ohiodems.org Open in urlscan Pro
2606:4700:3036::ac43:8e8f Public Scan

URL:
https://ohiodems.org/
Submission: On June 18 via api (June 18th 2021, 12:10:23 am UTC) from US

Summary HTTP 80 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 20 domains to perform 80 HTTP transactions. The main IP is 2606:4700:3036::ac43:8e8f, located in United States and belongs to CLOUDFLARENET, US. The main domain is ohiodems.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 2nd 2020. Valid for: a year.

This is the only time ohiodems.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:303... 2606:4700:3036::ac43:8e8f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:20e... 2600:9000:20eb:3a00:12:303c:8700:21	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100:19a::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	13.225.74.22 13.225.74.22	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
6	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
1	2600:9000:21f... 2600:9000:21f3:f800:14:79be:a380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
10	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
80	25

16 2606:4700:3036::ac43:8e8f (United States)

ASN13335 (CLOUDFLARENET, US)

ohiodems.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20eb:3a00:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)

d3rse9xjbp8270.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:19a::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.74.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-22.fra2.r.cloudfront.net

iwillvote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:f800:14:79be:a380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js2.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	ohiodems.org ohiodems.org	684 KB
10	google-analytics.com www.google-analytics.com	20 KB
8	twitter.com platform.twitter.com syndication.twitter.com	213 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	229 KB
6	googleapis.com fonts.googleapis.com maps.googleapis.com	165 KB
4	facebook.com www.facebook.com	504 B
4	ngpvan.com profile.ngpvan.com secure.ngpvan.com fastaction.ngpvan.com	4 KB
4	facebook.net connect.facebook.net	178 KB
4	googletagmanager.com www.googletagmanager.com	146 KB
4	cloudfront.net d3rse9xjbp8270.cloudfront.net	364 KB
2	twimg.com cdn.syndication.twimg.com pbs.twimg.com	5 KB
2	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	1 KB
2	google.com www.google.com	750 B
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	77 KB
1	google.de www.google.de	154 B
1	googleadservices.com www.googleadservices.com	14 KB
1	verygoodvault.com js2.verygoodvault.com	24 KB
1	jquery.com code.jquery.com	30 KB
1	iwillvote.com iwillvote.com	1 KB
1	optimizely.com cdn.optimizely.com	67 KB
80	20

	Domain	Requested by
16	ohiodems.org	ohiodems.org
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com ohiodems.org
6	platform.twitter.com	ohiodems.org platform.twitter.com
5	fonts.gstatic.com	fonts.googleapis.com
4	www.facebook.com	ohiodems.org connect.facebook.net
4	connect.facebook.net	ohiodems.org connect.facebook.net
4	www.googletagmanager.com	ohiodems.org d3rse9xjbp8270.cloudfront.net www.googletagmanager.com
4	maps.googleapis.com	ohiodems.org maps.googleapis.com
4	d3rse9xjbp8270.cloudfront.net	ohiodems.org d3rse9xjbp8270.cloudfront.net
2	syndication.twitter.com	platform.twitter.com
2	secure.ngpvan.com	d3rse9xjbp8270.cloudfront.net ohiodems.org
2	www.google.com	ohiodems.org
2	maxcdn.bootstrapcdn.com	ohiodems.org maxcdn.bootstrapcdn.com
2	fonts.googleapis.com	ohiodems.org
1	pbs.twimg.com	ohiodems.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	fastaction.ngpvan.com	d3rse9xjbp8270.cloudfront.net
1	cdn.syndication.twimg.com	platform.twitter.com
1	www.google.de	ohiodems.org
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	js2.verygoodvault.com	d3rse9xjbp8270.cloudfront.net
1	profile.ngpvan.com	d3rse9xjbp8270.cloudfront.net
1	www.gstatic.com	www.google.com
1	code.jquery.com	ohiodems.org
1	iwillvote.com	ohiodems.org
1	cdn.optimizely.com	ohiodems.org
80	27

This site contains links to these domains. Also see Links.

Domain
act.ohiodems.org
store.ohiodems.org
secure.actblue.com
fastaction.ngpvan.com
go.ohiodems.org
iwillvote.com
www.facebook.com
votefromabroad.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-02` - `2021-08-02`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
iwillvote.com Amazon	`2020-07-27` - `2021-08-27`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.ngpvan.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-01-14` - `2022-01-14`	a year	crt.sh
*.verygoodvault.com Amazon	`2021-03-19` - `2022-04-17`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://ohiodems.org/
Frame ID: 41585C26C6056D36E48A0BBF2EB8C1E6
Requests: 77 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fohiodems.org
Frame ID: 7F3ED30F0FCA88FF83B796086F1F60C4
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Frame ID: BC02EF945E1CD532E5A07BC3C7B8700C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

80
Requests

100 %
HTTPS

83 %
IPv6

20
Domains

27
Subdomains

25
IPs

4
Countries

2223 kB
Transfer

6707 kB
Size

0
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://act.ohiodems.org/a/odp-truth-team
Title: Join the Truth Team

Search URL Search Domain Scan URL

URL: https://act.ohiodems.org/a/odp-volunteer
Title: Volunteer

Search URL Search Domain Scan URL

URL: https://store.ohiodems.org/
Title: Store

Search URL Search Domain Scan URL

URL: https://secure.actblue.com/donate/2021-support/?refcode=websign2021
Title: Donate

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/twitter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: https://go.ohiodems.org/page/s/you-for-ohio/
Title: Take Action

Search URL Search Domain Scan URL

URL: https://iwillvote.com/register/?state=OH
Title: Take Action

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OHDems
Title: Ohio Democratic Party

Search URL Search Domain Scan URL

URL: http://votefromabroad.org/
Title: Vote from Abroad

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ohiodems.org/ 25 KB
8 KB 634ms
607ms Document
text/html 2606:4700:3036::ac43:8e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c26ab7eb5a47d4ed29f59809c6323a24c02a6c8db60fd33e1884ad3f03ba9e7

Request headers

:method: GET
:authority: ohiodems.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
link: <https://ohiodems.org/>; rel=shortlink
x-fw-server: Flywheel/4.1.0
x-fw-hash: exinsehpq5
x-cacheable: NO:Not Cacheable
x-fw-serve: TRUE
x-cache: MISS
x-fw-static: NO
x-fw-type: VISIT
cf-cache-status: DYNAMIC
cf-request-id: 0abe0d04f500004a5bc03eb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1VII5Nxk7yawm7UoENrH5r9TDaVUaU%2BJVtDFoH4tXcYT5vvUqhI38JXGiEDSBVN%2BvXImQCGtcwALiacoEHb9m7OrhtiTCYxeyWs3eUUZm2PR3yR10NPJsz%2BQCENQZXM49YYW8USz"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66104ab4be7a4a5b-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 at.js Show response
d3rse9xjbp8270.cloudfront.net/ 822 KB
232 KB 24ms
8ms Script
application/javascript 2600:9000:20eb:3a00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3a00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 655f0b6f1070a57b78c64ce4d896a5048f9aa4f005806b7b7a5c514db6eccc29

