urlscan.io logo urlscan.io
SecurityTrails logo

plamsasecrety.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www5.dmpcalibermail.com/caliberamp/main/index.php?action=t&tag=https%3A%2F%2Fwww.newrezwholesale.com%2F%3Futm_source%3Da...
Effective URL: https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
Submission: On July 31 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 19 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is plamsasecrety.com.
TLS certificate: Issued by GTS CA 1P5 on July 22nd 2023. Valid for: 3 months.
This is the only time plamsasecrety.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 216.205.154.87 7381 (SRS-6-Z-7381)
1 95.217.145.143 24940 (HETZNER-AS)
12 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
19 4
Apex Domain
Subdomains		 Transfer
12 plamsasecrety.com
plamsasecrety.com
167 KB
4 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6466
17 KB
2 dmplocal.com
caliberamp.dmplocal.com
2 KB
1 ytdownloadermp3.com
ytdownloadermp3.com
442 B
1 dmpcalibermail.com
www5.dmpcalibermail.com
639 B
19 5
Domain Requested by
12 plamsasecrety.com plamsasecrety.com
4 challenges.cloudflare.com plamsasecrety.com
challenges.cloudflare.com
2 caliberamp.dmplocal.com 2 redirects
1 ytdownloadermp3.com
1 www5.dmpcalibermail.com 1 redirects
19 5

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
ytdownloadermp3.com
R3		 2023-06-16 -
2023-09-14		 3 months crt.sh
plamsasecrety.com
GTS CA 1P5		 2023-07-22 -
2023-10-20		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 3 frames:

Primary Page: https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
Frame ID: 20AEAC39510691FA6A24E6A4B955BC7F
Requests: 19 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pncci/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 80B6987250374F5A0058019C39CBEC25
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8sj1j/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 3C56B00A9739F67642D9FF73366E1222
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov Page URL
  2. https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov Page URL

Page Statistics

19
Requests

89 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

184 kB
Transfer

464 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov Page URL
  2. https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www5.dmpcalibermail.com/caliberamp/main/index.php?action=t&tag=https%3A%2F%2Fwww.newrezwholesale.com%2F%3Futm_source%3Damp&utm_medium=email&utm_campaign=footer_logo&utm_content=%5Bemail%3Acampaign_name%5D&id=3001056&contact_uuid=d0cc097f-162a-4057-a799-b15f2e95733b&dest=https%3A%2F%2Fytdownloadermp3.com%2Fscallering%2Fertuding%2FsJhvX1%2FYW5kcmV3Lmphbm5pbmdAZHlzLm9oaW8uZ292 HTTP 301
  • http://caliberamp.dmplocal.com/main/index.php?action=t&tag=https%3A%2F%2Fwww.newrezwholesale.com%2F%3Futm_source%3Damp&utm_medium=email&utm_campaign=footer_logo&utm_content=%5Bemail%3Acampaign_name%5D&id=3001056&contact_uuid=d0cc097f-162a-4057-a799-b15f2e95733b&dest=https%3A%2F%2Fytdownloadermp3.com%2Fscallering%2Fertuding%2FsJhvX1%2FYW5kcmV3Lmphbm5pbmdAZHlzLm9oaW8uZ292 HTTP 302
  • https://caliberamp.dmplocal.com/main/?action=t&tag=https%3A%2F%2Fwww.newrezwholesale.com%2F%3Futm_source%3Damp&utm_medium=email&utm_campaign=footer_logo&utm_content=%5Bemail%3Acampaign_name%5D&id=3001056&contact_uuid=d0cc097f-162a-4057-a799-b15f2e95733b&dest=https%3A%2F%2Fytdownloadermp3.com%2Fscallering%2Fertuding%2FsJhvX1%2FYW5kcmV3Lmphbm5pbmdAZHlzLm9oaW8uZ292 HTTP 302
  • https://ytdownloadermp3.com/scallering/ertuding/sJhvX1/YW5kcmV3Lmphbm5pbmdAZHlzLm9oaW8uZ292

