gemofthevalley.site Open in urlscan Pro
50.17.250.125 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gemofthevalley.site/
Effective URL:
https://gemofthevalley.site/
Submission: On April 25 via api (April 25th 2024, 3:07:27 pm UTC) from BE — Scanned from DE

Summary HTTP 46 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 46 HTTP transactions. The main IP is 50.17.250.125, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is gemofthevalley.site.
TLS certificate: Issued by R3 on April 14th 2024. Valid for: 3 months.

This is the only time gemofthevalley.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	50.17.250.125 50.17.250.125	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	23.2.208.195 23.2.208.195	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2600:9000:249... 2600:9000:2490:5200:0:ee22:db00:21	16509 (AMAZON-02) (AMAZON-02)
6	142.250.186.36 142.250.186.36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
46	15

10 50.17.250.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-250-125.compute-1.amazonaws.com

gemofthevalley.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.2.208.195 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-208-195.deploy.static.akamaitechnologies.com

02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:2490:5200:0:ee22:db00:21 (United States)

ASN16509 (AMAZON-02, US)

d14tal8bchn59o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	cloudfront.net d14tal8bchn59o.cloudfront.net	341 KB
10	gemofthevalley.site gemofthevalley.site	371 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2	881 B
5	gstatic.com fonts.gstatic.com www.gstatic.com	317 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31 region1.google-analytics.com — Cisco Umbrella Rank: 2404	21 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 242	952 B
2	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1306	28 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	91 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	153 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 594	34 KB
1	rackcdn.com 02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com — Cisco Umbrella Rank: 401143	8 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	3 KB
46	12

	Domain	Requested by
11	d14tal8bchn59o.cloudfront.net	gemofthevalley.site
10	gemofthevalley.site	gemofthevalley.site
6	www.google.com	gemofthevalley.site
4	fonts.gstatic.com	fonts.googleapis.com
2	bam.nr-data.net	gemofthevalley.site
2	www.google-analytics.com	gemofthevalley.site
2	platform.twitter.com	gemofthevalley.site
2	connect.facebook.net	gemofthevalley.site
2	www.googletagmanager.com	gemofthevalley.site
1	js-agent.newrelic.com	gemofthevalley.site
1	region1.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	gemofthevalley.site
1	02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com	gemofthevalley.site
1	fonts.googleapis.com	gemofthevalley.site
46	14

This site contains links to these domains. Also see Links.

Domain
d14tal8bchn59o.cloudfront.net

Subject Issuer	Validity	Valid
gemofthevalley.site R3	`2024-04-14` - `2024-07-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-02` - `2024-05-02`	3 months	crt.sh
*.ssl.cf2.rackcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-24` - `2024-11-27`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://gemofthevalley.site/
Frame ID: 55DFD53CD405163BA7F753373F99D2D2
Requests: 40 HTTP requests in this frame

Frame: https://www.google.com/maps/embed/v1/place?key=AIzaSyBnqRKZUWWJ3b1bJSLcGKVYXbndZYn-CAI&q=Casa+Grande%2C+AZ+85122
Frame ID: C288E354862BAA873673362A9E298A60
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgemofthevalley.site
Frame ID: 938FFECE58A45452CA72AFB3D4C009BF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfj9UUUAAAAAE4AjXBcpuxOxAmq9-Nl6asnEbR6&co=aHR0cHM6Ly9nZW1vZnRoZXZhbGxleS5zaXRlOjQ0Mw..&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&badge=inline&cb=540dt26g5oh7
Frame ID: C63AD4995601B8F5DA2BF9B46FF634C4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfj9UUUAAAAAE4AjXBcpuxOxAmq9-Nl6asnEbR6&co=aHR0cHM6Ly9nZW1vZnRoZXZhbGxleS5zaXRlOjQ0Mw..&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&badge=inline&cb=k6xo7isrumg4
Frame ID: D93A9DAB7EB19A81688EC8FA25A3B52A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6Lfj9UUUAAAAAE4AjXBcpuxOxAmq9-Nl6asnEbR6
Frame ID: F3B6357E3F864A82F5CC67D7742C0CFE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6Lfj9UUUAAAAAE4AjXBcpuxOxAmq9-Nl6asnEbR6
Frame ID: 2A0CA8C3E97E9D783EBB87F7A267DFC3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Affordable Website Design near Casa Grande, AZ - Gema Perry

