urlscan.io logo urlscan.io
SecurityTrails logo

www.heritagevalley.org Open in urlscan Pro
142.93.197.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.heritagevalley.org/
Effective URL: https://www.heritagevalley.org/
Submission: On November 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 14 domains to perform 59 HTTP transactions. The main IP is 142.93.197.2, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.heritagevalley.org.
TLS certificate: Issued by R3 on October 14th 2022. Valid for: 3 months.
This is the only time www.heritagevalley.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

32    142.93.197.2 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 722501.cloudwaysapps.com
www.heritagevalley.org
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
5118841.fls.doubleclick.net
1    143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net
sc-static.net
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    3.120.24.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-24-110.eu-central-1.compute.amazonaws.com
tags.w55c.net
1    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
cvt.mydas.mobi
Apex Domain
Subdomains		 Transfer
32 heritagevalley.org
www.heritagevalley.org
4 MB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
279 KB
4 doubleclick.net
5118841.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
2 KB
3 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 852
626 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
region1.google-analytics.com — Cisco Umbrella Rank: 2536
20 KB
2 w55c.net
tags.w55c.net — Cisco Umbrella Rank: 3568
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
203 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 139
112 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
153 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 72
2 KB
1 mydas.mobi
cvt.mydas.mobi — Cisco Umbrella Rank: 933909
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8709
854 B
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 873
12 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
59 14
Domain Requested by
32 www.heritagevalley.org 1 redirects www.heritagevalley.org
6 fonts.gstatic.com fonts.googleapis.com
3 tr.snapchat.com sc-static.net
3 5118841.fls.doubleclick.net 1 redirects www.googletagmanager.com
adservice.google.com
2 tags.w55c.net 1 redirects 5118841.fls.doubleclick.net
2 www.facebook.com www.heritagevalley.org
2 connect.facebook.net www.heritagevalley.org
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.heritagevalley.org
2 www.googletagmanager.com www.heritagevalley.org
www.googletagmanager.com
1 cvt.mydas.mobi 5118841.fls.doubleclick.net
1 adservice.google.de 1 redirects
1 adservice.google.com 5118841.fls.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 sc-static.net www.googletagmanager.com
1 www.gstatic.com www.google.com
1 www.google.com www.heritagevalley.org
1 fonts.googleapis.com www.heritagevalley.org
59 18
Subject Issuer Validity Valid
heritagevalley.org
R3		 2022-10-14 -
2023-01-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-22 -
2022-11-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.snap.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-08-16		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-10-17 -
2022-12-07		 2 months crt.sh

This page contains 6 frames:

Primary Page: https://www.heritagevalley.org/
Frame ID: 809B4601DAE2F625E5EF31C192520581
Requests: 52 HTTP requests in this frame

Frame: https://5118841.fls.doubleclick.net/activityi;dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Frame ID: 45CF87071577553FFB895406CEE23516
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=4ce72ccc-880f-4386-866b-1210bbf0a8ef&u_scsid=8bef305d-7e62-4c79-adb7-24be5c263dfc&u_sclid=9e3e6849-27c9-4079-bb56-24e09182e8f1
Frame ID: B754B60CEFAB0FB36F377CEE801FAB3F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Frame ID: BD232A4AFC89B5268DE806EDCCE4184A
Requests: 1 HTTP requests in this frame

Frame: https://5118841.fls.doubleclick.net/ddm/fls/r/dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Frame ID: 4EF77FBD974AF0EAFBE7185924F2B3F3
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: ECD8E707328035389F2D3C6D7BF15630
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Heritage Valley Health System - Uniquely Connected. For Life.

