms Image
image/png 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2022/06/hero_logo.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98c0ce38c154317731becfe02c80432cc6b0ccd92a677e638067c638cfa7ada3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 28 Jun 2022 13:20:02 GMT
server: cloudflare
etag: "6e1778-b01b-5e281e4e5e136"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 863770eb28c2718b-FRA
content-length: 45083

GET
H2 200 webpopup.jpg
ohiodems.org/wp-content/uploads/2023/11/ 164 KB
165 KB 575ms
573ms Image
image/jpeg 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2023/11/webpopup.jpg
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9144aa9dfd0644f2f333905a018bcda112d775b372436d30e183d79cd2610d00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Wed, 08 Nov 2023 02:50:00 GMT
server: cloudflare
etag: "960464-29163-6099b24b0145e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 863770eb8968718b-FRA
content-length: 168291

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 116ms
36ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 14:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 14:38:03 GMT

GET
H2 200 at.js Show response
static.everyaction.com/ea-actiontag/ 843 KB
237 KB 75ms
11ms Script
application/javascript 2600:9000:2490:9e00:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:9e00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61dbcbef97240ee8e715b49b761817ae239fd06f8786d8c4f3b1d57e8a36d2c3

Request headers

Referer: https://ohiodems.org/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 14:37:38 GMT
content-encoding: gzip
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 30595
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 241668
last-modified: Tue, 12 Mar 2024 14:37:28 GMT
server: AmazonS3
etag: "9273b9132f4fc9f01f3018af1e1f7f9b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: ha6a9GYaU_t1Mb6R-y0HwhIRflATwD-E0tQM8to3oJaZ9P_D3-jNNA==

GET
H2 200 at.min.css
static.everyaction.com/ea-actiontag/ 59 KB
12 KB 74ms
10ms Stylesheet
text/css 2600:9000:2490:9e00:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.min.css
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:9e00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5c974f1e5d7bbff53628c97444ed7201fd2e60f802096fe97dcb8bb88b92165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 14:37:38 GMT
content-encoding: gzip
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 30595
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11704
last-modified: Tue, 12 Mar 2024 14:37:28 GMT
server: AmazonS3
etag: "9145c1834d4c50ce8964c2b6b23d92eb"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: AIPswigZkSeOUY6dt4p1-r3OhwhpxHBckWHpCQGIYctfG6CyIdQuEQ==

GET
H2 200 overhanglogo.png
ohiodems.org/wp-content/uploads/2022/04/ 9 KB
9 KB 577ms
576ms Image
image/png 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2022/04/overhanglogo.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 687fb27ed8df51935a6b49f3c2b9da41176ffbd2a81b824af23302c5e50de199

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 08 Apr 2022 19:53:06 GMT
server: cloudflare
etag: "6e0bcd-2463-5dc29f17409f9"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 863770eb9976718b-FRA
content-length: 9315

GET
H2 200 cutouts.jpg
ohiodems.org/wp-content/uploads/2022/04/ 222 KB
222 KB 582ms
581ms Image
image/jpeg 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2022/04/cutouts.jpg
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43629ae2d4da09b8bd9312007e071ebff300e4e5e81e4b8b3e4f5e2a5820774c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Fri, 08 Apr 2022 19:42:43 GMT
server: cloudflare
etag: "6e0bc4-376d6-5dc29cc585f9f"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 863770eb9978718b-FRA
content-length: 227030

GET
H2 200 foot_fb.png
ohiodems.org/wp-content/uploads/2022/07/ 5 KB
5 KB 571ms
570ms Image
image/png 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2022/07/foot_fb.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8a5f5ebe2803d1a4c14ba8d7fcf37e8446061c0fc382776fbfec789409f384f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 06 Jul 2022 20:56:13 GMT
server: cloudflare
etag: "90384a-123b-5e3293316197f"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 863770eb9979718b-FRA
content-length: 4667

GET
H2 200 foot_tw.png
ohiodems.org/wp-content/uploads/2022/07/ 6 KB
6 KB 581ms
580ms Image
image/png 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2022/07/foot_tw.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec9784521c4a1d560257c24e0ba9e1d74a18b56c6cd0dd1bda0f6fa295f00a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Jul 2022 20:56:14 GMT
server: cloudflare
etag: "90384d-1869-5e3293319f1e6"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 863770eb997b718b-FRA
content-length: 6249

GET
H2 200 foot_ig.png
ohiodems.org/wp-content/uploads/2022/07/ 7 KB
7 KB 596ms
595ms Image
image/png 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2022/07/foot_ig.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28627331b8e328fd30a18b05cba4ac67c91d50549b5c8eba81868fcd64ab9702

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Jul 2022 20:56:14 GMT
server: cloudflare
etag: "90384f-1b75-5e329331dab0c"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 863770eb997c718b-FRA
content-length: 7029

GET
H2 200 index.js Show response
ohiodems.org/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 574ms
572ms Script
application/javascript 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.6
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Thu, 18 Jan 2024 19:09:08 GMT
server: cloudflare
etag: W/"6c1433-2b6d-60f3d1910bf93-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 863770eb8969718b-FRA