Page URL History Show full URLs

http://gemofthevalley.site/ HTTP 307
https://gemofthevalley.site/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

46
Requests

100 %
HTTPS

73 %
IPv6

12
Domains

14
Subdomains

15
IPs

3
Countries

1369 kB
Transfer

2948 kB
Size

6
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://d14tal8bchn59o.cloudfront.net/XNQBfa_dw7NL7b8D50nWMeAbaU27f8SsC3LQ6p9e0cM/w:1920/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551567/eyelash-eyebrow-threading-salon-website-design_original_original.webp

Search URL Search Domain Scan URL

URL: https://d14tal8bchn59o.cloudfront.net/P8UhFo7KbvGPJj8gbpFcPk2kYZ_Bkc5dFTyM7ij4EQ8/w:1920/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551566/painter-website-design-theme_original_original.webp

Search URL Search Domain Scan URL

URL: https://d14tal8bchn59o.cloudfront.net/hqoneiqbkLEsdarFwdnWZxE9y1IvwkzNSgWpG6JpR7Q/w:1920/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551564/podiatrist-website-design-theme_original_original.webp

Search URL Search Domain Scan URL

URL: https://d14tal8bchn59o.cloudfront.net/En37e8Rrpnk4z1k72OjyXXMJyhY0ggraBqazRrLkRLo/w:1920/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551565/real-estate-photography-website-design-theme-dark_original_original.webp

Search URL Search Domain Scan URL

URL: https://d14tal8bchn59o.cloudfront.net/xNDfAzvgM4J0NadvgmRr3POUYE9g-dAoXztaXnKbp0o/w:1920/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551569/best-ice-cream-shop-website-design-theme_original_original.webp

Search URL Search Domain Scan URL

URL: https://d14tal8bchn59o.cloudfront.net/4wHSMhmYKP5PvdeQvEP5m1dsPd4c7X7zOzbkldUF774/w:1920/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551563/fence-contractor-website-design-theme_original_original.webp

Search URL Search Domain Scan URL

URL: https://d14tal8bchn59o.cloudfront.net/fPvWfzfVObf0yDwlo_Na996NHSsTa1mXGb-53utDNxI/w:1920/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551556/car-audio-security-website-design_original_original.webp

Search URL Search Domain Scan URL

URL: https://d14tal8bchn59o.cloudfront.net/7hhIeeOAEHPKFdw7G9pGdYm8fs46wDduNQbhUj5wEgA/w:1920/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551561/title-company-website-design-theme_original_original.webp

Search URL Search Domain Scan URL

URL: https://d14tal8bchn59o.cloudfront.net/dv-i9fiMlTHWuAq0w8I2IR5PlyzzFQmUV2r2NezKSVk/w:1920/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551562/truck-accessories-store-website-design_original_original.webp

Search URL Search Domain Scan URL

URL: https://d14tal8bchn59o.cloudfront.net/TYIP-ET1B97Sx2wAS9uLnCFIt-CUMagrzVidedufBbo/w:1920/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551560/snow-removal-website-design-theme_original_original.webp

Search URL Search Domain Scan URL

URL: https://d14tal8bchn59o.cloudfront.net/IfZaPg2riVVeVOLWzMsFUPNGPZBQppbAVeoFEz4OAfY/w:1920/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551555/dryer-vent-cleaning-service-website-design-theme_original_original.webp

Search URL Search Domain Scan URL

URL: https://d14tal8bchn59o.cloudfront.net/mGh8CBVa3iU2xPv9UcLNwDKXwdWxJaX5ozUNaQHCyDs/w:1920/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551559/mobile-phone-repair-website-design_original_original.webp