Page URL History Show full URLs

  1. http://www.heritagevalley.org/ HTTP 301
    https://www.heritagevalley.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

59
Requests

97 %
HTTPS

72 %
IPv6

14
Domains

18
Subdomains

17
IPs

4
Countries

5036 kB
Transfer

6389 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.heritagevalley.org/ HTTP 301
    https://www.heritagevalley.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://5118841.fls.doubleclick.net/activityi;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F HTTP 302
  • https://5118841.fls.doubleclick.net/activityi;dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Request Chain 51
  • https://adservice.google.de/ddm/fls/i/dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F HTTP 302
  • https://5118841.fls.doubleclick.net/ddm/fls/r/dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Request Chain 53
  • https://tags.w55c.net/rs?id=5d8a801a4caa4a7f9d2363efeda8866d&t=marketing HTTP 302
  • https://tags.w55c.net/rs?sccid=0a0bd1ca-4cba-dcec-92a9-e0ad6fcdd6ae&scc=1&id=5d8a801a4caa4a7f9d2363efeda8866d&t=marketing

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heritagevalley.org/
Redirect Chain
  • http://www.heritagevalley.org/
  • https://www.heritagevalley.org/
207 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
3a5123400b3a463cf148dcca954c9153481f1f52a79c27b073f0aeb1659b673b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
no-cache, max-age=0
content-encoding
gzip
content-length
40530
content-type
text/html; charset=UTF-8
date
Sun, 13 Nov 2022 06:03:29 GMT
expires
Sun, 13 Nov 2022 06:03:28 GMT
link
<https://www.heritagevalley.org/wp-json/>; rel="https://api.w.org/", <https://www.heritagevalley.org/wp-json/wp/v2/pages/9>; rel="alternate"; type="application/json", <https://www.heritagevalley.org/>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache
MISS
x-tec-api-origin
https://www.heritagevalley.org
x-tec-api-root
https://www.heritagevalley.org/wp-json/tribe/events/v1/
x-tec-api-version
v1

Redirect headers

Age
6306
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
327
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 13 Nov 2022 06:03:27 GMT
Expires
Sun, 13 Nov 2022 04:18:21 GMT
Location
https://www.heritagevalley.org/
Server
nginx
X-Cache
HIT
style.min.css
www.heritagevalley.org/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 20:12:41 GMT
server
nginx
etag
W/"62e98539-15b64"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
style.css
www.heritagevalley.org/wp-content/plugins/constant-contact-forms/assets/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-content/plugins/constant-contact-forms/assets/css/style.css?ver=1.13.0
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
2482c78f63244feb1c68183c888ee9f1705b0e48b798faa197575a6a89bddcc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 13:11:24 GMT
server
nginx
etag
W/"628b87fc-4b9a"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C500%2C700&display=swap&ver=6.0.3
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
caba3618d33a0b8223691d02f63e85e951bb4ffd0f5da0fcc44eaef0dd0858b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Nov 2022 06:03:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Nov 2022 06:03:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Nov 2022 06:03:29 GMT
style.min.css
www.heritagevalley.org/wp-content/themes/boxpress/assets/css/ 		88 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/css/style.min.css?ver=1649340206
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
6934453a3fabfff63f01680aab4d754d44fbe50938fa5b1347b3bfb93e71a03d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:03:26 GMT
server
nginx
etag
W/"624eef2e-15f11"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
jquery.min.js
www.heritagevalley.org/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 21:21:23 GMT
server
nginx
etag
W/"6109b353-15db1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
jquery-migrate.min.js
www.heritagevalley.org/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 21:21:23 GMT
server
nginx
etag
W/"6109b353-2bd8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
print.min.css
www.heritagevalley.org/wp-content/themes/boxpress/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/css/print.min.css?ver=1649340206
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
db5acc1c8c888ee8c33d3146fe2b4ab448089432f074670ae78d93451ef9c0f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:03:26 GMT
server
nginx
etag
W/"624eef2e-a0b"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
GettyImages-1183657318-Small-scaled.jpg
www.heritagevalley.org/wp-content/uploads/2022/03/ 		366 KB
366 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/03/GettyImages-1183657318-Small-scaled.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
7a31386fdc14ca3f63c87c77d02fb6d5d426f9dd58830d06bb5b4440e8b49e91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Tue, 08 Mar 2022 20:58:04 GMT
server
nginx
etag
"6227c35c-5b736"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
374582
Wine-Event.jpg
www.heritagevalley.org/wp-content/uploads/2022/10/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/10/Wine-Event.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
69e639905cf1e0229cc4cbc06c3e6d6e442443e6e4f2bab5107a7f1bf3f177bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Thu, 06 Oct 2022 16:44:00 GMT
server
nginx
etag
"633f05d0-abe3"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
44003
Covid-scaled.jpg
www.heritagevalley.org/wp-content/uploads/2022/03/ 		529 KB
530 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/03/Covid-scaled.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
6d65d871712dfaef97e9c0213372666348bd8a35e2321851885e65d406e79151