Request headers

Origin: https://ohiodems.org
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:04:25 GMT
content-encoding: gzip
age: 32779
x-cache: Hit from cloudfront
content-length: 237346
access-control-allow-origin: *
last-modified: Tue, 15 Jun 2021 15:03:15 GMT
server: AmazonS3
etag: "f46ed38453abd00546d6388cc88dfb81"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: a4JuWJCS-HFNSd3Cx1ir0AflzqEQmWtQfZU1eP86SnRCmB_Wcas-Eg==

GET
H2 200 at.min.css
d3rse9xjbp8270.cloudfront.net/ 111 KB
21 KB 25ms
8ms Stylesheet
text/css 2600:9000:20eb:3a00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3a00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c2cf15ae55ae1414f1f214a9cc9c6b8addae982ca7f39eef90a71b11d67dbc9

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:00:58 GMT
content-encoding: gzip
age: 597
x-cache: Hit from cloudfront
content-length: 20615
access-control-allow-origin: *
last-modified: Tue, 15 Jun 2021 15:03:15 GMT
server: AmazonS3
etag: "3332cffe4441bc3dd3f86ae21180740b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: izqFwU65bmXbVLa3QaE-QvwiN5REU6ZEIHTs1klVosk-KjJ4Jg5Epw==

GET
H2 200 338944120.js Show response
cdn.optimizely.com/js/ 199 KB
67 KB 140ms
120ms Script
text/javascript 2a02:26f0:7100:19a::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/338944120.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:19a::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7cd72a40e5b18c07a4946978ffad3205ef00f9411dac392f4989b35df4377f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9AYEqhUUMq5Oh9dXr9djn4dBDWYeHi_e
content-encoding: gzip
etag: "90c7ffd1e74889817b8577bb593867c0"
x-amz-request-id: VTZFV39YV6ANB1JP
x-amz-meta-revision: 101
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:7100:19a::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 67854
x-amz-id-2: c7Fwl0j01nnrphM3A/dfCb42rDAKFEFtB4hEecUUy66A+vmNyKYdFuMu1dHcyBsr5wC5D17hmqg=
last-modified: Thu, 01 Mar 2018 22:07:04 GMT
server: AmazonS3
date: Fri, 18 Jun 2021 00:09:57 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H3-29 200 style.min.css
ohiodems.org/wp-includes/css/dist/block-library/ 57 KB
9 KB 33ms
20ms Stylesheet
text/css 2606:4700:3036::ac43:8e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ohiodems.org
referer: https://ohiodems.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 18 Jun 2021 00:09:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 2332965
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abe0d076900002be9a7b06000000001
x-fw-type: VISIT
pragma: public
last-modified: Thu, 20 May 2021 00:27:00 GMT
server: cloudflare
etag: W/"60a5acd4-e33b"
x-fw-hash: exinsehpq5
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QbAZQcrXD9IUIB9aU%2BzY0dGCEe7jD1KC%2Fj0MC6H9TuYMNMVF3ZkqSxA0gMIZVPW8Ndl38il2QZZno5NSfBmWL40CWQdE63ZQ%2B%2BDbpN7HR4C2HgQgNBW%2FyM%2B%2B%2F1eBv0qlcaG%2FX9AT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-fw-serve: TRUE
cache-control: public, max-age=2592000
cf-ray: 66104ab8ac792be9-FRA

GET
H3-29 200 pum-site-styles.css
ohiodems.org/wp-content/uploads/pum/ 17 KB
4 KB 35ms
21ms Stylesheet
text/css 2606:4700:3036::ac43:8e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/uploads/pum/pum-site-styles.css?generated=1616678595&ver=1.16.1
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84982412d3d3c8a785d716b60a4ae617ea378bbd13e31f04f8aeaae7686a0d75

Request headers

:path: /wp-content/uploads/pum/pum-site-styles.css?generated=1616678595&ver=1.16.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ohiodems.org
referer: https://ohiodems.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 18 Jun 2021 00:09:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 1987379
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abe0d076900002be9e423e000000001
x-fw-type: VISIT
pragma: public
last-modified: Thu, 25 Mar 2021 13:23:15 GMT
server: cloudflare
etag: W/"605c8ec3-44a2"
x-fw-hash: exinsehpq5
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QGnl%2BDoz7zGGrkNn%2FKoyOwLIQu1qhtDGS4eaAbiGM4C8LvWiQTyuqnxxI%2BQ6YRrVHSDB%2Bl%2BNY2Y7R1QjHdP0jVPMEX64ZgXqh9VO5QhKl4o2Kv5gWAPeBazW1FjbVxZfg9Y22c41"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-fw-serve: TRUE
cache-control: public, max-age=2592000
cf-ray: 66104ab8ac772be9-FRA

GET
H2 200 css
fonts.googleapis.com/ 9 KB
898 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c87fa8e67757e6c16a8e84ec2343fd730fd3277905b5cf32e374947089d50a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 00:09:57 GMT
server: ESF
date: Fri, 18 Jun 2021 00:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Jun 2021 00:09:57 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/ 28 KB
7 KB 36ms
16ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 7527218
cdn-cachedat: 2021-03-11 11:58:15
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abe0d076f00004e6de4b33000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a754e168c4f0fb62e4072354b1d05890
cf-ray: 66104ab8b8a64e6d-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 main-48ef26500a.css
ohiodems.org/wp-content/themes/ohiodems/dist/styles/ 196 KB
28 KB 130ms
118ms Stylesheet
text/css 2606:4700:3036::ac43:8e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/ohiodems/dist/styles/main-48ef26500a.css
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39e923cd9b7b0e8f56dcb069a582132aa850d546ddf5ad9477e5b029dfca96b1

Request headers

:path: /wp-content/themes/ohiodems/dist/styles/main-48ef26500a.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ohiodems.org
referer: https://ohiodems.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 18 Jun 2021 00:09:57 GMT
content-encoding: br
vary: Accept-Encoding Accept-Encoding
cf-cache-status: HIT
x-cacheable: NO:Not Cacheable
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abe0d076900002be93d2d2000000001
x-fw-type: VISIT
pragma: public
last-modified: Mon, 14 Jun 2021 20:29:47 GMT
server: cloudflare
etag: W/"60c7bc3b-31152"
x-fw-hash: exinsehpq5
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3RuV2owJjFz4Wud8MgrCSjACUPWqin2MWeo3S1CvRlp%2BimtZKUKbFpBisUJ8ximWfyer6cOyqAUQrR2IJ0mkTMNXLGJMtQY9CFlmgDmAJVst%2Frt769RCvX7ECjvZpuvMdtj7vDoY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-fw-serve: TRUE
cache-control: public, max-age=2592000
cf-ray: 66104ab8ac7c2be9-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
686 B 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9b7ea780f5ff5cd8a0ad4a2700143f3661284dc98d571cb38b188c2c060fe55a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Fri, 18 Jun 2021 00:09:57 GMT

GET
H2 200 widget-v2.css
iwillvote.com/locate/ 3 KB
1 KB 64ms
16ms Stylesheet
text/css 13.225.74.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://iwillvote.com/locate/widget-v2.css
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-22.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08dd67a1f23a1f0929ab6aecb2ae6bba654fedc2e1fb4c52a685e67a23a122c2

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 23:24:36 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 22:35:12 GMT
server: AmazonS3
age: 2722
etag: W/"521f174c960c58b357e753b9e2d5d9b2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: LJ9oHNeS7RlGkKdN4ZbhIFdEY-weUX4CYuV8yQSN4ZTvHOMB_kUa6Q==