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gemofthevalley.site/ HTTP 307
https://gemofthevalley.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gemofthevalley.site/
Redirect Chain

http://gemofthevalley.site/
https://gemofthevalley.site/

212 KB
53 KB

1951ms
1626ms

Document
text/html

50.17.250.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

50.17.250.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-17-250-125.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0295c241b9b6feff8cb29586fa95b040e0c9dd472327dabbaa99f4bccb879730

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Thu, 25 Apr 2024 15:07:17 GMT
etag: W/"0295c241b9b6feff8cb29586fa95b040"
link: </assets/site-2185e9adc265d95dfee02de3772789c854ec51e2170a3787bf651326f3496432.css>; rel=preload; as=style; nopush,</system/sites/76827/custom.css>; rel=preload; as=style; nopush,</assets/modernizr-f683a1af0b4dd8f80b691a48244ca43a25c7a0fd2a4eba20925590f0b0e504e4.js>; rel=preload; as=script; nopush,</assets/respond.js/dest/respond.src-c12abd28715ebe617df0ef59dcc6219e77df2f5e67abb3cfa4a3172cfda7bec2.js>; rel=preload; as=script; nopush,</assets/application-62691bfa3916ecfdcacfb45ad40316f65b835dc1c29b84a7e4d7170999501efd.js>; rel=preload; as=script; nopush
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: d76fcd9d-8f46-4894-ab31-5773b13e6fec
x-runtime: 1.384684
x-xss-protection: 1; mode=block

Redirect headers

Location: https://gemofthevalley.site/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 site-2185e9adc265d95dfee02de3772789c854ec51e2170a3787bf651326f3496432.css
gemofthevalley.site/assets/ 212 KB
42 KB 115ms
114ms Stylesheet
text/css 50.17.250.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gemofthevalley.site/assets/site-2185e9adc265d95dfee02de3772789c854ec51e2170a3787bf651326f3496432.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.17.250.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-250-125.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2844cd59682a526f0f3debe10b584b2bd9e6a201dcb98608034ff236c16a37ad

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 15:07:17 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 15:54:44 GMT
server: nginx
content-type: text/css
cache-control: max-age=31536000, public
content-length: 43069
expires: Fri, 25 Apr 2025 15:07:17 GMT

GET
H2 200 custom.css
gemofthevalley.site/system/sites/76827/ 5 KB
2 KB 427ms
426ms Stylesheet
text/css 50.17.250.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gemofthevalley.site/system/sites/76827/custom.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

50.17.250.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-17-250-125.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0a4c7e485e82e2105e393407df120faa49fecad682ebbfb3bd9d65b17280033f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-runtime: 0.303322
date: Thu, 25 Apr 2024 15:07:18 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
server: nginx
x-permitted-cross-domain-policies: none
etag: W/"0a4c7e485e82e2105e393407df120faa"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: 2926c838-1f26-40a9-8501-069b81831331

GET
H2 200 modernizr-f683a1af0b4dd8f80b691a48244ca43a25c7a0fd2a4eba20925590f0b0e504e4.js Show response
gemofthevalley.site/assets/ 11 KB
5 KB 204ms
203ms Script
application/javascript 50.17.250.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gemofthevalley.site/assets/modernizr-f683a1af0b4dd8f80b691a48244ca43a25c7a0fd2a4eba20925590f0b0e504e4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.17.250.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-250-125.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 04cfda62c5e002e7ff4afa30e00b0e104d150dbfaa7fdc92ac7edc531d8a0f20

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 15:07:17 GMT
content-encoding: gzip
last-modified: Mon, 12 Feb 2024 21:22:40 GMT
server: nginx
content-type: application/javascript
cache-control: max-age=31536000, public
content-length: 4778
expires: Fri, 25 Apr 2025 15:07:17 GMT