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Tue, 08 Mar 2022 20:19:49 GMT
server
nginx
etag
"6227ba65-84350"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
541520
GettyImages-163752654.jpg
www.heritagevalley.org/wp-content/uploads/2022/03/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/03/GettyImages-163752654.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
8709e43e29b83d4aea33eef70bf66b91c1c565bd9049bddcde590ad8ada328d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Wed, 30 Mar 2022 17:58:23 GMT
server
nginx
etag
"62449a3f-13fa15"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1309205
IMG_4214-scaled-e1649944082458.jpg
www.heritagevalley.org/wp-content/uploads/2020/10/ 		515 KB
516 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2020/10/IMG_4214-scaled-e1649944082458.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
e445d9d1b9272eab38d3e20b02cc80a2e5449e8c22b086016cb628bdbd92e660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Thu, 14 Apr 2022 13:48:02 GMT
server
nginx
etag
"62582612-80dd2"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
527826
Bedi-M-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/03/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/03/Bedi-M-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
4c85c972291d5d105fb727127076bc1c7ede6695012a963d3ac6dabec5a429aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Thu, 10 Mar 2022 17:58:53 GMT
server
nginx
etag
"622a3c5d-17b37"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
97079
Cheng-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/Cheng-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
e264344709ffad08486d65fc663ff2aa0faf7adc85731d98608cb51ea552c4b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Tue, 02 Aug 2022 16:03:54 GMT
server
nginx
etag
"62e94aea-1ef4d"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
126797
Cherian-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/06/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/06/Cherian-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
a5a31d3d8d8104a65f41a3152363a59c72bb19c0320dff603b8ff9afdd8165a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Wed, 29 Jun 2022 13:51:38 GMT
server
nginx
etag
"62bc58ea-125f3"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
75251
Kolibash-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/Kolibash-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
61f3418768601f93b4e586a3cceee96e48be8cd1b4988dd86c2357a700c47e35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Tue, 02 Aug 2022 16:04:55 GMT
server
nginx
etag
"62e94b27-18e58"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
101976
Ladani-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/09/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/09/Ladani-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
dd17ff319a8b89f9413876d6ba32cb8bc98e6f31e01998d8417b8b577e13b245

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Thu, 01 Sep 2022 16:49:07 GMT
server
nginx
etag
"6310e283-d47a"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
54394
McCaffery-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/McCaffery-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
4f6c3999b8d82e89d3bb3204ffd09d0119a8b7e68195ca6349ae37027cccd733