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 11ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:57 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1623974997.dop223.fr8.t,1623974997.cds253.fr8.hn,1623974997.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H3-29 200 core.min.js Show response
ohiodems.org/wp-includes/js/jquery/ui/ 20 KB
7 KB 27ms
15ms Script
application/javascript 2606:4700:3036::ac43:8e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

:path: /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ohiodems.org
referer: https://ohiodems.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 18 Jun 2021 00:09:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 1987379
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abe0d076800002be9cfa30000000001
x-fw-type: VISIT
pragma: public
last-modified: Fri, 21 May 2021 05:28:01 GMT
server: cloudflare
etag: W/"60a744e1-5133"
x-fw-hash: exinsehpq5
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PION5zxrtfhoaXfdbS04snM0vP08FlytXXS1vg317GbXkAF5cYxP5zbHW%2BCw%2F%2FsV3nxscDHBSpgRpCPDSJyHUcDywyySxY8Xn5eV5cQuiJqa1wBVwF5kXErA9r55R%2FiCDiG%2BiBaP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=2592000
cf-ray: 66104ab8ac732be9-FRA

GET
H3-29 200 pum-site-scripts.js Show response
ohiodems.org/wp-content/uploads/pum/ 68 KB
17 KB 34ms
21ms Script
application/javascript 2606:4700:3036::ac43:8e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1616678595&ver=1.16.1
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63f5e4f395f67b32f7ac022b0a2bda1f2c78242b1717f39c6349149f31206475

Request headers

:path: /wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1616678595&ver=1.16.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ohiodems.org
referer: https://ohiodems.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 18 Jun 2021 00:09:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 1987379
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abe0d076900002be9139c5000000001
x-fw-type: VISIT
pragma: public
last-modified: Thu, 25 Mar 2021 13:23:15 GMT
server: cloudflare
etag: W/"605c8ec3-10f7c"
x-fw-hash: exinsehpq5
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AZAFlTBlhYhrMSHh0X3CDkaxBgkD%2Bv2xvCRkczj1bGZBgjvMoUctKXCsuUwgIyjvX2gb4XPd56tGC2kTEVzbIeCBq0gIlRDtyxGXYZCeus%2FRz1duMyrotHdr24RQHzCjZM3FTGH%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=2592000
cf-ray: 66104ab8ac7d2be9-FRA

GET
H3-29 200 modernizr-8895641e34.js Show response
ohiodems.org/wp-content/themes/ohiodems/dist/scripts/ 11 KB
5 KB 26ms
15ms Script
application/javascript 2606:4700:3036::ac43:8e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/ohiodems/dist/scripts/modernizr-8895641e34.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 370f049a2458c34f7dc8d6eda8bc03c3a0f2ce147ceaab3e9dac9cae4a6109ca

Request headers

:path: /wp-content/themes/ohiodems/dist/scripts/modernizr-8895641e34.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ohiodems.org
referer: https://ohiodems.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 18 Jun 2021 00:09:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 87081
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abe0d076a00002be9ffa15000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Fri, 21 Aug 2020 14:58:11 GMT
server: cloudflare
etag: W/"5f3fe103-2af0"
x-fw-hash: exinsehpq5
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aBkdJXgk8jKYpwiJhlTvvJ6SCadgzko0etw3jtH5TTLkLWttH7afz8nW29vrcaYg6sM5z79paB0hPLak0uKL%2B7xoZSUfVpP8Q9KAwvPhjoh%2Fb%2BUAYzZZXjfVBEfR672Ow0tk5IX3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=2592000
cf-ray: 66104ab8ac7e2be9-FRA

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 132 KB
43 KB 58ms
35ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

3aab06044770047b52112fa6809e910825f5b2b254e56a1eb1d3a55ec8413a4b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:57 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=19
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44009
x-xss-protection: 0
expires: Fri, 18 Jun 2021 00:39:57 GMT

GET
H3-29 200 main-a16b202eb3.js Show response
ohiodems.org/wp-content/themes/ohiodems/dist/scripts/ 197 KB
49 KB 37ms
25ms Script
application/javascript 2606:4700:3036::ac43:8e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/themes/ohiodems/dist/scripts/main-a16b202eb3.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2470c6c388ac442808a285250328ffd6f010a2d3dacde4a41dc45fafefc2c97

Request headers

:path: /wp-content/themes/ohiodems/dist/scripts/main-a16b202eb3.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ohiodems.org
referer: https://ohiodems.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 18 Jun 2021 00:09:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 1987379
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abe0d076900002be9e6937000000001
x-fw-type: VISIT
pragma: public
last-modified: Fri, 21 Aug 2020 14:58:11 GMT
server: cloudflare
etag: W/"5f3fe103-3125f"
x-fw-hash: exinsehpq5
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=j6sabXzmhMJYjuyNroXy9XCUG1TZjGHKccoxMwQ6Rg8IWfqcYZUskYrjVBR60UyhFGOWxuYWTEWxzImvJkY6aaqw7PtrPBz20rTDMhM8aq4z3HGkBWHYTcu0tPmTywjN%2FyF0ec%2Bw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=2592000
cf-ray: 66104ab8ac7a2be9-FRA

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 27ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6713) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 00:09:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/6713)
Age: 624
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
511 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/wp-content/uploads/pum/pum-site-styles.css?generated=1616678595&ver=1.16.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2597337524a833cfb605b63e2a3a9aaf7857b11587b8dba5fb7932a504a19e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 23:40:32 GMT
server: ESF
date: Fri, 18 Jun 2021 00:09:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Jun 2021 00:09:58 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ 343 KB
134 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ohiodems.org
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 16:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136998
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 22:05:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 16:37:51 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 76 KB
30 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TR2MNXD

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eca324dc964e8ecc829817b27d52685badb40feb02977db63ec4bca1177d4c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:58 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30828
x-xss-protection: 0
expires: Fri, 18 Jun 2021 00:09:58 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
25 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

547f226c6e04b6654144617685448d360e2a92d908c6fb646761a1e6d4850004

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24517
x-xss-protection: 0
pragma: public
x-fb-debug: yGsn1PMiRBVvVyEYpugOgqj96wt4KaVfj6duCndXPyi2OPdX8r0/0FZCS+1D5cCy/KKNqNM8c+wTdqTHxU0hiA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 18 Jun 2021 00:09:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 84 KB
33 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5N8X83

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3960143f4c404eef8c21011e88e07c4b4a0b689e69d4761b555394907cdcc5f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:58 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33528
x-xss-protection: 0
expires: Fri, 18 Jun 2021 00:09:58 GMT

GET
H3-29 200 logo.png
ohiodems.org/wp-content/themes/ohiodems/dist/images/ 4 KB
5 KB 16ms
15ms Image
image/png 2606:4700:3036::ac43:8e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/themes/ohiodems/dist/images/logo.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/wp-content/themes/ohiodems/dist/styles/main-48ef26500a.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4f722d770732e5a7a11518982ec3339298bf91fe1eaf4ebfc310e280cbc98b0