GET
H2 200 index.js Show response
ohiodems.org/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 577ms
576ms Script
application/javascript 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.6
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Thu, 18 Jan 2024 19:09:08 GMT
server: cloudflare
etag: W/"6c1411-337e-60f3d1910aff3-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 863770eb896a718b-FRA

GET
H2 200 hoverIntent.min.js Show response
ohiodems.org/wp-includes/js/ 1 KB
813 B 571ms
569ms Script
application/javascript 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: cloudflare
etag: W/"6c7ad1-5db-5dc2a2438e980-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 863770eb896d718b-FRA

GET
H2 200 superfish.min.js Show response
ohiodems.org/wp-content/themes/genesis/lib/js/menu/ 4 KB
2 KB 581ms
579ms Script
application/javascript 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2024 16:04:12 GMT
server: cloudflare
etag: W/"7a202c-1193-60fdb7275fbef-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 863770eb896e718b-FRA

GET
H2 200 superfish.args.min.js Show response
ohiodems.org/wp-content/themes/genesis/lib/js/menu/ 132 B
241 B 567ms
565ms Script
application/javascript 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=3.5.0
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2024 16:04:12 GMT
server: cloudflare
etag: W/"7a202e-84-60fdb7275fbef-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 863770eb896f718b-FRA

GET
H2 200 skip-links.min.js Show response
ohiodems.org/wp-content/themes/genesis/lib/js/ 386 B
336 B 568ms
566ms Script
application/javascript 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.5.0
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2024 16:04:12 GMT
server: cloudflare
etag: W/"7a2014-182-60fdb7275c53f-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 863770eb8970718b-FRA

GET
H2 200 global.js Show response
ohiodems.org/wp-content/themes/altitude-pro/js/ 507 B
405 B 579ms
578ms Script
application/javascript 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/altitude-pro/js/global.js?ver=1.5.0
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2acd56db5d22e817a6aed118c4506e242e22b747af782a0d1b4bcf7ec493c7b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 30 Mar 2022 19:06:34 GMT
server: cloudflare
etag: W/"6e1172-1fb-5db743e7a8a62-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 863770eb8971718b-FRA

GET
H2 200 responsive-menus.min.js Show response
ohiodems.org/wp-content/themes/altitude-pro/js/ 4 KB
1 KB 570ms
568ms Script
application/javascript 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/altitude-pro/js/responsive-menus.min.js?ver=1.5.0
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fd951519999c4f446db71f347635025addb27c21d3b5915d498732ea1eec927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 30 Mar 2022 19:06:34 GMT
server: cloudflare
etag: W/"6e1174-e64-5db743e8056cc-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 863770eb8972718b-FRA

GET
H2 200 home.js Show response
ohiodems.org/wp-content/themes/altitude-pro/js/ 1 KB
645 B 572ms
571ms Script
application/javascript 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/altitude-pro/js/home.js?ver=1.5.0
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58ec10da0d86efff8c2f3846a190dfea204226424bcb714593d8d04e8e716fad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 30 Mar 2022 19:06:34 GMT
server: cloudflare
etag: W/"6e1173-444-5db743e7fca2b-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 863770eb8973718b-FRA

GET
H2 200 scripts.js Show response
ohiodems.org/wp-content/plugins/cf7-conditional-fields/js/ 54 KB
12 KB 584ms
583ms Script
application/javascript 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.4.6
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0a0d87f2d0f9b7a37982c54b57129bf7d2b74b6e401cdd9adbe43e760c89bc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 18 Jan 2024 19:09:06 GMT
server: cloudflare
etag: W/"6c13df-d9c4-60f3d18fdb0a0-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 863770eb9974718b-FRA

GET
BLOB 200
OK b7608fb8-cc95-43da-9735-8e828d881ff1
https://ohiodems.org/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ohiodems.org/b7608fb8-cc95-43da-9735-8e828d881ff1
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 220 KB
79 KB 138ms
59ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W998DQN

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97d6655243f49ef563ffb15ea63d39c9a459b07f007a2955378498f935cb3999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80275
x-xss-protection: 0
last-modified: Tue, 12 Mar 2024 21:26:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Mar 2024 23:07:33 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 10ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=tug2lqm&ht=tk&f=1757.1758&a=87808323&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tug2lqm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 ODP_sherrod.mp4
ohiodems.org/wp-content/uploads/homevideo/ 4 MB
4 MB 717ms
717ms Media
video/mp4 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/uploads/homevideo/ODP_sherrod.mp4
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5098bd5ecb8d7f0804f2077fcf44aabc21eb1ae0b05a574ec0552b8f8aef1bad

Request headers

Referer: https://ohiodems.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
cf-cache-status: EXPIRED
last-modified: Wed, 25 Jan 2023 19:21:04 GMT
server: cloudflare
etag: W/"6c25af-3c32f1-5f31b888dccd5-br"
vary: Accept-Encoding
content-type: video/mp4
cache-control: max-age=14400
cf-ray: 863770eb997d718b-FRA