GET
H2 200 respond.src-c12abd28715ebe617df0ef59dcc6219e77df2f5e67abb3cfa4a3172cfda7bec2.js Show response
gemofthevalley.site/assets/respond.js/dest/ 4 KB
2 KB 204ms
204ms Script
application/javascript 50.17.250.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gemofthevalley.site/assets/respond.js/dest/respond.src-c12abd28715ebe617df0ef59dcc6219e77df2f5e67abb3cfa4a3172cfda7bec2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.17.250.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-250-125.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b5460b2b5c2117d58a7caa81c6dc34c31fe62b8ccf6472f0b884767225f8120b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 15:07:17 GMT
content-encoding: gzip
last-modified: Mon, 12 Feb 2024 21:22:40 GMT
server: nginx
content-type: application/javascript
cache-control: max-age=31536000, public
content-length: 2113
expires: Fri, 25 Apr 2025 15:07:17 GMT

GET
H2 200 application-62691bfa3916ecfdcacfb45ad40316f65b835dc1c29b84a7e4d7170999501efd.js Show response
gemofthevalley.site/assets/ 379 KB
115 KB 227ms
227ms Script
application/javascript 50.17.250.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gemofthevalley.site/assets/application-62691bfa3916ecfdcacfb45ad40316f65b835dc1c29b84a7e4d7170999501efd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.17.250.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-250-125.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e8ee260aa4f53a2308511b8956d00e3900c560e4df85156c17718d0bd7b0cafd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 15:07:17 GMT
content-encoding: gzip
last-modified: Mon, 15 Apr 2024 15:08:07 GMT
server: nginx
content-type: application/javascript
cache-control: max-age=31536000, public
content-length: 117844
expires: Fri, 25 Apr 2025 15:07:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
3 KB 92ms
34ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i|Museo+Slab:400,400i,700,700i|Allura:400,400i,700,700i|Encode+Sans|Charm:400,400i,700,700i

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1866a80dfa20e7282894bc65b6dd1d625e2abd0cff63c05f0a2318e61d3898a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Apr 2024 15:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Apr 2024 15:07:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Apr 2024 15:07:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
68 KB 99ms
50ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-25110184-1

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

631bc9771a0c6c99f7c0d60f6300771faa2a3e3ab104c58ba58d0f5d8ce99472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 15:07:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69224
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Apr 2024 15:07:18 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 68ms
19ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

918b0cf6299f3d3109c4a0226dc362c4df585044ad999ed68491a5f0cb179284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Origin: https://gemofthevalley.site
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 25 Apr 2024 15:07:18 GMT
content-md5: vkKA9Pr5ElAx1RYliOWN4A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1294, tbw=2800, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: ED2xbf2Lnk0Jq7EVqVK9J9SvASEo4kh0NRBuFhPPVA5O2AttF7VXTahXG9T3EhoXDGXkWyBKLrsZ/yAXE86MCw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 2693b006bdc45013bcba0411cb9c83d6
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "be17dcd26958d4780fc4dd0c9c752496"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 0
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 25 Apr 2024 15:21:51 GMT

GET
H/1.1 200
OK 622342_original.png
02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/logo_images/ 7 KB
8 KB 302ms
189ms Image
image/png 23.2.208.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/logo_images/622342_original.png?1713028233
Requested by: Host: gemofthevalley.site
URL: https://gemofthevalley.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.2.208.195 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-208-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 248318284ccbd26b4baf5672110c244ac0bc579b2043cb6c84ee103a4824de9f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 25 Apr 2024 15:07:18 GMT
Last-Modified: Sat, 13 Apr 2024 17:10:44 GMT
ETag: 08a817e1540394c65f28ca5582f7fc8d
Content-Type: image/png
X-Timestamp: 1713028243.58761
Cache-Control: public, max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7578
X-Trans-Id: tx6a22645e8589474785981-00661e22b4ord1
Expires: Sun, 28 Apr 2024 15:07:18 GMT

GET
H2 200 marketingsite_icon_3_original.png
d14tal8bchn59o.cloudfront.net/pnzHL3hNLQCp_31K_akBuTpK4IOpPIMUHEnUTMEr6aw/w:400/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551551/ 4 KB
5 KB 297ms
235ms Image
image/webp 2600:9000:2490:5200:0:ee22:db00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d14tal8bchn59o.cloudfront.net/pnzHL3hNLQCp_31K_akBuTpK4IOpPIMUHEnUTMEr6aw/w:400/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551551/marketingsite_icon_3_original.png