Request headers

:path: /wp-content/themes/ohiodems/dist/images/logo.png
pragma: no-cache
cookie: optimizelyEndUserId=oeu1623974998026r0.13858128443180395; optimizelySegments=%7B%22338746200%22%3A%22direct%22%2C%22339344593%22%3A%22false%22%2C%22339910449%22%3A%22gc%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ohiodems.org
referer: https://ohiodems.org/wp-content/themes/ohiodems/dist/styles/main-48ef26500a.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ohiodems.org/wp-content/themes/ohiodems/dist/styles/main-48ef26500a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 18 Jun 2021 00:09:58 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 87080
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4354
cf-request-id: 0abe0d084b00002be93d2dc000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Fri, 21 Aug 2020 14:58:11 GMT
server: cloudflare
x-fw-hash: exinsehpq5
etag: "5f3fe103-1102"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UCaiU66jykpAXPzLOiOxjYS1qlId7O83LJ6cgeWoEOQWLeVrhqL%2B7VVTamLk4FBdUHZ%2FYMsWVeFaIOxI50yGLwhKIiB7IubsSifmaV9zfP7tClBUC8E7rIbtRy69o%2FygYFImW%2Bqx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 66104aba1e4a2be9-FRA

GET
H3-29 200 video-still.jpg
ohiodems.org/wp-content/uploads/2018/10/ 389 KB
390 KB 117ms
116ms Image
image/jpeg 2606:4700:3036::ac43:8e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2018/10/video-still.jpg
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53d10ba372155a0657ebd8cefe2c76f1a6bb8e27dcfd04bb1401f457cf926a6c

Request headers

:path: /wp-content/uploads/2018/10/video-still.jpg
pragma: no-cache
cookie: optimizelyEndUserId=oeu1623974998026r0.13858128443180395; optimizelySegments=%7B%22338746200%22%3A%22direct%22%2C%22339344593%22%3A%22false%22%2C%22339910449%22%3A%22gc%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ohiodems.org
referer: https://ohiodems.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 18 Jun 2021 00:09:58 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 398647
cf-request-id: 0abe0d084c00002be920155000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Tue, 16 Oct 2018 18:43:46 GMT
server: cloudflare
x-fw-hash: exinsehpq5
etag: "5bc63162-61537"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ActvCONIAKf4WmTDPKOkruCAUdPLHNTLCSFUnZ3cd%2FYpY5T1nnYR%2BHSwBC%2BZ6Avtzj3AjwJd9QOqAoVkj1mWbx%2BPZAWBCsUeVXM7XO2h901ex7jXAX383ImbIgwtTb0KOg1FiBfC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 66104aba1e4d2be9-FRA

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ohiodems.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:05:05 GMT
x-content-type-options: nosniff
age: 475493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 12:05:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ohiodems.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:50:35 GMT
x-content-type-options: nosniff
age: 501563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 04:50:35 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
23 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ohiodems.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:46:04 GMT
x-content-type-options: nosniff
age: 501834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 04:46:04 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v17/ 24 KB
24 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ohiodems.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:24:17 GMT
x-content-type-options: nosniff
age: 485141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24428
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 09:24:17 GMT

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/ 69 KB
70 KB 33ms
18ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://ohiodems.org
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 3801776
cdn-cachedat: 2021-05-05 00:32:10
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 70728
cf-request-id: 0abe0d085e00002c199d95f000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 90b8f28565a167ee0e76417ef520a40a
accept-ranges: bytes
cf-ray: 66104aba2b7a2c19-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 meta-runforoffice-295x115.png
ohiodems.org/wp-content/uploads/2015/09/ 48 KB
48 KB 176ms
175ms Image
image/png 2606:4700:3036::ac43:8e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2015/09/meta-runforoffice-295x115.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bab7e59de498e1e76a05252c66d7fe1e32b1d73fecad8708970b4e693146c51

Request headers

:path: /wp-content/uploads/2015/09/meta-runforoffice-295x115.png
pragma: no-cache
cookie: optimizelyEndUserId=oeu1623974998026r0.13858128443180395; optimizelySegments=%7B%22338746200%22%3A%22direct%22%2C%22339344593%22%3A%22false%22%2C%22339910449%22%3A%22gc%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ohiodems.org
referer: https://ohiodems.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 18 Jun 2021 00:09:58 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 48923
cf-request-id: 0abe0d089f00002be922a9f000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 05 Sep 2019 16:02:16 GMT
server: cloudflare
x-fw-hash: exinsehpq5
etag: "5d713188-bf1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WJUrfnZXofB8tJzlxBELsZsaq6%2Bjz5ZkhYMOqXKRSNo38SmoIud1G8kqr7TZIMV1XjVjS5bceyFjd0UqzMuEn9yNyx1INdAx0tGmF43OT2q57rZBHC4XndwOpsneJb5IbsHOWblQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 66104aba9ed42be9-FRA

GET
H3-29 200 UPDATEDmask-295x115.png
ohiodems.org/wp-content/uploads/2018/10/ 23 KB
24 KB 15ms
15ms Image
image/png 2606:4700:3036::ac43:8e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2018/10/UPDATEDmask-295x115.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8499f481f7d550511361c4b6978f2a14fb1dbc3c24554355da84600715d6e130

Request headers

:path: /wp-content/uploads/2018/10/UPDATEDmask-295x115.png
pragma: no-cache
cookie: optimizelyEndUserId=oeu1623974998026r0.13858128443180395; optimizelySegments=%7B%22338746200%22%3A%22direct%22%2C%22339344593%22%3A%22false%22%2C%22339910449%22%3A%22gc%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ohiodems.org
referer: https://ohiodems.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 18 Jun 2021 00:09:58 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 2160111
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 23848
cf-request-id: 0abe0d089f00002be92ab61000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Wed, 03 Jun 2020 14:49:05 GMT
server: cloudflare
x-fw-hash: exinsehpq5
etag: "5ed7b861-5d28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=k4eHfw19rL2B8p9fRHjc4Y%2F5GloVOx%2FIPAFEgdnVCrCeJA4uoxxrBdFw8dzKNNpw5LM1GR54oJFtIASxXlNYJxrCdrXACEiFvx5r0jfQ0GS8UyTum24MK%2B28xlzGqThJE7NjmBWn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 66104aba9ed62be9-FRA

GET
H3-29 200 DSC_0011-1-295x115.png
ohiodems.org/wp-content/uploads/2019/09/ 67 KB
68 KB 18ms
17ms Image
image/png 2606:4700:3036::ac43:8e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohiodems.org/wp-content/uploads/2019/09/DSC_0011-1-295x115.png
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3037e5f992beda4fda32b590e897a0806fe95aeb592114396e9b222668f1208

Request headers

:path: /wp-content/uploads/2019/09/DSC_0011-1-295x115.png
pragma: no-cache
cookie: optimizelyEndUserId=oeu1623974998026r0.13858128443180395; optimizelySegments=%7B%22338746200%22%3A%22direct%22%2C%22339344593%22%3A%22false%22%2C%22339910449%22%3A%22gc%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ohiodems.org
referer: https://ohiodems.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 18 Jun 2021 00:09:58 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 864116
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 68703
cf-request-id: 0abe0d089f00002be94012b000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 09 Jul 2020 23:56:37 GMT
server: cloudflare
x-fw-hash: exinsehpq5
etag: "5f07aeb5-10c5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rIOXVJzCYm%2Fn9i69vJs1Fpha4EenHZUmtNe7EfAX2ZkXPZyKf63uddB8pGQxUOrl1Qcygiyf%2B7yZHLyX9oayunCQOet85q9TXNUqbf16unb3X%2F7Wd8MHjtHCI%2FqNGd8d%2Bm1BHecS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 66104aba9ed72be9-FRA