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Tue, 02 Aug 2022 16:06:20 GMT
server
nginx
etag
"62e94b7c-13b31"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
80689
Miske-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/Miske-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
eaa3c0834688c0bbfcc63ef48969aa1033a3e1522ecd0f507e30aa6b63923c55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Tue, 02 Aug 2022 16:13:13 GMT
server
nginx
etag
"62e94d19-fa21"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
64033
Patel-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/Patel-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
e589a96cdc38a15a6db72b8d17132052502e63817ed609b84ebe95670e3d9bff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Thu, 25 Aug 2022 16:38:20 GMT
server
nginx
etag
"6307a57c-caac"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
51884
Ridenour-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/Ridenour-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
e08f58dadb18f1990b1b60eb7d3a45516fabeac8f9b48f4a9c260ad4029a7bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Tue, 02 Aug 2022 16:14:45 GMT
server
nginx
etag
"62e94d75-24e13"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
151059
Sanjari-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/Sanjari-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
1e2e6f86116a4adee2d52ec06e53ffd717db45efa73adba608e8609f6e58f4cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Tue, 02 Aug 2022 16:15:41 GMT
server
nginx
etag
"62e94dad-1777e"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
96126
Tiberio-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		354 KB
354 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/Tiberio-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
3d65b1096a44ad858ce08c93446ae2fd09c8477091afdfcbb136ff2c20e6dea3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Tue, 02 Aug 2022 16:16:50 GMT
server
nginx
etag
"62e94df2-58642"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
362050
Venet-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/Venet-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
0e450c5af5b2b902e16e72353ca566141471ae75f2045e2d29256d7a113f65d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Tue, 02 Aug 2022 16:17:35 GMT
server
nginx
etag
"62e94e1f-10146"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
65862
home-block-careers-bkg.jpg
www.heritagevalley.org/wp-content/uploads/2020/05/ 		243 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2020/05/home-block-careers-bkg.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
dc8674a75b098e04a8f1e0809649ac9ad518f857a03dcfbd43467474493c881c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Tue, 20 Oct 2020 15:32:53 GMT
server
nginx
etag
"5f8f0325-3cc33"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
248883
ctct-plugin-recaptcha-v2.min.js
www.heritagevalley.org/wp-content/plugins/constant-contact-forms/assets/js/ 		2 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-content/plugins/constant-contact-forms/assets/js/ctct-plugin-recaptcha-v2.min.js?ver=1.13.0
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
8bf36225d6afa995aede0e9b4594d929b8ed7f021175614f112e5927aa30419a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 13:11:24 GMT
server
nginx
etag
W/"628b87fc-695"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
api.js
www.google.com/recaptcha/ 		910 B
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=renderReCaptcha&render=explicit&ver=1.13.0
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3da36fd152f2499ea4680a3d5c768aa2f63bf34bd97d27cf88676619b7d7c90d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
577
x-xss-protection
1; mode=block
expires
Sun, 13 Nov 2022 06:03:29 GMT
ctct-plugin-frontend.min.js
www.heritagevalley.org/wp-content/plugins/constant-contact-forms/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-content/plugins/constant-contact-forms/assets/js/ctct-plugin-frontend.min.js?ver=1.13.0
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
57094990a5724535c6697a73c46c0828cf57c9cd3d47b2377a3d9784f130f1b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 13:11:24 GMT
server
nginx
etag
W/"628b87fc-1062"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
site.min.js
www.heritagevalley.org/wp-content/themes/boxpress/assets/js/build/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/js/build/site.min.js?ver=1649340207
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
31f78ed76f3dded737d238c902d43a9193c688439dcfcaa64c761a346171d7b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:03:27 GMT
server
nginx
etag
W/"624eef2f-261a2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
gtm.js
www.googletagmanager.com/ 		228 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MM6ZBP
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eede8248e4bbac378fe10c1d8ac4b6c0b443dc02bdc3d7398e0e5cb7b9781bad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80453
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 13 Nov 2022 06:03:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C500%2C700&display=swap&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heritagevalley.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 19:42:15 GMT
x-content-type-options
nosniff
age
210074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 19:42:15 GMT
large-arrow-right.png
www.heritagevalley.org/wp-content/themes/boxpress/assets/img/dist/icons/ 		259 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/img/dist/icons/large-arrow-right.png
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/wp-content/themes/boxpress/assets/css/style.min.css?ver=1649340206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
31222968e48f9e47c8de3f042dd08097ceb92e08d095eb9ff0613abba330c6be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/css/style.min.css?ver=1649340206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Thu, 07 Apr 2022 14:03:26 GMT
server
nginx
etag
"624eef2e-103"
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
259
footer-bkg@2x.png
www.heritagevalley.org/wp-content/themes/boxpress/assets/img/dist/backgrounds/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/img/dist/backgrounds/footer-bkg@2x.png
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/wp-content/themes/boxpress/assets/css/style.min.css?ver=1649340206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
aff4e867219ceae3e1802efa5658370b5d37e46c135c361eddc7d1c05de5ae0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/css/style.min.css?ver=1649340206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
last-modified