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5200:0:ee22:db00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy /

Resource Hash

90d518ffe81fecf40bbdba3391f0d272a662476c2be02c05d342a52fdf413ebd

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 15:07:18 GMT
content-security-policy: script-src 'none'
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: imgproxy
x-amz-cf-pop: FRA56-P6
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=31536000, public
content-disposition: inline; filename="marketingsite_icon_3_original.webp"
content-length: 4342
x-amz-cf-id: 6hgwteCBImsq07Nt-WONHmx_y0_VxNZTSw-YaUD225-uE9CIJmc-_w==
x-request-id: JWGSYcn72th7grsBeaWiS

GET
H2 200 marketingsite_icon_2_original.png
d14tal8bchn59o.cloudfront.net/-UTa_joLc02BbgwSE-JHsBWFmLv6iG6Mm4hfhAgASPg/w:400/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551552/ 4 KB
4 KB 153ms
152ms Image
image/webp 2600:9000:2490:5200:0:ee22:db00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d14tal8bchn59o.cloudfront.net/-UTa_joLc02BbgwSE-JHsBWFmLv6iG6Mm4hfhAgASPg/w:400/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551552/marketingsite_icon_2_original.png

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5200:0:ee22:db00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy /

Resource Hash

50055678c78493873d9e2e1934fe5ab96516deae18b0ee79217434b7e5167e73

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 15:07:18 GMT
content-security-policy: script-src 'none'
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: imgproxy
x-amz-cf-pop: FRA56-P6
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=31536000, public
content-disposition: inline; filename="marketingsite_icon_2_original.webp"
content-length: 3706
x-amz-cf-id: nOArovcQ-tcEpRs5mY48QhVaPYM_DU9BspkQf1qC-26QzId-FOXq9Q==
x-request-id: kJdgTw8lNK_TpvvD7nu3J

GET
H2 200 marketingsite_icon_1_original.png
d14tal8bchn59o.cloudfront.net/nlK78uFoaq4sr_yNrO_MtY9sschZCDW7CPn_IfKt-_g/w:400/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551553/ 4 KB
5 KB 238ms
238ms Image
image/webp 2600:9000:2490:5200:0:ee22:db00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d14tal8bchn59o.cloudfront.net/nlK78uFoaq4sr_yNrO_MtY9sschZCDW7CPn_IfKt-_g/w:400/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551553/marketingsite_icon_1_original.png

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5200:0:ee22:db00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy /

Resource Hash

8550e85cab825d49edf70b758efe361bfd6a4517505d27db036045b03484cd72

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 15:07:18 GMT
content-security-policy: script-src 'none'
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: imgproxy
x-amz-cf-pop: FRA56-P6
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=31536000, public
content-disposition: inline; filename="marketingsite_icon_1_original.webp"
content-length: 4240
x-amz-cf-id: rzqrlzV0pzCE-44vTUlBoxtyqawGrH_RdJ8D4RTRmE_ATszeXSWGAQ==
x-request-id: zGCrYxUsjX-ASgncDEDfr

GET
H2 200 marketingsite_icon_4_original.png
d14tal8bchn59o.cloudfront.net/WpVLCjltlXxF3WFZCPU2QWb72YKQ4k5W9MIVGT2xPOo/w:400/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551550/ 4 KB
5 KB 163ms
160ms Image
image/webp 2600:9000:2490:5200:0:ee22:db00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d14tal8bchn59o.cloudfront.net/WpVLCjltlXxF3WFZCPU2QWb72YKQ4k5W9MIVGT2xPOo/w:400/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551550/marketingsite_icon_4_original.png

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5200:0:ee22:db00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy /

Resource Hash

97b5d1ba55eaa19b28e16e621be14fb9a7a0c7e14ae3c781a62ca03307829492

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 15:07:18 GMT
content-security-policy: script-src 'none'
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: imgproxy
x-amz-cf-pop: FRA56-P6
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=31536000, public
content-disposition: inline; filename="marketingsite_icon_4_original.webp"
content-length: 4280
x-amz-cf-id: tXiW8bweA5QcRvAu-H3wmaCk9HDwyz01y76740aNgOKiXfhx5vqMUQ==
x-request-id: Pb7qJhCvw3kwOg3XuC8mS

GET
H2 200 welcome_original.jpg
d14tal8bchn59o.cloudfront.net/30pVpC7pN7voh9-lgK3qQ7qPrDQDwax8I9-oZnbLRbA/w:960/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551611/ 45 KB
46 KB 27ms
25ms Image
image/webp 2600:9000:2490:5200:0:ee22:db00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d14tal8bchn59o.cloudfront.net/30pVpC7pN7voh9-lgK3qQ7qPrDQDwax8I9-oZnbLRbA/w:960/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551611/welcome_original.jpg

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5200:0:ee22:db00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy /

Resource Hash

0492a4629ec393110348db9b792f683e51b82564ee2aeb86dd22de29d6574a3d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:16:14 GMT
content-security-policy: script-src 'none'
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 996664
x-cache: Hit from cloudfront
content-disposition: inline; filename="welcome_original.webp"
content-length: 46226
x-request-id: zjzhBw_n7HGpOyokDgh-z
server: imgproxy
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: VbRaDi0UQT6S2V3xwzaCAzckfufmOcAvLWQlJjaLuUhPUsp3blW51A==

GET
H2 200 christiana-rivers-O_XIvDy0pcs-unsplash_original.jpg
d14tal8bchn59o.cloudfront.net/n7HtJU_ldzX5i8tXYy-oO3pOepGcvEQ-EqUV0INZQaU/rs:fill:360:360/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/... 20 KB
21 KB 27ms
26ms Image
image/webp 2600:9000:2490:5200:0:ee22:db00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d14tal8bchn59o.cloudfront.net/n7HtJU_ldzX5i8tXYy-oO3pOepGcvEQ-EqUV0INZQaU/rs:fill:360:360/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551549/christiana-rivers-O_XIvDy0pcs-unsplash_original.jpg

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5200:0:ee22:db00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy /

Resource Hash

fb2398f646074d26dd4c761663776b5dd3d3f6019a7c146c16cb66ab38eaa583

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:16:16 GMT
content-security-policy: script-src 'none'
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 996662
x-cache: Hit from cloudfront
content-disposition: inline; filename="christiana-rivers-O_XIvDy0pcs-unsplash_original.webp"
content-length: 20636
x-request-id: y0rBA9jmo2KebFM3gcj9X
server: imgproxy
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: pEmuzUhpKQiGHoUNFlzSsRAmmFDVjIgo7CQPAN4Nv7tkuS52BwMyYQ==

GET
H2 200 christian-buehner-DItYlc26zVI-unsplash_original.jpg
d14tal8bchn59o.cloudfront.net/IZkpWyM5caRwgKyvXRzSmF_2TPFUhuc0gSpvGHQlVNM/rs:fill:360:360/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/... 18 KB
19 KB 52ms
51ms Image
image/webp 2600:9000:2490:5200:0:ee22:db00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d14tal8bchn59o.cloudfront.net/IZkpWyM5caRwgKyvXRzSmF_2TPFUhuc0gSpvGHQlVNM/rs:fill:360:360/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551548/christian-buehner-DItYlc26zVI-unsplash_original.jpg

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5200:0:ee22:db00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy /

Resource Hash

1e8912a2c3e865cc0e858d999820073930512db982a45bf36074b380d946b979

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:16:17 GMT
content-security-policy: script-src 'none'
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 996661
x-cache: Hit from cloudfront
content-disposition: inline; filename="christian-buehner-DItYlc26zVI-unsplash_original.webp"
content-length: 18596
x-request-id: Y7uy9yBU2RxTXPZOyt-C9
server: imgproxy
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: XsKo3jgGC_UW-71N8fDO5u3bG5iINojORM7iaKIQg1BMKnOf9_-ynA==