GET
H2 200 navlogo.png
ohiodems.org/wp-content/uploads/2022/04/ 3 KB
4 KB 568ms
568ms Image
image/png 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2022/04/navlogo.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f80fe32374201408d84bfa0f7a67e325c38d4c4a8f44517ce3e1373c4de9fa7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Apr 2022 19:17:59 GMT
server: cloudflare
etag: "6e0123-def-5dc2973e6d7fa"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 863770eb9985718b-FRA
content-length: 3567

GET
H2 200 splashex.png
ohiodems.org/wp-content/uploads/2023/06/ 3 KB
3 KB 593ms
592ms Image
image/png 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2023/06/splashex.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/wp-content/themes/altitude-pro/style.css?ver=3.5.0.12620241955
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20b48b9529dd98ff865d7cba801abbcd1006e7a18804b477dfb96cb848f690c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/wp-content/themes/altitude-pro/style.css?ver=3.5.0.12620241955
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 07 Jun 2023 17:47:52 GMT
server: cloudflare
etag: "8e2760-a50-5fd8dbc28234b"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 863770eb998d718b-FRA
content-length: 2640

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ 34 KB
34 KB 117ms
35ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 02:41:24 GMT
x-content-type-options: nosniff
age: 73569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34328
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 01:54:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 02:41:24 GMT

GET
H2 200 l
use.typekit.net/af/8a5466/0000000000000000773598c3/30/ 15 KB
15 KB 36ms
14ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8a5466/0000000000000000773598c3/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tug2lqm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3ceb0522bf2a32da9c67d49e211bed847d761f1f0495d030734f75e725598dce

Request headers

Referer: https://use.typekit.net/tug2lqm.css
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
server: nginx
etag: "01fe4e911d7beee6e4b155fedcfa329f094a89d5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15544

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 47ms
7ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: adaa123fa1d0f7f5193b7bb75a292de024c06db7633318fa179b94a3479df99d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 12 Mar 2024 23:07:33 GMT
via: 1.1 adffa554e502bb59dc89f14ddc6170ce.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 620
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 2130
x-accel-date: 1710282723
x-77-nzt: EgwBw7WvJwH3UggAAAwB1GY4EQH3BwAAAA
x-accel-expires: @1710286323
x-77-age: 2137
last-modified: Sat, 09 Mar 2024 18:19:13 GMT
server: CDN77-Turbo
etag: W/"14400e3cc853150c8b7727d281dc1424"
x-77-nzt-ray: 25b021317b3a475135e0f0655b62e90f
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: ahPRguBhTM4bl51Yz9NXxiCSDbZ09TQ3YMpmxssx5glslcy1b1YcAg==

GET
H2 200 doublearrow.png
ohiodems.org/wp-content/uploads/2022/04/ 1 KB
2 KB 568ms
568ms Image
image/png 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2022/04/doublearrow.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/wp-content/themes/altitude-pro/style.css?ver=3.5.0.12620241955
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0258d5c0d15c32511b30a8ca0a0df3fc93a6174244c3f8d011c781a6948760ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/wp-content/themes/altitude-pro/style.css?ver=3.5.0.12620241955
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Apr 2022 17:56:27 GMT
server: cloudflare
etag: "6e0019-5d0-5dc64a9d3c05d"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 863770ecbaeb718b-FRA
content-length: 1488

GET
H2 200 Congressional-Endorsement-Cropped-1.jpg
ohiodems.org/wp-content/uploads/2024/01/ 184 KB
184 KB 576ms
576ms Image
image/jpeg 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2024/01/Congressional-Endorsement-Cropped-1.jpg
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27639455f2e9c87b8e9d22993f53b52711e6c0317cf66876a3e16db8af535686

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Fri, 19 Jan 2024 18:39:25 GMT
server: cloudflare
etag: "6c03cd-2dffb-60f50cca14dc5"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 863770ecbaee718b-FRA
content-length: 188411

GET
H2 200 DNC-Obama-scaled.jpg
ohiodems.org/wp-content/uploads/2023/08/ 1 MB
1 MB 704ms
704ms Image
image/jpeg 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2023/08/DNC-Obama-scaled.jpg
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc54c5c825952e09b726710b25fa6c04bfec351663d88c7fffa11444bf76d94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Aug 2023 17:13:55 GMT
server: cloudflare
etag: "8e5ecb-118099-60321897c6a1b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 863770ecbaef718b-FRA
content-length: 1147033

GET
H2 200 extra.min.css
static.everyaction.com/ea-actiontag/ 78 KB
14 KB 9ms
9ms Stylesheet
text/css 2600:9000:2490:9e00:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:9e00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bde98d03e692205a234f91cd6e3af67e9fe47a2b37fe4460f3dea6953f4f86f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 14:37:36 GMT
content-encoding: gzip
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 30598
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 14169
last-modified: Tue, 12 Mar 2024 14:37:28 GMT
server: AmazonS3
etag: "fb339c13a0237da00bc69c94ca53a865"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: 8fXOchMp_lEduxVn7VQWDLTfF8djh6jerrIzQZ_Hdb-T4ZxWEZs3YQ==