GET
H3-29 206 hero-background.mp4
ohiodems.org/wp-content/uploads/2018/06/ 320 KB
0 115ms
115ms Media
video/mp4 2606:4700:3036::ac43:8e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/uploads/2018/06/hero-background.mp4
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-fetch-mode: no-cors
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
sec-fetch-dest: video
cookie: optimizelyEndUserId=oeu1623974998026r0.13858128443180395; optimizelySegments=%7B%22338746200%22%3A%22direct%22%2C%22339344593%22%3A%22false%22%2C%22339910449%22%3A%22gc%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D
:path: /wp-content/uploads/2018/06/hero-background.mp4
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ohiodems.org
referer: https://ohiodems.org/
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://ohiodems.org/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 18 Jun 2021 00:09:58 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-fw-server: Flywheel/4.1.0
Content-Range: bytes 0-1334062/1334063
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 1334063
cf-request-id: 0abe0d08a700002be9ae982000000001
pragma: public
last-modified: Wed, 12 Sep 2018 19:55:00 GMT
server: cloudflare
etag: "5b996f14-145b2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: exinsehpq5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sW4t2sK1854tzek8wSP7sIgiY%2FZT2x1f1j7IB0GJ6mUwdcz0tJwhfB%2FKttu1SfkBCjRnzNUBwP77k%2FG4W1UUPWQuGdrWG51TTw5uDq9klBvMLlXiN%2BFqIzXmflVhMBuGrmuu1tos"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: max-age=2592000, public
cf-ray: 66104abaaee32be9-FRA

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame 7F3E 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fohiodems.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ohiodems.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ohiodems.org/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 14129
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 18 Jun 2021 00:09:58 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6723)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 204 identity Show response
profile.ngpvan.com/ 0
751 B 378ms
361ms Script
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:58 GMT
reason: Returned 204 - No Content. Referrer not whitelisted
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: Microsoft-IIS/10.0
x-powered-by: Express, ASP.NET
x-iinfo: 14-34390101-34390103 NNNN CT(-1 -1 2) RT(1623974997708 0) q(0 0 2 1) r(3 3) U11
x-cdn: Imperva
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
37 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b37eac990fa968ddfa31dcaee4392e8695e54d4f70e211bbdb2609037f1e4ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:58 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37512
x-xss-protection: 0
expires: Fri, 18 Jun 2021 00:09:58 GMT

GET
H2 200 extra.min.css
d3rse9xjbp8270.cloudfront.net/ 93 KB
16 KB 7ms
7ms Stylesheet
text/css 2600:9000:20eb:3a00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3a00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a91c785f5d31049c4a03af14da1d79eb843fd47433a01f0b232c7ccaf8874c2

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:04:26 GMT
content-encoding: gzip
age: 82280
x-cache: Hit from cloudfront
content-length: 15866
access-control-allow-origin: *
last-modified: Tue, 15 Jun 2021 15:03:15 GMT
server: AmazonS3
etag: "0321e3c7b8acb7f4880ebcc09369c77a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: jgaXfPP_g9kmk67N6FgOyrY_s6yG0bgCOkRKeH_9ZNbOnx_x2BLMig==

GET
H3-29 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 15ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.41

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-xss-protection: 0
pragma: public
x-fb-debug: 01vY4yL9oq5SCO4Ff04RkomJKICwPw07U6zgmBMYQ1FMymeof01xqcW9a8kjG0Ht2M9Gl1qYTcY/KdZk303Kig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Jun 2021 00:09:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 830442327491061 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 77ms
69ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/830442327491061?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0de3e7f7407ebe406bc60da1bc8e984f3d1337ec866cd4533900734bf59e50da

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: Uko+O3mTReNZ/W0mW41PnPOQGVyPpd9UkkBmWlPvfoB0JRcbetkYFta+RC7ubhdZvPUA8WgAsECfnA187DFtLg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Jun 2021 00:09:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK AC2nt8erbFu3svSWxmyTZr1b.js Show response
js2.verygoodvault.com/vgs-collect/1/ 76 KB
24 KB 82ms
62ms Script
application/javascript 2600:9000:21f3:f800:14:79be:a380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js2.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:f800:14:79be:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18c7974cdab32e0e913639d2a48b6b5015677b61e6a6c92abbfaeae341b37799

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: s108w9ESk9MsUpkYVuIVY.XmC2guOF28
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 24 Apr 2020 20:22:27 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
ETag: W/"9b953aa54ddcf3f41bc5a40e25cf8452"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
Date: Fri, 18 Jun 2021 00:09:59 GMT
Connection: keep-alive
X-Amz-Cf-Id: -fUFCde86-hpQ3aaBUykSRmFnpqAK2y9fEwTVVz7fZoMrEd7nV7QDA==

GET
H2 200 vGsz3qFuOkqSPswtciZgag2 Show response
secure.ngpvan.com/v1/Forms/ 2 KB
2 KB 381ms
380ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/v1/Forms/vGsz3qFuOkqSPswtciZgag2

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ef5460203f0f5412e534fa35b0b55f8e10a98b83418496b034c4ad4ba293cffc

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 14-34390118-34390119 NNNN CT(86 175 0) RT(1623974997755 0) q(0 0 3 0) r(4 4) U18
content-length: 1299
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
x-frame-options: SAMEORIGIN
date: Fri, 18 Jun 2021 00:09:58 GMT
vary: Origin,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ohiodems.org
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 120 KB
46 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T0MC8QX2ZT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR2MNXD

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cebf97eaae66d61c4c903ad0f1bc6fe4826568214537bd8176dec1d044a3562b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:58 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47129
x-xss-protection: 0
expires: Fri, 18 Jun 2021 00:09:58 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 42ms
17ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N8X83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c694a371dc0d0d8accc0cc110c4e2e8f15a44682710b85c71c2f68833623737c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13996
x-xss-protection: 0
server: cafe
etag: 13080284601087747113
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 00:09:58 GMT

GET
H3-29 206 hero-background.mp4
ohiodems.org/wp-content/uploads/2018/06/ 23 KB
23 KB 114ms
113ms Media
video/mp4 2606:4700:3036::ac43:8e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/uploads/2018/06/hero-background.mp4
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deed0cca828e10820588f046f3c492360a07f32007d9fdb4cef8249baded73d0

Request headers

sec-fetch-mode: no-cors
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
sec-fetch-dest: video
cookie: optimizelyEndUserId=oeu1623974998026r0.13858128443180395; optimizelySegments=%7B%22338746200%22%3A%22direct%22%2C%22339344593%22%3A%22false%22%2C%22339910449%22%3A%22gc%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D
:path: /wp-content/uploads/2018/06/hero-background.mp4
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ohiodems.org
referer: https://ohiodems.org/
:scheme: https
sec-fetch-site: same-origin
range: bytes=1310720-
:method: GET
Referer: https://ohiodems.org/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=1310720-