Thu, 07 Apr 2022 14:03:26 GMT
server
nginx
etag
"624eef2e-30cd"
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12493
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C500%2C700&display=swap&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heritagevalley.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 16:44:52 GMT
x-content-type-options
nosniff
age
479917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 16:44:52 GMT
kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C500%2C700&display=swap&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heritagevalley.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 18:38:30 GMT
x-content-type-options
nosniff
age
386699
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27976
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:45:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 18:38:30 GMT
kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C500%2C700&display=swap&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heritagevalley.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 23:11:11 GMT
x-content-type-options
nosniff
age
456738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27120
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:42:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:11:11 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C500%2C700&display=swap&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heritagevalley.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:40 GMT
x-content-type-options
nosniff
age
237829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 11:59:40 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ 		402 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderReCaptcha&render=explicit&ver=1.13.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heritagevalley.org/
Origin
https://www.heritagevalley.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 22:54:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164348
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 23:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Nov 2023 22:54:06 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM6ZBP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 13 Nov 2022 05:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2855
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 13 Nov 2022 07:15:54 GMT
activityi;dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
5118841.fls.doubleclick.net/ Frame 45CF
Redirect Chain
  • https://5118841.fls.doubleclick.net/activityi;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F?
  • https://5118841.fls.doubleclick.net/activityi;dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.h...
486 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5118841.fls.doubleclick.net/activityi;dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM6ZBP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
d0d07104234bbdc391fc97f1937cacf92bc5bdc89709d1535e605d3b1b5b6918
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heritagevalley.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
258
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 06:03:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 06:03:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5118841.fls.doubleclick.net/activityi;dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
scevent.min.js
sc-static.net/ 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM6ZBP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-250.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
1076991f3e548c844051c4aaf033a77668e636282ca8b7aef054f01667866e32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
content-encoding
gzip
via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA53-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
11952
x-amz-cf-id
2mwu_wr4MTlTn8H4knmDcUSTQmapCa6KHfIIQdiWFBzGv8jfnOoB3g==
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 13 Nov 2022 06:03:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27337
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
wy1aihBn7rEB5gqhB00VzL5YMQ7yR33B95EaEzXXgt4gd2sJgyN/03Qk/8iLByDkYXJGzvkfOE9V/05cVS38qw==
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		212 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B7PDX6QBWS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM6ZBP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
111720b309850486ee28a06577eb0f6dd9d2c5cb3140e91cfb978881ce3e85ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75957
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 13 Nov 2022 06:03:29 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-50003668-1&cid=1320637715.1668319410&jid=225072480&gjid=1336465524&_gid=1326234955.1668319410&_u=YGBAgEABAAAAAEAAI~&z=1292320287
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heritagevalley.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 13 Nov 2022 06:03:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heritagevalley.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2022288113&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heritagevalley.org%2F&ul=en-us&de=UTF-8&dt=Heritage%20Valley%20Health%20System%20-%20Uniquely%20Connected.%20For%20Life.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAAAAAI~&jid=225072480&gjid=1336465524&cid=1320637715.1668319410&tid=UA-50003668-1&_gid=1326234955.1668319410&gtm=2wgb90MM6ZBP&z=1545100462
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12058
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
i
tr.snapchat.com/cm/ Frame B754 		0
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=4ce72ccc-880f-4386-866b-1210bbf0a8ef&u_scsid=8bef305d-7e62-4c79-adb7-24be5c263dfc&u_sclid=9e3e6849-27c9-4079-bb56-24e09182e8f1
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heritagevalley.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 13 Nov 2022 06:03:29 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
is_enabled
tr.snapchat.com/collector/ 		79 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=4ce72ccc-880f-4386-866b-1210bbf0a8ef&tld=org
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
c4f4b43a1e44afc5285cfc5b0d63b697a3396eee79a08b18a93049509baa5eb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.heritagevalley.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heritagevalley.org
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
430909190736370
connect.facebook.net/signals/config/ 		294 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/430909190736370?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