GET
H2 204 identity Show response
profile.ngpvan.com/ 0
634 B 427ms
393ms Script
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
reason: Returned 204 - No Content. Referrer not whitelisted
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express, ASP.NET
x-iinfo: 6-42571873-42571877 NNNN CT(92 194 0) RT(1710284852611 12) q(0 0 3 -1) r(4 4) U24
x-incap-sess-cookie-hdr: yEoXXo0kpQcrQ9qUJnshCjXg8GUAAAAAhX/F90992nNJVipl6woBvA==
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 200
OK vgs-collect.js Show response
js.verygoodvault.com/vgs-collect/2.18.4/ 134 KB
44 KB 33ms
9ms Script
application/javascript 18.172.112.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
Content-Encoding: gzip
Via: 1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
Date: Tue, 12 Mar 2024 23:07:04 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 30
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:55 GMT
Server: AmazonS3
ETag: W/"156be461dd96d02fce3792c020f7748a"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
X-Amz-Cf-Id: EwoGtrTerAbUxamtOQqGdRTWhyCwAcnNJlYAiLhr7ia4OI16QTuKyg==

GET
H2 200 VcPCd5Dn0Ua_PjWti7X70w2 Show response
secure.ngpvan.com/v1/Forms/ 12 KB
5 KB 435ms
404ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/v1/Forms/VcPCd5Dn0Ua_PjWti7X70w2

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

84d34890d670cc72630c39d56f144fa87bf328c3a9775398f3c41387fea0c4d7

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ohiodems.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 14-74860985-74860987 NNNN CT(89 188 0) RT(1710284852627 10) q(0 0 3 0) r(4 4) U18
content-length: 4497
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ohiodems.org
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: i2pVXQAjFSEgjdqUJnshCjXg8GUAAAAA3PIdked/WNiwAahVtyXy7Q==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 252 KB
88 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SYH1Q91FVJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W998DQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e590390b63b0451e2e74d1c8a4e8ec8fdadef1d827177d44e45e15667ef3289d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89528
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Mar 2024 23:07:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 116ms
36ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W998DQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Mar 2024 21:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4765
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 12 Mar 2024 23:48:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 215 KB
58 KB 22ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Mar 2024 23:07:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1326, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: +8OsWMs2NikTcPRb8n6H9kvSSMu8JUuo50iweXsCtdBWGnq9f+qsuyaWdD80ZJYdsdZA6Jw545P3IDuLVCKOaA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 wire.js Show response
t.spbx.app/ 205 B
411 B 484ms
103ms Script
text/javascript 35.169.67.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://t.spbx.app/wire.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W998DQN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.169.67.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-67-61.compute-1.amazonaws.com
Software: /
Resource Hash: e394cc0aceb1a95f48644d373ceb7a7cb2cd3a1b2976b9cb72f59385642ca5df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Tue, 12 Mar 2024 23:07:33 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
last-modified: Tue, 12 Mar 2024 23:07:33 GMT
content-length: 205
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 502143008408261 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 108ms
108ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/502143008408261?v=2.9.148&r=stable&domain=ohiodems.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

603e4347a4c475b4aad4eca3dcf8cec81a67c8c275fb41ee75b926e7c648888f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Mar 2024 23:07:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=63, mss=1326, tbw=62481, tp=-1, tpl=-1, uplat=100, ullat=0
pragma: public
x-fb-debug: 8tuE9IBqd93EnaGlKDbvjBrRvmid8sXgLj8aLs8kryS9NH1eWrCBL2+ZWN85AOyLm0CcgCRdIKXhuW10oPXJig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
242 B 52ms
20ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SYH1Q91FVJ&gtm=45je43b0v893053656z8893054107za200&_p=1710284853040&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=983961092.1710284853&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710284853&sct=1&seg=0&dl=https%3A%2F%2Fohiodems.org%2F&dt=Ohio%20Democrats%20-%20Fighting%20For%20Ohio%20Workers&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1796
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SYH1Q91FVJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 23:07:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
218 B 43ms
42ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=172066244&t=pageview&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democrats%20-%20Fighting%20For%20Ohio%20Workers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=850521556&gjid=439520069&cid=983961092.1710284853&tid=UA-239877196-1&_gid=1555334196.1710284853&_r=1&_slc=1&gtm=45He43b0n81W998DQNv893054107za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=816387070

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6fa1b4e37d7b21750150144adba6bb4514bcff546ff9accff2571e61d6ddeac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 23:07:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1125958801654956 Show response
connect.facebook.net/signals/config/ 28 KB
5 KB 71ms
70ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1125958801654956?v=2.9.148&r=stable&domain=ohiodems.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C207%2C144%2C105%2C127%2C120%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fde16804275ee932741b4d24520254106f54d9fad1e54612f80d17edd12fa419

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Mar 2024 23:07:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4650, tp=12, tpl=0, uplat=63, ullat=0
pragma: public
x-fb-debug: DAsxOn8vzA+MEf3z7DxGv8HHEUJ/lY0gMJiENDDbB8YWAM6TL486GPEncKqErpUPAqNWQRvvyT11nCUKkcJbzQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 wp-emoji-release.min.js Show response
ohiodems.org/wp-includes/js/ 18 KB
5 KB 568ms
568ms Script
application/javascript 2606:4700:10::6816:2d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:34 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: cloudflare
etag: W/"6c7c9f-4904-5f3acfe01ab40-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 863770ef3d2d718b-FRA