Response headers

date: Fri, 18 Jun 2021 00:09:58 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-fw-server: Flywheel/4.1.0
Content-Range: bytes 1310720-1334062/1334063
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 23343
cf-request-id: 0abe0d098800002be90e9dc000000001
pragma: public
last-modified: Wed, 12 Sep 2018 19:55:00 GMT
server: cloudflare
etag: "5b996f14-145b2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: exinsehpq5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2mSIYo8Pgmdty7QuL1tJi1ruq8gyTNtxiiaPPFeWX3%2BpkImZFK4jtQtvAGTlWh2vvI0CfDKlGZsSKJ3bhMLH2KOtqY3DhelK%2FLlXpCtdscUzCyyjUIzTPbGtOUC23kUYGE81TFw7"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: max-age=2592000, public
cf-ray: 66104abc08a82be9-FRA

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 7F3E 253 B
442 B 154ms
124ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=f33f9af35b9b84312cc1106e74d9595f4c400eea

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fohiodems.org

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

dbb5ab07abf938d453b0e68373d21c0a457e9823998bf0c427ddc3c3b2d9cf9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:57 GMT
content-encoding: gzip
last-modified: Fri, 18 Jun 2021 00:09:58 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 958a8887ae6f36fc511993eb1bb8a8d4e821a28bd44b20b590bca8ac3161cca8
content-length: 177

POST
H2 204 collect
www.google-analytics.com/g/ 0
168 B 13ms
12ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-T0MC8QX2ZT&gtm=2oe6g0&_p=373356525&sr=1600x1200&ul=en-us&cid=1129892393.1623974998&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&dt=Ohio%20Democratic%20Party&sid=1623974998&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T0MC8QX2ZT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 00:09:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 500223356832946 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 106ms
105ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/500223356832946?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7206afa8b6ae5e0703001f25194c77a3412d7e83fa78b17d466197a3e893bdc0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: tVpkXEXOUXWLLtIf9cNXWkXdxXIgdHkvcTHY5hvrlD1x9KIeJLyEMSTxrmee07rD2bc4Ve2CAubBsCp9vY2G8Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Jun 2021 00:09:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 21ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=830442327491061&ev=PageView&dl=https%3A%2F%2Fohiodems.org%2F&rl=&if=false&ts=1623974998480&sw=1600&sh=1200&v=2.9.41&r=stable&a=wordpress-5.7.2-3.0.5&ec=0&o=30&fbp=fb.1.1623974998479.108645103&it=1623974998332&coo=false&rqm=GET

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 18 Jun 2021 00:09:58 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/998315148/ 2 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998315148/?random=1623974998488&cv=9&fst=1623974998488&num=1&label=6pLRCNqVxmUQjKmE3AM&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fohiodems.org%2F&tiba=Ohio%20Democratic%20Party&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6fb11a2ea4e6587c1225ac9001573ec5782874e464fa985d34ee08cdec141e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 00:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/998315148/ 42 B
64 B 27ms
26ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/998315148/?random=1623974998488&cv=9&fst=1623974400000&num=1&label=6pLRCNqVxmUQjKmE3AM&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&frm=0&url=https%3A%2F%2Fohiodems.org%2F&tiba=Ohio%20Democratic%20Party&async=1&fmt=3&is_vtc=1&random=993762315&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 00:09:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/998315148/ 42 B
154 B 18ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/998315148/?random=1623974998488&cv=9&fst=1623974400000&num=1&label=6pLRCNqVxmUQjKmE3AM&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&frm=0&url=https%3A%2F%2Fohiodems.org%2F&tiba=Ohio%20Democratic%20Party&async=1&fmt=3&is_vtc=1&random=993762315&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 00:09:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 206 hero-background.mp4
ohiodems.org/wp-content/uploads/2018/06/ 1 MB
0 110ms
109ms Media
video/mp4 2606:4700:3036::ac43:8e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ohiodems.org/wp-content/uploads/2018/06/hero-background.mp4
Requested by: Host: ohiodems.org
URL: https://ohiodems.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-fetch-mode: no-cors
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
sec-fetch-dest: video
cookie: optimizelyEndUserId=oeu1623974998026r0.13858128443180395; optimizelySegments=%7B%22338746200%22%3A%22direct%22%2C%22339344593%22%3A%22false%22%2C%22339910449%22%3A%22gc%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D; _ga_T0MC8QX2ZT=GS1.1.1623974998.1.0.1623974998.0; _ga=GA1.1.1129892393.1623974998; _fbp=fb.1.1623974998479.108645103
:path: /wp-content/uploads/2018/06/hero-background.mp4
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ohiodems.org
referer: https://ohiodems.org/
:scheme: https
sec-fetch-site: same-origin
range: bytes=262144-
:method: GET
Referer: https://ohiodems.org/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=262144-

Response headers

date: Fri, 18 Jun 2021 00:09:58 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-fw-server: Flywheel/4.1.0
Content-Range: bytes 262144-1334062/1334063
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 1071919
cf-request-id: 0abe0d0a1000002be92ab74000000001
pragma: public
last-modified: Wed, 12 Sep 2018 19:55:00 GMT
server: cloudflare
etag: "5b996f14-145b2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: exinsehpq5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tb%2FxOP0A%2BF10MIYBI6VkN73nPgrIRwiAMdpkkbFxK%2FQaasDoS4V364ykApDNGZlwWly%2BXxfLY0tLQK5a6XJLCpc6Ga%2BRy0xu4cc2UvCQISASD83a%2Fhmsn6ivW0t%2BmN2WSSrDtGfp"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: max-age=2592000, public
cf-ray: 66104abce9f92be9-FRA

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 13ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=500223356832946&ev=PageView&dl=https%3A%2F%2Fohiodems.org%2F&rl=&if=false&ts=1623974998604&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1623974998479.108645103&it=1623974998332&coo=false&rqm=GET

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 18 Jun 2021 00:09:58 GMT

GET
H/1.1 200
OK moment~timeline.bcb1cafa923482f4826e32741fe16a98.js Show response
platform.twitter.com/js/ 25 KB
8 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.bcb1cafa923482f4826e32741fe16a98.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: 5197134265816a7fc5bf360b151eccef4b22bad4b875f4314970860a2e1f2127

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 00:09:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/67BE)
Age: 14131
Etag: "16c9189d13c8dd38e3e003ac2c6bcc8f+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 8011

GET
H/1.1 200
OK timeline.28ecda9667eeb8e1b18898b99fee6c31.js Show response
platform.twitter.com/js/ 20 KB
7 KB 13ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.28ecda9667eeb8e1b18898b99fee6c31.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6713) /
Resource Hash: a5069082fd23bba93317d61fd6da244d6a85f60e68af7dcb9b0a43284f1d835a

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 00:09:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/6713)
Age: 14130
Etag: "c0840e4754c01a08685ae9833ec830c8+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6363

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 7 KB
3 KB 163ms
141ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_OHDems_old&dnt=false&domain=ohiodems.org&lang=en&screen_name=OHDems&suppress_response_codes=true&t=1804416&tweet_limit=1&tz=GMT%2B0200&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

d64fe42642e558727723e403e8232a18687f4cf34f7231a8212ff1091db56444

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
content-length: 2140
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
last-modified: Fri, 18 Jun 2021 00:09:58 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 9c484cfb98412b884f9068fc3f3f553bd837b845169575b8cc7144c16079c5b5
timing-allow-origin: *
x-transaction: 5559b6f5d4723719
expires: Fri, 18 Jun 2021 00:14:58 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4281
date: Thu, 17 Jun 2021 22:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 18 Jun 2021 00:58:37 GMT

GET
H2 200 identity Show response
fastaction.ngpvan.com/api/v1/ 182 B
782 B 328ms
307ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1623974998749=