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
YW5kcmV3Lmphbm5pbmdAZHlzLm9oaW8uZ292
ytdownloadermp3.com/scallering/ertuding/sJhvX1/
Redirect Chain
  • http://www5.dmpcalibermail.com/caliberamp/main/index.php?action=t&tag=https%3A%2F%2Fwww.newrezwholesale.com%2F%3Futm_source%3Damp&utm_medium=email&utm_campaign=footer_logo&utm_content=%5Bemail%3Aca...
  • http://caliberamp.dmplocal.com/main/index.php?action=t&tag=https%3A%2F%2Fwww.newrezwholesale.com%2F%3Futm_source%3Damp&utm_medium=email&utm_campaign=footer_logo&utm_content=%5Bemail%3Acampaign_name...
  • https://caliberamp.dmplocal.com/main/?action=t&tag=https%3A%2F%2Fwww.newrezwholesale.com%2F%3Futm_source%3Damp&utm_medium=email&utm_campaign=footer_logo&utm_content=%5Bemail%3Acampaign_name%5D&id=3...
  • https://ytdownloadermp3.com/scallering/ertuding/sJhvX1/YW5kcmV3Lmphbm5pbmdAZHlzLm9oaW8uZ292
0
442 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ytdownloadermp3.com/scallering/ertuding/sJhvX1/YW5kcmV3Lmphbm5pbmdAZHlzLm9oaW8uZ292
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.145.143 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.143.145.217.95.clients.your-server.de
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=2592000
Connection
Keep-Alive
Content-Encoding
br
Content-Length
1
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Jul 2023 17:53:16 GMT
Expires
Wed, 30 Aug 2023 17:53:16 GMT
Keep-Alive
timeout=5, max=300
Server
Apache
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
refresh
0;url=https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 31 Jul 2023 17:53:19 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=2, max=1000
Location
https://ytdownloadermp3.com/scallering/ertuding/sJhvX1/YW5kcmV3Lmphbm5pbmdAZHlzLm9oaW8uZ292
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
X-UA-Compatible
chrome=1
X-XSS-Protection
0
Mandrew.janning@dys.ohio.gov
plamsasecrety.com/ 		6 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2da8ec0526536384b3047fb0090ca36ad452d1818b8c2c7f513a758d76bcdff4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ytdownloadermp3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7ef7b330fcedbb62-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 31 Jul 2023 17:53:16 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FyTW%2FH9ZkBs6rYYQfKNvkS1zQsn83Oev9Qph8hYl8alFHw6oJUKduPkTKOl%2BHeVCxiKzEbTZYaDM796IAMc5h9WsOaCfuLi537DcbCNKOZnKmcozv8c1P3AwutEo6V9qwD7sHyjx1%2BUsKbNjYVdRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
challenges.css
plamsasecrety.com/cdn-cgi/styles/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plamsasecrety.com/cdn-cgi/styles/challenges.css
Requested by
Host: plamsasecrety.com
URL: https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 17:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Jul 2023 12:04:41 GMT
server
cloudflare
etag
W/"64c3aed9-19c8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7ef7b3313d3ebb62-FRA
expires
Mon, 31 Jul 2023 19:53:16 GMT
v1
plamsasecrety.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		170 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plamsasecrety.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7ef7b330fcedbb62
Requested by
Host: plamsasecrety.com
URL: https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0f6b580d7dd292a353bae8afebb7161f31a07e1c453d8f46643753b47dbf536

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov?__cf_chl_rt_tk=6T46.vJSOhtYbOxP9BplQxh0FUvv21VLRrPgy1HsiuQ-1690825996-0-gaNycGzNDCU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 17:53:17 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlFWHQ8FtgmmcOb0wKxDIfgEH1f9Usaok1mVunDSrWaEoQKtzRutdRzWkG%2FGNdRDu1TDMV%2BiVqLQPZNCv5xjESZL5Ezb%2B4d6K21ksUpx8oP2VH0qJjXeqNK4weQmMCnGd9OgcBfNo4kPtyvNaXsUOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7ef7b3315d70bb62-FRA
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/b/11b725eb/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/11b725eb/api.js?onload=vWaSXN8&render=explicit
Requested by
Host: plamsasecrety.com
URL: https://plamsasecrety.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7ef7b330fcedbb62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecd0b8c3807eed23112c89bd06b4fdc99ac40add0d34bab2e3e3156ae6796e1a