GET
H2 200 widget_app_base_1710008228184.js Show response
cdn.userway.org/widgetapp/2024-03-09-18-17-08/ 151 KB
43 KB 20ms
7ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-03-09-18-17-08/widget_app_base_1710008228184.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 14e60d13b93db6d3362c04b714da622840a3736df9bd592b2acf0e599a04416b

Request headers

Referer: https://ohiodems.org/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 12 Mar 2024 23:07:33 GMT
via: 1.1 18a0c3f5e09e58d51d2e5d6f596d202e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 624
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 275798
x-accel-date: 1710009055
x-77-nzt: EgwBw7WvJwH3VjUEAAwBJRPCNAH3AgAAAA
x-accel-expires: @1735929053
x-77-age: 275800
last-modified: Sat, 09 Mar 2024 18:19:08 GMT
server: CDN77-Turbo
etag: W/"e2a2ae135ae5445364dcf413e0b89810"
x-77-nzt-ray: 25b02131db24665535e0f0650e339f26
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: piqZcxFeIApNwbEBXmrEtYRBNHB6lbXi0qNUB0SX_0cSmMA6_QmmmA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 252 KB
87 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JQFF480XQ0&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

297a8667966e205cfc4ee1229302647f9d064cf66bb6f5368bd2ab3991606407

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:07:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89354
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Mar 2024 23:07:33 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 22ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=502143008408261&ev=PageView&dl=https%3A%2F%2Fohiodems.org%2F&rl=&if=false&ts=1710284853679&sw=1600&sh=1200&v=2.9.148&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1710284853678.2097738115&ler=empty&cdl=API_unavailable&it=1710284853341&coo=false&rqm=GET

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 12 Mar 2024 23:07:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 22ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1125958801654956&ev=PageView&dl=https%3A%2F%2Fohiodems.org%2F&rl=&if=false&ts=1710284853680&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1710284853678.2097738115&ler=empty&cdl=API_unavailable&cs_est=true&it=1710284853341&coo=false&rqm=GET

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 12 Mar 2024 23:07:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 R4wkoOZoql Show response
api.userway.org/api/tunings/ 504 B
890 B 539ms
177ms XHR
application/json 2600:1f14:5db:eb00:117:26e:7bdd:51f8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/R4wkoOZoql
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-09-18-17-08/widget_app_base_1710008228184.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:117:26e:7bdd:51f8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9fcedc14a76730f7c9fcd7e9dc42bf6c4f15a2d1557926dc42f6cf42c4c9a356

Request headers

Referer: https://ohiodems.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 12 Mar 2024 23:07:34 GMT
etag: W/"1f8-OAN7f0aPhFGlCxKN7Pwxjez3Gp8"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr18c7f4bacab5430
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 504
x-service-version: uw-pr

GET identity
fastaction.ngpvan.com/api/v2/ 0
0

GET
H2 200 intlTelInput.min.css
d3rse9xjbp8270.cloudfront.net/assets/styles/ 19 KB
20 KB 27ms
9ms Stylesheet
text/css 2600:9000:2251:d000:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/styles/intlTelInput.min.css
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80174969764673851b6aa49f7f2db4e556666c28a1a23466ab984b1743eb0aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 22:28:56 GMT
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jul 2022 18:06:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 2317
etag: "7e7462900c78bbf73c9dfde6c0b617fc"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 19755
x-amz-cf-id: lLeZM1cbtwVoVm6KGw30tq8dooVLgMX5YxYfdjBWZqdtFY4C2bbHVA==

GET
H2 200 intlTelInput.js Show response
d3rse9xjbp8270.cloudfront.net/assets/js/ 87 KB
21 KB 25ms
8ms Script
application/javascript 2600:9000:2251:d000:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/js/intlTelInput.js
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8591bd5866850d9ce6364055d34f31055fef11f1705518cae23d87a57ef99933

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 13:32:41 GMT
content-encoding: gzip
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 380093
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 20855
last-modified: Tue, 11 Apr 2023 14:36:04 GMT
server: AmazonS3
etag: "0d84f90a2a517cacd498722e0fe0500e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5hBEHD1pjzMzvhvpWOVVDqiDk7Q-_jWjOkXZLbeNiwKk4EuDowsFNw==

GET
H2 200 intl-tel.input.utils.js Show response
d3rse9xjbp8270.cloudfront.net/assets/js/ 245 KB
55 KB 31ms
14ms Script
application/javascript 2600:9000:2251:d000:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/js/intl-tel.input.utils.js
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 11:41:13 GMT
content-encoding: gzip
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 3842781
x-cache: Hit from cloudfront
content-length: 56004
last-modified: Tue, 12 Apr 2022 14:32:46 GMT
server: AmazonS3
etag: "4b9bf850ee4aa76202eb0e6f5948bfa8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: OEM-H5hfnrnk5WXXll1YxBcCBvhh5ZFqnyO_9zmsdDHWPtsOrDBNlg==