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Cowboy / Express

Resource Hash

0b0afe2b3274a23645a71d586dd60c580a53d308d3f4d00e6c7416d1f31b15d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
via: 1.1 vegur
x-content-type-options: nosniff
server: Cowboy
content-encoding: gzip
x-powered-by: Express
vary: Accept-Encoding
p3p: CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo: 14-34390247-34390248 NNYN CT(95 96 0) RT(1623974998165 0) q(0 0 2 0) r(3 3) U18
cache-control: max-age=0
date: Fri, 18 Jun 2021 00:09:59 GMT
etag: W/"b6-IH3TW93mkmS8lFFZeffYHIZqj6o"
content-type: text/javascript; charset=utf-8
x-cdn: Imperva
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 glyphicons-regular.woff2
d3rse9xjbp8270.cloudfront.net/assets/fonts/ 94 KB
95 KB 7ms
7ms Font
application/font-woff2 2600:9000:20eb:3a00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/fonts/glyphicons-regular.woff2
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3a00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Origin: https://ohiodems.org
Referer: https://d3rse9xjbp8270.cloudfront.net/at.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:42:59 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
age: 30420
x-cache: Hit from cloudfront
content-length: 96388
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "aca35251952e72d9e32d41217f0f97ab"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: z20Ri68eRGEY51zl0sI1PGH8Ob_d6Z5a_r0iAfZkDKUontZCqoegrA==

GET
H2 200 vGsz3qFuOkqSPswtciZgag2
secure.ngpvan.com/v1/Track/ 0
421 B 106ms
106ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.ngpvan.com/v1/Track/vGsz3qFuOkqSPswtciZgag2?formSessionId=b8ff36cf-c9e6-453c-99e9-1d4bfff1f07c

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cdn: Imperva
date: Fri, 18 Jun 2021 00:09:58 GMT
x-frame-options: SAMEORIGIN
x-iinfo: 14-34390249-34390119 PNNN RT(1623974998166 0) q(0 0 0 0) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
content-length: 0
x-xss-protection: 1; mode=block
expires: -1

GET
H3-29 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v27/ 17 KB
17 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,700italic|Roboto:700,700italic,300,300italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ohiodems.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:03:39 GMT
x-content-type-options: nosniff
age: 493579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17484
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:42 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:03:39 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=373356525&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Downloading&utt=385&_u=YADAAEABAAAAAC~&jid=433362043&gjid=1851304754&cid=1129892393.1623974998&tid=UA-28243511-22&_gid=120620607.1623974999&_r=1&gtm=2wg6g05L2FSL&z=1887140717

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 00:09:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
82 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-28243511-23&cid=1129892393.1623974998&jid=640919972&gjid=323860578&_gid=120620607.1623974999&_u=YCDAgEABAAAAAG~&z=334527309

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 18 Jun 2021 00:09:58 GMT
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=373356525&t=event&ni=1&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SignupForm&ea=Form%20Load&el=Minimal&ev=3&_u=YCDAAEABAAAAAG~&jid=1484901414&gjid=335188263&cid=1129892393.1623974998&tid=UA-28243511-23&_gid=120620607.1623974999&_r=1&gtm=2wg6g05L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP21%2F1%2F89247&cd5=Website%20Signup&cd6=vGsz3qFuOkqSPswtciZgag2&z=8770252

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 00:09:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=373356525&t=pageview&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAC~&jid=640919972&gjid=323860578&cid=1129892393.1623974998&tid=UA-28243511-23&_gid=120620607.1623974999&gtm=2wg6g05L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP21%2F1%2F89247&cd5=Website%20Signup&cd6=vGsz3qFuOkqSPswtciZgag2&z=553487961

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 08:38:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55864
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=373356525&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Processing&utt=9&_u=YCDAAEABAAAAAG~&jid=&gjid=&cid=1129892393.1623974998&tid=UA-28243511-22&_gid=120620607.1623974999&gtm=2wg6g05L2FSL&z=1023817317

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 08:38:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55864
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=373356525&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Render&utt=12&_u=YCDAAEABAAAAAG~&jid=&gjid=&cid=1129892393.1623974998&tid=UA-28243511-22&_gid=120620607.1623974999&gtm=2wg6g05L2FSL&z=895113084

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 08:38:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55864
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=373356525&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Fill&utt=1&_u=YCDAAEABAAAAAG~&jid=&gjid=&cid=1129892393.1623974998&tid=UA-28243511-22&_gid=120620607.1623974999&gtm=2wg6g05L2FSL&z=2021220724

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 08:38:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55864
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=373356525&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Form&utt=412&_u=YCDAAEABAAAAAG~&jid=&gjid=&cid=1129892393.1623974998&tid=UA-28243511-22&_gid=120620607.1623974999&gtm=2wg6g05L2FSL&z=961217294

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 08:38:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55864
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=373356525&t=timing&_s=1&dl=https%3A%2F%2Fohiodems.org%2F&ul=en-us&de=UTF-8&dt=Ohio%20Democratic%20Party&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Total&utt=469&_u=YCDAAEABAAAAAG~&jid=&gjid=&cid=1129892393.1623974998&tid=UA-28243511-22&_gid=120620607.1623974999&gtm=2wg6g05L2FSL&z=2101087114

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 08:38:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55864
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ Frame BC02 53 KB
12 KB 6ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 00:09:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Jun 2021 20:42:54 GMT
Server: ECS (frb/673A)
Age: 14131
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 6ms
6ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 00:09:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Jun 2021 20:42:54 GMT
Server: ECS (frb/673A)
Age: 14131
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryfmmCYCOFDWNZxJj0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 18 Jun 2021 00:09:59 GMT
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 TfwVAbyX_normal.jpg
pbs.twimg.com/profile_images/1380530524779859970/ Frame BC02 2 KB
2 KB 10ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1380530524779859970/TfwVAbyX_normal.jpg

Requested by

Host: ohiodems.org
URL: https://ohiodems.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6713) /

Resource Hash

8b6226066298487bc1f2377a5a5b3c0ae0de8cd8482ae7b2a07b1d194bcbba00

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:59 GMT
x-content-type-options: nosniff
age: 552692
x-cache: HIT
content-length: 2111
x-response-time: 115
surrogate-key: profile_images profile_images/bucket/6 profile_images/1380530524779859970
last-modified: Fri, 09 Apr 2021 14:36:20 GMT
server: ECS (frb/6713)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 618f4ac30c5bf797d304b4d007a4f31f8e6ed77b6589d7fb9ea366b72db114a2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
DATA 200
OK truncated
/ Frame BC02 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame BC02 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame BC02 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame BC02 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame BC02 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame BC02 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H2 200 /
www.facebook.com/tr/ 0
104 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryVDBSiu095bAWBDgf

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 18 Jun 2021 00:09:59 GMT
content-type: text/plain
access-control-allow-origin: https://ohiodems.org
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
375 B 124ms
123ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fohiodems.org%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22ohdems%22%2C%22widget_data_source%22%3A%22profile%3AOHDems%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22item_ids%22%3A%5B%221405621303256698880%22%5D%2C%22item_details%22%3A%7B%221405621303256698880%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%221405623040084414464%22%7D%7D%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1623974999299%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 18 Jun 2021 00:09:59 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 958a8887ae6f36fc511993eb1bb8a8d4e821a28bd44b20b590bca8ac3161cca8
x-transaction: e2320352399dbf97
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/45/3/ 91 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/45/3/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd4c825f06ebddae45c7e6216a286f09adfd99e22f5cbb1d753885667cd039c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 10:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33361
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 22:33:21 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 10:45:56 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/45/3/ 287 KB
88 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/45/3/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