52cc0297ea9beb808ef249001901665ba6ae62bbab47fa6867d6aa747d6df11f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 13 Nov 2022 06:03:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
FnYQIKnM3d5E/UKByDF4UcrvG7xIFOcPpfo4oFYRv9Vko9VvyTQPFzIxMWENhMyRVRQnDyzkW7yI3y8360tvDg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
352 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B7PDX6QBWS&gtm=2oeb90&_p=2022288113&cid=1320637715.1668319410&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668319409&sct=1&seg=0&dl=https%3A%2F%2Fwww.heritagevalley.org%2F&dt=Heritage%20Valley%20Health%20System%20-%20Uniquely%20Connected.%20For%20Life.&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B7PDX6QBWS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 06:03:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heritagevalley.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
adservice.google.com/ddm/fls/i/ Frame BD23 		485 B
727 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Requested by
Host: 5118841.fls.doubleclick.net
URL: https://5118841.fls.doubleclick.net/activityi;dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88df3748462ad6cc4f4f6d40349609e59792fa9105ed9e9cbac42c05a34e390a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5118841.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
259
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 06:03:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
p
tr.snapchat.com/ 		68 B
89 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heritagevalley.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 13 Nov 2022 06:03:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
text/html
access-control-allow-origin
https://www.heritagevalley.org
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
6
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
5118841.fls.doubleclick.net/ddm/fls/r/ Frame 4EF7
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagev...
  • https://5118841.fls.doubleclick.net/ddm/fls/r/dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.h...
384 B
206 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5118841.fls.doubleclick.net/ddm/fls/r/dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
5e2f8d3cd0bb39417d59f8d588c3393ee97199690af27bf9b40e0947d8f4f57f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
181
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 06:03:29 GMT
expires
Sun, 13 Nov 2022 06:03:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 06:03:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://5118841.fls.doubleclick.net/ddm/fls/r/dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=430909190736370&ev=PageView&dl=https%3A%2F%2Fwww.heritagevalley.org%2F&rl=&if=false&ts=1668319409814&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1668319409814.1858962894&it=1668319409676&coo=false&rqm=GET
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 13 Nov 2022 06:03:29 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
rs
tags.w55c.net/ Frame 4EF7
Redirect Chain
  • https://tags.w55c.net/rs?id=5d8a801a4caa4a7f9d2363efeda8866d&t=marketing
  • https://tags.w55c.net/rs?sccid=0a0bd1ca-4cba-dcec-92a9-e0ad6fcdd6ae&scc=1&id=5d8a801a4caa4a7f9d2363efeda8866d&t=marketing
42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.w55c.net/rs?sccid=0a0bd1ca-4cba-dcec-92a9-e0ad6fcdd6ae&scc=1&id=5d8a801a4caa4a7f9d2363efeda8866d&t=marketing
Requested by
Host: 5118841.fls.doubleclick.net
URL: https://5118841.fls.doubleclick.net/ddm/fls/r/dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Protocol
HTTP/1.1
Server
3.120.24.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-24-110.eu-central-1.compute.amazonaws.com
Software
Retargeting/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0cc766d172cabf844@eu-central-1b@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5118841.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 06:03:29 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0cc766d172cabf844@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 06:03:30 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0365872a60f729e92@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://tags.w55c.net/rs?sccid=0a0bd1ca-4cba-dcec-92a9-e0ad6fcdd6ae&scc=1&id=5d8a801a4caa4a7f9d2363efeda8866d&t=marketing
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
handleConversion
cvt.mydas.mobi/ Frame 4EF7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvt.mydas.mobi/handleConversion?goalId=55619
Requested by
Host: 5118841.fls.doubleclick.net
URL: https://5118841.fls.doubleclick.net/ddm/fls/r/dc_pre=CN6_no6-qvsCFYsiBgAdQkYLjQ;src=5118841;type=hvhsh0;cat=hvhsh0;ord=7863219687447;gtm=2wgb90;auiddc=131811168.1668319409;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5118841.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
home-arrow-left.png
www.heritagevalley.org/wp-content/themes/boxpress/assets/img/dist/icons/ 		617 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/img/dist/icons/home-arrow-left.png
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/wp-content/themes/boxpress/assets/css/style.min.css?ver=1649340206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
b9ae663ffcdb8415ba25ad6f820ba6b0aaca62aceb90246df2629515db6b4dc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/css/style.min.css?ver=1649340206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 06:03:30 GMT
last-modified
Thu, 07 Apr 2022 14:03:26 GMT
server
nginx
etag
"624eef2e-269"
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
617
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C500%2C700&display=swap&ver=6.0.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heritagevalley.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 17:11:27 GMT
x-content-type-options
nosniff
age
132723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 17:11:27 GMT
/
www.facebook.com/tr/ Frame ECD8 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.heritagevalley.org
Referer
https://www.heritagevalley.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.heritagevalley.org
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 06:03:30 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| $ function| jQuery object| dataLayer object| tribe_l10n_datatables function| ctctEnableBtn function| ctctDisableBtn function| renderReCaptcha object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| CTCTSupport object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| tr function| snaptr function| fbq function| _fbq function| storageAvailable function| tns object| MicroModal object| Popper object| ProgressBar function| tippy number| tnsId object| gaplugins object| gaGlobal object| gaData object| recaptcha function| onYouTubeIframeAPIReady