GET
H2 200 logan-weaver-Isle-8YpbIQ-unsplash_original.jpg
d14tal8bchn59o.cloudfront.net/63UfxVLUjEUIANrvb7QQPMmqYAzL0G4dhIN7K0NSyNU/rs:fill:360:360/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/... 12 KB
12 KB 58ms
58ms Image
image/webp 2600:9000:2490:5200:0:ee22:db00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d14tal8bchn59o.cloudfront.net/63UfxVLUjEUIANrvb7QQPMmqYAzL0G4dhIN7K0NSyNU/rs:fill:360:360/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551547/logan-weaver-Isle-8YpbIQ-unsplash_original.jpg

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5200:0:ee22:db00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy /

Resource Hash

9fa46e9401043a633a600459a39b3552e030a28d9bee29c91f02dba555428ac4

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:16:17 GMT
content-security-policy: script-src 'none'
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 996661
x-cache: Hit from cloudfront
content-disposition: inline; filename="logan-weaver-Isle-8YpbIQ-unsplash_original.webp"
content-length: 12036
x-request-id: esNTMW7lVCWsN1Yhmtw4h
server: imgproxy
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: Opkyqok4U8yMKDOZRVtwyN1iNdcdIwpcqL0PJtGC7tUcBECAwQw4aQ==

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
881 B 81ms
33ms Script
text/javascript 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&onload=recaptchaLoadCallback

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

5a4baa0aa0427e8f8afb847fd7c9b0643c1f86d460d118e6b87e45191060ad05

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 15:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 25 Apr 2024 15:07:18 GMT

GET
H3 200 place
www.google.com/maps/embed/v1/ Frame C288 0
0 558ms
514ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed/v1/place?key=AIzaSyBnqRKZUWWJ3b1bJSLcGKVYXbndZYn-CAI&q=Casa+Grande%2C+AZ+85122

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-okKebk9VuxXqHIfIvmPB_A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://gemofthevalley.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1008
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-okKebk9VuxXqHIfIvmPB_A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Thu, 25 Apr 2024 15:07:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Accept-Language Origin X-Origin Referer
x-content-type-options: nosniff
x-robots-tag: noindex,nofollow
x-xss-protection: 0

GET
H2 200 web-design-agency_original.png
d14tal8bchn59o.cloudfront.net/EKpnFArhl5QVaDb3V51wJxOl3zBknvJKvY78_WU3yaM/w:1920/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551594/ 106 KB
107 KB 495ms
494ms Image
image/webp 2600:9000:2490:5200:0:ee22:db00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d14tal8bchn59o.cloudfront.net/EKpnFArhl5QVaDb3V51wJxOl3zBknvJKvY78_WU3yaM/w:1920/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551594/web-design-agency_original.png

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5200:0:ee22:db00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy /

Resource Hash

a82f13b51e775a26e0d1a502313b0bd922672fa233ecf2da605af7c3893294ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 15:07:18 GMT
content-security-policy: script-src 'none'
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: imgproxy
x-amz-cf-pop: FRA56-P6
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=31536000, public
content-disposition: inline; filename="web-design-agency_original.webp"
content-length: 108798
x-amz-cf-id: muidafTjFzYAnschYmVN6flfezjC36gwcInZjmWRfF56Q-7pNZIQ9w==
x-request-id: HIYmjz9jlGWrRh7F5IsCQ