GET
H2 200 VcPCd5Dn0Ua_PjWti7X70w2
secure.ngpvan.com/v1/Track/ 0
215 B 112ms
111ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.ngpvan.com/v1/Track/VcPCd5Dn0Ua_PjWti7X70w2?formSessionId=1d6dc5cd-760e-4674-a535-a315f5847639&bName=chrome&dType=desktop&formVersion=6/30/2023%208:50:13%20PM|8/17/2022%202:52:39%20PM&fUrl=aHR0cHM6Ly9vaGlvZGVtcy5vcmcv&fRef=

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Tue, 12 Mar 2024 23:07:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 14-74860985-74860987 PNNN RT(1710284852627 433) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
x-incap-sess-cookie-hdr: 0Hv9USyRP3cgjdqUJnshCjXg8GUAAAAAQmtc4QHgqGlNe+QzlUg6Eg==
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 flags.png
d3rse9xjbp8270.cloudfront.net/assets/images/ 20 KB
20 KB 8ms
7ms Image
image/png 2600:9000:2251:d000:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/images/flags.png
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/assets/styles/intlTelInput.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3rse9xjbp8270.cloudfront.net/assets/styles/intlTelInput.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:07:04 GMT
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 5907629
x-cache: Hit from cloudfront
content-length: 20389
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "4e54a2ee652e9cddbd4ef6f8c46e5390"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-cf-id: n--XppFlDcWNXschp-EVrhdekT6s7JI-Tt29I3g4sUZK5fMTpn9Cag==

GET
H2 200 wire
t.spbx.app/ 43 B
333 B 1103ms
1103ms Image
image/gif 35.169.67.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.spbx.app/wire?u=https%3A%2F%2Fohiodems.org%2F
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.169.67.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-67-61.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 12 Mar 2024 23:07:34 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
last-modified: Tue, 12 Mar 2024 23:07:34 GMT
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JQFF480XQ0&gtm=45je43b0v9133832381za200&_p=1710284853040&_gaz=1&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=983961092.1710284853&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&dt=Ohio%20Democrats%20-%20Fighting%20For%20Ohio%20Workers&sid=1710284853&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2225
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JQFF480XQ0&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 23:07:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 55ms
18ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JQFF480XQ0&cid=983961092.1710284853&gtm=45je43b0v9133832381za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JQFF480XQ0&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 23:07:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 124ms
46ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JQFF480XQ0&cid=983961092.1710284853&gtm=45je43b0v9133832381za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1&z=681755035

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 23:07:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-03-09-18-17-08/locales/ 621 B
1006 B 7ms
7ms XHR
application/json 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-03-09-18-17-08/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-09-18-17-08/widget_app_base_1710008228184.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 12 Mar 2024 23:07:34 GMT
via: 1.1 577d8c1d3279d6a0f53cebe01ead8c6e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 613
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 275795
x-accel-date: 1710009059
x-77-nzt: EgwBw7WvJwH3UzUEAAwBJRPCMQH3DAAAAA
x-accel-expires: @1735929047
x-77-age: 275807
last-modified: Sat, 09 Mar 2024 18:19:07 GMT
server: CDN77-Turbo
etag: W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray: 25b02131db24665536e0f065c18e910d
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: Unmd_baIo9Rd3zZ2n025NeppBcducDdjS20qEEetszk5l9mFxrTeWw==

GET
H2 200 remediation-tool-free.js Show response
cdn.userway.org/remediation/free/ 28 KB
12 KB 7ms
7ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1710008228184
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-09-18-17-08/widget_app_base_1710008228184.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d8cbb12d7b6332a9170b8a586eb8249477ce2b92ff714d225918fd5aedbc995f

Request headers

Referer: https://ohiodems.org/
Origin: https://ohiodems.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 12 Mar 2024 23:07:34 GMT
via: 1.1 c53fb2c65e26830010100e7d773f73ae.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 622
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 275796
x-accel-date: 1710009058
x-77-nzt: EgwBw7WvJwH3VDUEAAwBJRPCNAH3BQAAAA
x-accel-expires: @1735929053
x-77-age: 275801
last-modified: Sat, 09 Mar 2024 18:19:12 GMT
server: CDN77-Turbo
etag: W/"62d721500af46ecc61ba9a22ff0abe06"
x-77-nzt-ray: 25b02131db24665536e0f065c1988b2b
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: WmSMQcSq6NszyHzlCal8orwjGagMD942rEG2PY_0bchMwTad8_flQA==