12 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
.heritagevalley.org/ Name: _gcl_au
Value: 1.1.131811168.1668319409
.heritagevalley.org/ Name: _gid
Value: GA1.2.1326234955.1668319410
.heritagevalley.org/ Name: _dc_gtm_UA-50003668-1
Value: 1
www.heritagevalley.org/ Name: _scid
Value: a07bd23a-d274-4413-8b8b-a93568e5709f
.heritagevalley.org/ Name: _ga_B7PDX6QBWS
Value: GS1.1.1668319409.1.0.1668319409.0.0.0
.heritagevalley.org/ Name: _ga
Value: GA1.1.1320637715.1668319410
.heritagevalley.org/ Name: _fbp
Value: fb.1.1668319409814.1858962894
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQYA2BnLOKfcHxs1mlwbyWiTDUR2ukGw856tv30W6QfUJwrf/5Mz/MMgAAAA==
.doubleclick.net/ Name: IDE
Value: AHWqTUmT1DvXXFZorWsVAl4YPSDB1abejdzNqJ2S61wkPnivMsZnFZunqqWl9w-GuCE
.mydas.mobi/ Name: A3
Value: d=AQABBLKIcGMCEKyORf6N_LsW-fBK0LWyybg&S=AQAAAoCglt3a1S0Mppyfs10LYtg
.w55c.net/ Name: wfivefivec
Value: cEFxH8zx1OU65A2