Request headers

Referer
Origin
https://plamsasecrety.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 17:53:17 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7ef7b332bde83614-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
plamsasecrety.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plamsasecrety.com/favicon.ico
Requested by
Host: plamsasecrety.com
URL: https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d5643c6886ad8087d6b5ad6fc7a2e0619ba473ea7cdb433c60ef0cabce5c8c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 17:53:17 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdoUloXRNRc7hKOJmPPUzg4WPt57t5tUxmCMj%2FNy%2FR35WhwH46aV0ESiJ8yJ21lDiOX4TWPv5nm56ifrUe%2FXz3S98e%2FDw1poBdAOUscrt01uehRDrqebgqaFLc%2FGgA3Pr0mx5Ji8yuk6OnvWhh0yMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
7ef7b331aa021c09-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
1c9a195d-af62-46dd-a67d-86df82acd95f
https://plamsasecrety.com/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://plamsasecrety.com/1c9a195d-af62-46dd-a67d-86df82acd95f
Requested by
Host: plamsasecrety.com
URL: https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
b75d737d0b20b15
plamsasecrety.com/cdn-cgi/challenge-platform/h/b/flow/ov1/964608831:1690823453:63YWnKZbFcVXV0o9O4W53YfhOURnuk1K2YQ0hQbF28I/7ef7b330fcedbb62/ 		9 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://plamsasecrety.com/cdn-cgi/challenge-platform/h/b/flow/ov1/964608831:1690823453:63YWnKZbFcVXV0o9O4W53YfhOURnuk1K2YQ0hQbF28I/7ef7b330fcedbb62/b75d737d0b20b15
Requested by
Host: plamsasecrety.com
URL: https://plamsasecrety.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7ef7b330fcedbb62
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b85748876ae315ab1584a78035c71baf9d728bdd69fb59ed47ccf5290e413c57

Request headers

Referer
https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
CF-Challenge
b75d737d0b20b15
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 31 Jul 2023 17:53:17 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33VE97wNr2EzMF7BocVlt0%2FDHZZ%2BY4ZlJGOTCYGcx1esggfh1QK05gNUlKIHSW%2FvhFQJ2PglxmDfWv0O47nxwj3MFVvBKhOKVR3tE3eUka5eJfTVALWGkM3FjGzOEniojIKuNtJJd%2F72lLbUEQQFXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7ef7b3325b091c09-FRA
alt-svc
h3=":443"; ma=86400
cf-chl-gen
IUzWqYOQh26GvgoEzLboqeBiqgQm4ZWjWiw+Q+FNg6ddLwUgCVuHcsvCBLHXZoiY$zn7vlASXvLkPOSLC78aOcA==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pncci/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 80B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/pncci/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/11b725eb/api.js?onload=vWaSXN8&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7ef7b3336dc6bb35-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 17:53:17 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
b75d737d0b20b15
plamsasecrety.com/cdn-cgi/challenge-platform/h/b/flow/ov1/964608831:1690823453:63YWnKZbFcVXV0o9O4W53YfhOURnuk1K2YQ0hQbF28I/7ef7b330fcedbb62/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://plamsasecrety.com/cdn-cgi/challenge-platform/h/b/flow/ov1/964608831:1690823453:63YWnKZbFcVXV0o9O4W53YfhOURnuk1K2YQ0hQbF28I/7ef7b330fcedbb62/b75d737d0b20b15
Requested by
Host: plamsasecrety.com
URL: https://plamsasecrety.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7ef7b330fcedbb62
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f77b4708595565b251e497f138a3f906d1b0a8fd8039c65eee3c97fcdc28a4f