GET
H2 200 wheel_left_wh.svg
cdn.userway.org/widgetapp/images/ 3 KB
2 KB 8ms
7ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/wheel_left_wh.svg
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a02859d522d0ddc8d1bb3162c80270a2b60578134c209bedc0d020d1647780c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 12 Mar 2024 23:07:34 GMT
via: 1.1 7bf4f64fa64e134b5dbb63cabb0aa9e4.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: MUC50-P4
age: 7
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 275761
x-accel-date: 1710009093
x-77-nzt: EgwBw7WvJwH3MTUEAAwBisclwQH3JwAAAA
x-accel-expires: @1735929054
x-77-age: 275800
last-modified: Wed, 27 Dec 2023 13:17:34 GMT
server: CDN77-Turbo
etag: W/"9a2b8dbb4f8fa2f684bee94032650d79"
x-77-nzt-ray: 25b021317b3a475136e0f065146f852c
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: PQDDyXe5V8ucoGKoX8e65SBnVzuRetcClc4Ffo1zjI7ukr_GSDP3yQ==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 9ms
8ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 12 Mar 2024 23:07:34 GMT
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 275800
x-accel-date: 1710009054
x-77-nzt: EgwBw7WvJwH3WDUEAAwB1GY4EQH3BgAAAA
x-accel-expires: @1735929048
x-77-age: 275806
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: 25b021317b3a475136e0f06599f38e2c
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: z1O0IrM_OV18s2GxoOTCn6D7RSlzCFYvGQxoHUDWTwyhX27D21tNmw==

GET
H2 200 VcPCd5Dn0Ua_PjWti7X70w2
secure.ngpvan.com/v1/Track/ 0
193 B 108ms
108ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Tue, 12 Mar 2024 23:07:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 14-74860985-74860987 PNNN RT(1710284852627 1961) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
x-incap-sess-cookie-hdr: hjBlQ19fgR4gjdqUJnshCjbg8GUAAAAAQSIf37LmqhuWPIvf++5aGg==
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fastaction.ngpvan.com
URL: https://fastaction.ngpvan.com/api/v2/identity

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ohiodems.org/	1970-01-20 19:04:46	Name: __cf_bm Value: zK4Xud5oIINW5wqR7DUIpbvH0_0XPqx_tWcgRrj43qY-1710284852-1.0.1.1-RAQWkbAb6SdjFaJQewy4OleV.orWGfsw3iOfpfjb5jlrUrT4IxfWPX2MVqbwoZrIHzT0albEv.CZQrZvZbIwyg
.ohiodems.org/	1970-01-21 04:40:44	Name: _ga_SYH1Q91FVJ Value: GS1.1.1710284853.1.0.1710284853.0.0.0
.ohiodems.org/	1970-01-21 04:40:44	Name: _ga Value: GA1.2.983961092.1710284853
.ohiodems.org/	1970-01-20 19:06:11	Name: _gid Value: GA1.2.1555334196.1710284853
.ohiodems.org/	1970-01-20 19:04:44	Name: _gat_UA-239877196-1 Value: 1
.ohiodems.org/	1970-01-20 21:14:20	Name: _fbp Value: fb.1.1710284853678.2097738115
.ngpvan.com/	1970-01-21 03:50:18	Name: visid_incap_1002065 Value: RJGUBwXiSb+zG+2Da8PnrTTg8GUAAAAAQUIPAAAAAADoHYhMinO3e3akefM2iL9f
.ngpvan.com/	1969-12-31 23:59:59	Name: nlbi_1002065 Value: QkgwAWKgTFa2XHOq0IOYSwAAAABiA7vU/bUaN/cqaIwBopxU
.ngpvan.com/	1969-12-31 23:59:59	Name: incap_ses_730_1002065 Value: i1oUYDPpnDcgjdqUJnshCjXg8GUAAAAAFH6oovLEYe16UK1gj2ohIw==
.ohiodems.org/	1970-01-21 04:40:44	Name: _ga_JQFF480XQ0 Value: GS1.2.1710284853.1.0.1710284853.60.0.0