1 Console Messages

Source Level URL
Text
network error URL: https://cvt.mydas.mobi/handleConversion?goalId=55619
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5118841.fls.doubleclick.net
adservice.google.com
adservice.google.de
connect.facebook.net
cvt.mydas.mobi
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
sc-static.net
stats.g.doubleclick.net
tags.w55c.net
tr.snapchat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.heritagevalley.org
142.250.185.70
142.93.197.2
143.204.207.250
2001:4860:4802:32::36
2a00:1288:80:807::2
2a00:1450:4001:808::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.120.24.110
35.190.43.134
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0e450c5af5b2b902e16e72353ca566141471ae75f2045e2d29256d7a113f65d5
1076991f3e548c844051c4aaf033a77668e636282ca8b7aef054f01667866e32
111720b309850486ee28a06577eb0f6dd9d2c5cb3140e91cfb978881ce3e85ef
1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d
1e2e6f86116a4adee2d52ec06e53ffd717db45efa73adba608e8609f6e58f4cb
2482c78f63244feb1c68183c888ee9f1705b0e48b798faa197575a6a89bddcc8
31222968e48f9e47c8de3f042dd08097ceb92e08d095eb9ff0613abba330c6be
31f78ed76f3dded737d238c902d43a9193c688439dcfcaa64c761a346171d7b5
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3a5123400b3a463cf148dcca954c9153481f1f52a79c27b073f0aeb1659b673b
3d65b1096a44ad858ce08c93446ae2fd09c8477091afdfcbb136ff2c20e6dea3
3da36fd152f2499ea4680a3d5c768aa2f63bf34bd97d27cf88676619b7d7c90d
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4c85c972291d5d105fb727127076bc1c7ede6695012a963d3ac6dabec5a429aa
4f6c3999b8d82e89d3bb3204ffd09d0119a8b7e68195ca6349ae37027cccd733
52cc0297ea9beb808ef249001901665ba6ae62bbab47fa6867d6aa747d6df11f
57094990a5724535c6697a73c46c0828cf57c9cd3d47b2377a3d9784f130f1b0
5e2f8d3cd0bb39417d59f8d588c3393ee97199690af27bf9b40e0947d8f4f57f
61f3418768601f93b4e586a3cceee96e48be8cd1b4988dd86c2357a700c47e35
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
6934453a3fabfff63f01680aab4d754d44fbe50938fa5b1347b3bfb93e71a03d
69e639905cf1e0229cc4cbc06c3e6d6e442443e6e4f2bab5107a7f1bf3f177bd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
6d65d871712dfaef97e9c0213372666348bd8a35e2321851885e65d406e79151
7a31386fdc14ca3f63c87c77d02fb6d5d426f9dd58830d06bb5b4440e8b49e91
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8709e43e29b83d4aea33eef70bf66b91c1c565bd9049bddcde590ad8ada328d1
88df3748462ad6cc4f4f6d40349609e59792fa9105ed9e9cbac42c05a34e390a
8bf36225d6afa995aede0e9b4594d929b8ed7f021175614f112e5927aa30419a
a5a31d3d8d8104a65f41a3152363a59c72bb19c0320dff603b8ff9afdd8165a2
aff4e867219ceae3e1802efa5658370b5d37e46c135c361eddc7d1c05de5ae0c
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b9ae663ffcdb8415ba25ad6f820ba6b0aaca62aceb90246df2629515db6b4dc5
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c4f4b43a1e44afc5285cfc5b0d63b697a3396eee79a08b18a93049509baa5eb7
caba3618d33a0b8223691d02f63e85e951bb4ffd0f5da0fcc44eaef0dd0858b9
d0d07104234bbdc391fc97f1937cacf92bc5bdc89709d1535e605d3b1b5b6918
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
db5acc1c8c888ee8c33d3146fe2b4ab448089432f074670ae78d93451ef9c0f2
dc8674a75b098e04a8f1e0809649ac9ad518f857a03dcfbd43467474493c881c
dd17ff319a8b89f9413876d6ba32cb8bc98e6f31e01998d8417b8b577e13b245
e08f58dadb18f1990b1b60eb7d3a45516fabeac8f9b48f4a9c260ad4029a7bdc
e264344709ffad08486d65fc663ff2aa0faf7adc85731d98608cb51ea552c4b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e445d9d1b9272eab38d3e20b02cc80a2e5449e8c22b086016cb628bdbd92e660
e589a96cdc38a15a6db72b8d17132052502e63817ed609b84ebe95670e3d9bff
eaa3c0834688c0bbfcc63ef48969aa1033a3e1522ecd0f507e30aa6b63923c55
eede8248e4bbac378fe10c1d8ac4b6c0b443dc02bdc3d7398e0e5cb7b9781bad
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143