Request headers

Referer
https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
CF-Challenge
b75d737d0b20b15
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
ybMX3x3yg5hFTbIg+FMz7qqNUC2d3mc5T+1SmngZXH4r6OhT1UVM7mBKTWiH9zYUFn0UuMg5zOdFvI4g0VMhlmKnE3WOMqoDtibimL27BDA=$adm9IYdL18pcYQfK6KLT8Q==
cf-chl-out-s
4RO14gccTlFMrC+ZgWw44E/q4I+Nj4e/ssgRMv9TTIFNcQLB67aLihPsq/PYyuZtb00OtR0yCaBk8wNmgesLzbcs0Ulq1soI7hjM7o9IWRvhKMlX5NnBfSC1QcgQQGauCi3aJgKM4Sz0TvjYDZGRyA==$2ad6yfFLHm0JetCAoiEmvQ==
date
Mon, 31 Jul 2023 17:53:17 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDWX9Mey0p5MQym%2FTvBwsTHIRSkAgWfB1EoUyBOEepMGoHc136XP2IabqiaRGUlxtJk2MX9E6idHR1rGzGYteAldhA%2F%2F5zWWTF1EJAUg2NhS31%2BpaEluaz9TJaFfZ4DWgl7WRgS%2FQZdcZC9zYQoyFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7ef7b335bff81c09-FRA
alt-svc
h3=":443"; ma=86400
Primary Request Mandrew.janning@dys.ohio.gov
plamsasecrety.com/ 		6 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
Requested by
Host: plamsasecrety.com
URL: https://plamsasecrety.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7ef7b330fcedbb62
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8300f20c321de1806cba811bab564b5bb3236cd6c566d9f593130268aa3ce875
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7ef7b34468271c09-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 31 Jul 2023 17:53:20 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBzWzNmQa4tlSMJ9MkE%2BbK875qzlQsWe%2FsuwI3HCjij2zT%2Fs%2FVwIxrnVXgI53QfWPU327Mw7WBbJCWk%2Fp7DTsk0u6m8hx00OKwHIFN4QYY6%2BGBCPBfEQvuCmDEqPO%2BLwtuCXi%2BFlWQKQSwSSPDGAFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
challenges.css
plamsasecrety.com/cdn-cgi/styles/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plamsasecrety.com/cdn-cgi/styles/challenges.css
Requested by
Host: plamsasecrety.com
URL: https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 17:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Jul 2023 12:04:41 GMT
server
cloudflare
etag
W/"64c3aed9-19c8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7ef7b34498641c09-FRA
expires
Mon, 31 Jul 2023 19:53:20 GMT
v1
plamsasecrety.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		183 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plamsasecrety.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7ef7b34468271c09
Requested by
Host: plamsasecrety.com
URL: https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79f98ffc08edafccf980fe521586bcb99c48897b1d1ce7b27eca43a0d9b416af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov?__cf_chl_rt_tk=PEztAcqOAmaDYonV1ks_Hs9pR4zWUSBwY81e7uh0Wjk-1690826000-0-gaNycGzNChA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 17:53:20 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuaYLb222lQ6IKcqrIxYH7%2Bc%2BS%2BFj0AsEHHYRIyhY3PJvmDz0Vser%2BNrFUKriwyYkAbFGggANVAWJtnXUhIS%2Fk%2BZq0FTvwx8f7jfsSQ0bAomkeznGGoF%2BpRpya8NKKLUKPfpLCWeqOfjbYg7EuSA1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7ef7b344a8931c09-FRA
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/b/11b725eb/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/11b725eb/api.js?onload=vWaSXN8&render=explicit
Requested by
Host: plamsasecrety.com
URL: https://plamsasecrety.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7ef7b34468271c09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecd0b8c3807eed23112c89bd06b4fdc99ac40add0d34bab2e3e3156ae6796e1a

Request headers

Referer
Origin
https://plamsasecrety.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 17:53:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7ef7b344fe253614-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
plamsasecrety.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plamsasecrety.com/favicon.ico
Requested by
Host: plamsasecrety.com
URL: https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8a902b915251e5bd322c0423666209a18e99904c83da158bf60158f66329d47
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 17:53:20 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcZ2GpwCeo4skrvoRIeKawAhluj%2F2UvESDs%2BTwOGtc8o1z68oO%2FivSjGoasP%2BDEo5tN2Uxah40CsyiMdVPMCVu%2FUCMNLMeaj6uYBvwkj0eZ%2BpJKh8tvBu2SFt5%2FhutVR2Mh9Pxd3mZLC0er%2BiwK2Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
7ef7b344f92a1c09-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
40cc91a7-aa74-4ce4-ac81-25bec0014a23
https://plamsasecrety.com/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://plamsasecrety.com/40cc91a7-aa74-4ce4-ac81-25bec0014a23
Requested by
Host: plamsasecrety.com
URL: https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
62ea47838c84047
plamsasecrety.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1704499009:1690823410:IOwferZikyNZZh1P533ntx7IYL4IMXANFBWVbJnn_E4/7ef7b34468271c09/ 		9 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://plamsasecrety.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1704499009:1690823410:IOwferZikyNZZh1P533ntx7IYL4IMXANFBWVbJnn_E4/7ef7b34468271c09/62ea47838c84047
Requested by
Host: plamsasecrety.com
URL: https://plamsasecrety.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7ef7b34468271c09
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1b8f740bd9698fccbebb0a78e156d9279c33303b8d21710e7be29c36fd49ce0