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/502143008408261?v=2.9.148&r=stable&domain=ohiodems.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://ohiodems.org/ Message: Access to XMLHttpRequest at 'https://fastaction.ngpvan.com/api/v2/identity' from origin 'https://ohiodems.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fastaction.ngpvan.com/api/v2/identity Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ohiodems.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.userway.org
cdn.userway.org
connect.facebook.net
d3rse9xjbp8270.cloudfront.net
fastaction.ngpvan.com
fonts.googleapis.com
fonts.gstatic.com
js.verygoodvault.com
ohiodems.org
p.typekit.net
profile.ngpvan.com
region1.analytics.google.com
region1.google-analytics.com
secure.ngpvan.com
static.everyaction.com
stats.g.doubleclick.net
t.spbx.app
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
fastaction.ngpvan.com
18.172.112.16
2001:4860:4802:32::36
2600:1f14:5db:eb00:117:26e:7bdd:51f8
2600:9000:2251:d000:12:303c:8700:21
2600:9000:2490:9e00:3:1d53:4780:93a1
2606:4700:10::6816:2d4c
2a00:1450:4001:80e::2008
2a00:1450:4001:812::200a
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:400c:c06::9d
2a02:26f0:3500:16::215:1495
2a02:6ea0:c700::11
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
35.169.67.61
45.60.33.183
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
0258d5c0d15c32511b30a8ca0a0df3fc93a6174244c3f8d011c781a6948760ce
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca
14e60d13b93db6d3362c04b714da622840a3736df9bd592b2acf0e599a04416b
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5
20b48b9529dd98ff865d7cba801abbcd1006e7a18804b477dfb96cb848f690c9
27639455f2e9c87b8e9d22993f53b52711e6c0317cf66876a3e16db8af535686
28627331b8e328fd30a18b05cba4ac67c91d50549b5c8eba81868fcd64ab9702
297a8667966e205cfc4ee1229302647f9d064cf66bb6f5368bd2ab3991606407
2acd56db5d22e817a6aed118c4506e242e22b747af782a0d1b4bcf7ec493c7b3
3ceb0522bf2a32da9c67d49e211bed847d761f1f0495d030734f75e725598dce
43629ae2d4da09b8bd9312007e071ebff300e4e5e81e4b8b3e4f5e2a5820774c
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4a181707b62a2e32de395e98e92a7dc71e5007be0a540343a006c415ccbdbef1
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5098bd5ecb8d7f0804f2077fcf44aabc21eb1ae0b05a574ec0552b8f8aef1bad
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
58ec10da0d86efff8c2f3846a190dfea204226424bcb714593d8d04e8e716fad
603e4347a4c475b4aad4eca3dcf8cec81a67c8c275fb41ee75b926e7c648888f
61dbcbef97240ee8e715b49b761817ae239fd06f8786d8c4f3b1d57e8a36d2c3
687fb27ed8df51935a6b49f3c2b9da41176ffbd2a81b824af23302c5e50de199
6ec9784521c4a1d560257c24e0ba9e1d74a18b56c6cd0dd1bda0f6fa295f00a4
6fa1b4e37d7b21750150144adba6bb4514bcff546ff9accff2571e61d6ddeac8
6fd951519999c4f446db71f347635025addb27c21d3b5915d498732ea1eec927
7906e66d33a65d36b932b9cf49fce90202c3b87c68ccf7f08c48d2770bff258d
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
80174969764673851b6aa49f7f2db4e556666c28a1a23466ab984b1743eb0aa7
8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d
84d34890d670cc72630c39d56f144fa87bf328c3a9775398f3c41387fea0c4d7
8591bd5866850d9ce6364055d34f31055fef11f1705518cae23d87a57ef99933
9144aa9dfd0644f2f333905a018bcda112d775b372436d30e183d79cd2610d00
938b69396c1ec191929ff15badb7b213106417883c72522e656eec491154c631
97d6655243f49ef563ffb15ea63d39c9a459b07f007a2955378498f935cb3999
98c0ce38c154317731becfe02c80432cc6b0ccd92a677e638067c638cfa7ada3
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9fcedc14a76730f7c9fcd7e9dc42bf6c4f15a2d1557926dc42f6cf42c4c9a356
a02859d522d0ddc8d1bb3162c80270a2b60578134c209bedc0d020d1647780c5
a8a5f5ebe2803d1a4c14ba8d7fcf37e8446061c0fc382776fbfec789409f384f
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
ad4a306b1f51f38e21d5e719b2d7ab77d7baac7044f4e725015e358e0610f3cc
adaa123fa1d0f7f5193b7bb75a292de024c06db7633318fa179b94a3479df99d
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
af409b4de6ea0c9908395ec5191eff44782cb993eb745da5be594df285f309ec
b98debd222cf3f23b9b38e0a431e1bd41e839eb44855611b8f4d6573ded1ee43
bddcb23a065db2df2d6c8298e0c41a8eb5a04d28b641ac3100392fe921522782
bde98d03e692205a234f91cd6e3af67e9fe47a2b37fe4460f3dea6953f4f86f6
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cedc9155263d1f634191e71f3c9ce256b315f833e375739ed0e65087996428cc
cfc54c5c825952e09b726710b25fa6c04bfec351663d88c7fffa11444bf76d94
d5c974f1e5d7bbff53628c97444ed7201fd2e60f802096fe97dcb8bb88b92165
d8cbb12d7b6332a9170b8a586eb8249477ce2b92ff714d225918fd5aedbc995f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e394cc0aceb1a95f48644d373ceb7a7cb2cd3a1b2976b9cb72f59385642ca5df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e590390b63b0451e2e74d1c8a4e8ec8fdadef1d827177d44e45e15667ef3289d
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
ed2681d2b550fc2c261293fa14245dbba6b883c4b5677aa56e4d616cf9e85b0d
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a0d87f2d0f9b7a37982c54b57129bf7d2b74b6e401cdd9adbe43e760c89bc3
f80fe32374201408d84bfa0f7a67e325c38d4c4a8f44517ce3e1373c4de9fa7d
fde16804275ee932741b4d24520254106f54d9fad1e54612f80d17edd12fa419

ohiodems.org Open in urlscan Pro 2606:4700:10::6816:2d4c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

79 Requests

97 %HTTPS

84 %IPv6

17 Domains

23 Subdomains

20 IPs

3 Countries

6711 kBTransfer

9024 kBSize

10 Cookies

20 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ohiodems.org Open in urlscan Pro
2606:4700:10::6816:2d4c Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

97 %
HTTPS

84 %
IPv6

17
Domains

23
Subdomains

20
IPs

3
Countries

6711 kB
Transfer

9024 kB
Size

10
Cookies

79 HTTP transactions
0 data transactions