382df0a13e25abb7b2a3fac2f920db42f187f89dce34e96be9084c7754018039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 09:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89641
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 22:33:21 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 09:30:04 GMT

GET
H3-29 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
83 B 65ms
52ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fohiodems.org%2F&4sAIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE&callback=_xdc_._t1x5v9&key=AIzaSyA32zagyI5xAvZP-6KY3Et6BeSSijECTzE&token=92327

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/45/3/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

7e57e348bce519b79fbf39b023cbfd13662df16cdfe5b69a8e33dc36ec17dfc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ohiodems.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 00:10:03 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=33
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://ohiodems.org/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1616678595&ver=1.16.1(Line 7) Message: init popups ✔
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Downloading: 385.093017578125 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Processing: 9.407958984375 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Render: 11.73583984375 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Fill: 1.251953125 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Form: 411.8642578125 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Total: 469.333984375 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.optimizely.com
cdn.syndication.twimg.com
code.jquery.com
connect.facebook.net
d3rse9xjbp8270.cloudfront.net
fastaction.ngpvan.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
iwillvote.com
js2.verygoodvault.com
maps.googleapis.com
maxcdn.bootstrapcdn.com
ohiodems.org
pbs.twimg.com
platform.twitter.com
profile.ngpvan.com
secure.ngpvan.com
stats.g.doubleclick.net
syndication.twitter.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.244.42.72
13.225.74.22
142.250.186.162
2001:4de0:ac18::1:a:2b
2600:9000:20eb:3a00:12:303c:8700:21
2600:9000:21f3:f800:14:79be:a380:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700:3036::ac43:8e8f
2606:4700::6812:acf
2a00:1450:4001:800::2002
2a00:1450:4001:802::200a
2a00:1450:4001:80f::2004
2a00:1450:4001:810::200a
2a00:1450:4001:812::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9c
2a02:26f0:7100:19a::13b8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
45.60.33.183
08dd67a1f23a1f0929ab6aecb2ae6bba654fedc2e1fb4c52a685e67a23a122c2
0b0afe2b3274a23645a71d586dd60c580a53d308d3f4d00e6c7416d1f31b15d1
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0de3e7f7407ebe406bc60da1bc8e984f3d1337ec866cd4533900734bf59e50da
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18c7974cdab32e0e913639d2a48b6b5015677b61e6a6c92abbfaeae341b37799
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1b37eac990fa968ddfa31dcaee4392e8695e54d4f70e211bbdb2609037f1e4ef
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
2597337524a833cfb605b63e2a3a9aaf7857b11587b8dba5fb7932a504a19e23
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
370f049a2458c34f7dc8d6eda8bc03c3a0f2ce147ceaab3e9dac9cae4a6109ca
382df0a13e25abb7b2a3fac2f920db42f187f89dce34e96be9084c7754018039
3960143f4c404eef8c21011e88e07c4b4a0b689e69d4761b555394907cdcc5f1
39e923cd9b7b0e8f56dcb069a582132aa850d546ddf5ad9477e5b029dfca96b1
3aab06044770047b52112fa6809e910825f5b2b254e56a1eb1d3a55ec8413a4b
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51
4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
5197134265816a7fc5bf360b151eccef4b22bad4b875f4314970860a2e1f2127
53d10ba372155a0657ebd8cefe2c76f1a6bb8e27dcfd04bb1401f457cf926a6c
547f226c6e04b6654144617685448d360e2a92d908c6fb646761a1e6d4850004
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
63f5e4f395f67b32f7ac022b0a2bda1f2c78242b1717f39c6349149f31206475
655f0b6f1070a57b78c64ce4d896a5048f9aa4f005806b7b7a5c514db6eccc29
6a91c785f5d31049c4a03af14da1d79eb843fd47433a01f0b232c7ccaf8874c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2cf15ae55ae1414f1f214a9cc9c6b8addae982ca7f39eef90a71b11d67dbc9
6c87fa8e67757e6c16a8e84ec2343fd730fd3277905b5cf32e374947089d50a3
7206afa8b6ae5e0703001f25194c77a3412d7e83fa78b17d466197a3e893bdc0
7bab7e59de498e1e76a05252c66d7fe1e32b1d73fecad8708970b4e693146c51
7c26ab7eb5a47d4ed29f59809c6323a24c02a6c8db60fd33e1884ad3f03ba9e7
7cd72a40e5b18c07a4946978ffad3205ef00f9411dac392f4989b35df4377f8d
7e57e348bce519b79fbf39b023cbfd13662df16cdfe5b69a8e33dc36ec17dfc8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84982412d3d3c8a785d716b60a4ae617ea378bbd13e31f04f8aeaae7686a0d75
8499f481f7d550511361c4b6978f2a14fb1dbc3c24554355da84600715d6e130
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9
8b6226066298487bc1f2377a5a5b3c0ae0de8cd8482ae7b2a07b1d194bcbba00
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9b7ea780f5ff5cd8a0ad4a2700143f3661284dc98d571cb38b188c2c060fe55a
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a4f722d770732e5a7a11518982ec3339298bf91fe1eaf4ebfc310e280cbc98b0
a5069082fd23bba93317d61fd6da244d6a85f60e68af7dcb9b0a43284f1d835a
a6fb11a2ea4e6587c1225ac9001573ec5782874e464fa985d34ee08cdec141e4
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
c694a371dc0d0d8accc0cc110c4e2e8f15a44682710b85c71c2f68833623737c
cebf97eaae66d61c4c903ad0f1bc6fe4826568214537bd8176dec1d044a3562b
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d64fe42642e558727723e403e8232a18687f4cf34f7231a8212ff1091db56444
dbb5ab07abf938d453b0e68373d21c0a457e9823998bf0c427ddc3c3b2d9cf9c
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
deed0cca828e10820588f046f3c492360a07f32007d9fdb4cef8249baded73d0
e3037e5f992beda4fda32b590e897a0806fe95aeb592114396e9b222668f1208
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eca324dc964e8ecc829817b27d52685badb40feb02977db63ec4bca1177d4c4f
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5460203f0f5412e534fa35b0b55f8e10a98b83418496b034c4ad4ba293cffc
f2470c6c388ac442808a285250328ffd6f010a2d3dacde4a41dc45fafefc2c97
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd4c825f06ebddae45c7e6216a286f09adfd99e22f5cbb1d753885667cd039c6

ohiodems.org Open in urlscan Pro 2606:4700:3036::ac43:8e8f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

80 Requests

100 %HTTPS

83 %IPv6

20 Domains

27 Subdomains

25 IPs

4 Countries

2223 kBTransfer

6707 kBSize

0 Cookies

14 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ohiodems.org Open in urlscan Pro
2606:4700:3036::ac43:8e8f Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

100 %
HTTPS

83 %
IPv6

20
Domains

27
Subdomains

25
IPs

4
Countries

2223 kB
Transfer

6707 kB
Size

0
Cookies

80 HTTP transactions
7 data transactions