Request headers

Referer
https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
CF-Challenge
62ea47838c84047
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 31 Jul 2023 17:53:20 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oZmssSSLPBH9qB7SQy0y5FL3sMXgWEi5lttF0sJ64DiE5FZSKvcZ3YOr2Hu%2BZP%2ByTtkraI0CzGCSAKP6ZM9YxmPnXzQN6S4iRs3EQPb4Z%2Bgg4KHEw6qOryfbMlvAg2RkKR1MIesftZoi5jofnrvjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7ef7b345aa651c09-FRA
alt-svc
h3=":443"; ma=86400
cf-chl-gen
QTb/Y9GQ8mAd7Mwwygxzx+YdMEBwOOlphEylFe+ktYEHJNvCDnNEb4ZTLBLipDOz$mwA6yqA/NR4OGofuGjTwXA==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8sj1j/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 3C56 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8sj1j/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/11b725eb/api.js?onload=vWaSXN8&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7ef7b3463f86bb35-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 17:53:20 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
62ea47838c84047
plamsasecrety.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1704499009:1690823410:IOwferZikyNZZh1P533ntx7IYL4IMXANFBWVbJnn_E4/7ef7b34468271c09/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://plamsasecrety.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1704499009:1690823410:IOwferZikyNZZh1P533ntx7IYL4IMXANFBWVbJnn_E4/7ef7b34468271c09/62ea47838c84047
Requested by
Host: plamsasecrety.com
URL: https://plamsasecrety.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7ef7b34468271c09
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e28dfe2ceddcb16e65e3023345e1abfb69e0c262eb8283a2a8e69a1abd0938

Request headers

Referer
https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
CF-Challenge
62ea47838c84047
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
TEP4ud2ycnj2DOPoEoky73HrqQrpAwTsXybnqHJUZO02c/R06y0qnURCwJlrEqyNyNJh52uWAgru2lvsQFukk+2oWN9H1uEuQwhxuUUJPk0=$hczifH7XqTQ0UoN7EsDcPA==
cf-chl-out-s
CEoyZo3/dvjdxjF1mq6Hp05H2IurEwE7qKlfw3FDnNv3rQ7yNFHRnXWkxBVPblSH2tbHtF6rNSvI3BFSuJykcOHRS3NxvTM5CgCcLaP0CTu5gECxyu1BFtsRIFZrlDmOGsRhlRCPXI2s92fu+wHEsMeOY9cHj6Edjs/pXQ1F79jnr6ePmqZwJbUJNT9VsF/0mvHvcqCgvKeI+h5Ee5+5JAGnSIG99IvGJQdUfsMoPcZQrnbrx0kTORYiHu+llTn8$zD/yLeNLlyHPNi84sf24dQ==
date
Mon, 31 Jul 2023 17:53:20 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMGAIOiJ68zmqoXhlK6JVLPY0fqem5ZlBaG3DBXq1BUda1BaC1ApBmZNVKv1USC%2FL0vBVyBilhrnk5WoHs%2FfhQljgTWqlVFSLjHCmHF4k7eWgn5LuP%2FX%2Bk5O%2BsjhK7O3wn%2F44EZg6aHRQ%2F8LgPJWkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7ef7b347bde81c09-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| vWaSXN8 boolean| ORKO8 function| QAbd3 function| PmQfOI5 function| mu9 function| now4 object| xEGr6 function| SHA256 function| ECCJiTEBVh object| RBqffi4 object| turnstile boolean| qp1 string| aoPcQ0

3 Cookies

Domain/Path Name / Value
.caliberamp.dmplocal.com/ Name: SESSION_NAME
Value: CALIBERAMP_SESSION_SECURE
.caliberamp.dmplocal.com/ Name: CALIBERAMP_SESSION_SECURE
Value: de59u2e73ktdm7juhgahaj5t61
plamsasecrety.com/ Name: cf_chl_rc_m
Value: 1

7 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://plamsasecrety.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://plamsasecrety.com/Mandrew.janning@dys.ohio.gov
Message:
The page did not request an origin-keyed agent cluster, but was put in one anyway because the origin 'https://plamsasecrety.com' had previously been placed in an origin-keyed agent cluster. Update your headers to uniformly request origin-keying for all pages on the origin.
network error URL: https://plamsasecrety.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block