GET
H2 200 slideshow-arrows-081b1d48d6ab9b49c3c1b90282d04fc0231b08264710ded4009e3c1f4cf34a9a.png
gemofthevalley.site/assets/ 3 KB
4 KB 114ms
113ms Image
image/png 50.17.250.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gemofthevalley.site/assets/slideshow-arrows-081b1d48d6ab9b49c3c1b90282d04fc0231b08264710ded4009e3c1f4cf34a9a.png
Requested by: Host: gemofthevalley.site
URL: https://gemofthevalley.site/assets/site-2185e9adc265d95dfee02de3772789c854ec51e2170a3787bf651326f3496432.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.17.250.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-250-125.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2f4f98125dc08c86a79fbf712435262d85f169963c42546105f36a919a0c2cb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/assets/site-2185e9adc265d95dfee02de3772789c854ec51e2170a3787bf651326f3496432.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 15:07:18 GMT
last-modified: Mon, 12 Feb 2024 21:22:40 GMT
server: nginx
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3520
expires: Fri, 25 Apr 2025 15:07:18 GMT

GET
H2 200 website-cta2_original.jpg
d14tal8bchn59o.cloudfront.net/tl8S7SF3rMQ_KQemZZ7ncGf6DVhdhCpexMYGqUiZpqk/w:1920/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551610/ 70 KB
70 KB 536ms
536ms Image
image/webp 2600:9000:2490:5200:0:ee22:db00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d14tal8bchn59o.cloudfront.net/tl8S7SF3rMQ_KQemZZ7ncGf6DVhdhCpexMYGqUiZpqk/w:1920/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551610/website-cta2_original.jpg

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5200:0:ee22:db00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy /

Resource Hash

77222c0d04b792bd9292324baf4fbf21e4b292741871af1bd33bcb5b7c4ce957

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 15:07:18 GMT
content-security-policy: script-src 'none'
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: imgproxy
x-amz-cf-pop: FRA56-P6
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=31536000, public
content-disposition: inline; filename="website-cta2_original.webp"
content-length: 71168
x-amz-cf-id: 2W6K7Fssu0HdchvXvwby11JjL42UZT6tWszB-He9WMnZtVg4spdzPg==
x-request-id: kywnTliaUBWBk9xSsu1IP

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 72ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i|Museo+Slab:400,400i,700,700i|Allura:400,400i,700,700i|Encode+Sans|Charm:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://gemofthevalley.site
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:45:56 GMT
x-content-type-options: nosniff
age: 490882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Apr 2025 22:45:56 GMT

GET
H2 200 9oRPNYsQpS4zjuA_iwgW.woff2
fonts.gstatic.com/s/allura/v21/ 26 KB
26 KB 106ms
54ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/allura/v21/9oRPNYsQpS4zjuA_iwgW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i|Museo+Slab:400,400i,700,700i|Allura:400,400i,700,700i|Encode+Sans|Charm:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

378b9b4f34551157e0e4a2237a85e0db9556e2f52b3d2d0f9b3d88ba6f82da60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://gemofthevalley.site
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 21:43:56 GMT
x-content-type-options: nosniff
age: 408202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26576
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:19:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Apr 2025 21:43:56 GMT

GET
H2 200 7cHmv4oii5K0MdYoK-4.woff2
fonts.gstatic.com/s/charm/v11/ 20 KB
20 KB 98ms
46ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/charm/v11/7cHmv4oii5K0MdYoK-4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i|Museo+Slab:400,400i,700,700i|Allura:400,400i,700,700i|Encode+Sans|Charm:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5b1aaccacbe192e382f24fa211f57013e8844a32124f08d685262c49edff9f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://gemofthevalley.site
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 11:56:33 GMT
x-content-type-options: nosniff
age: 97845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20108
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:31:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Apr 2025 11:56:33 GMT

GET
H2 200 7cHrv4oii5K0Md6TDvs7wH8.woff2
fonts.gstatic.com/s/charm/v11/ 20 KB
20 KB 113ms
61ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/charm/v11/7cHrv4oii5K0Md6TDvs7wH8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i|Museo+Slab:400,400i,700,700i|Allura:400,400i,700,700i|Encode+Sans|Charm:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3146c99b01bc5fb2537a2b7e10a1953f4c5a614780e3a6d1124b7e884b315cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://gemofthevalley.site
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 03:16:05 GMT
x-content-type-options: nosniff
age: 215473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20476
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:07:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Apr 2025 03:16:05 GMT

GET
H2 200 fa-solid-900-0a278b0fc7d4a01771ea416c48d60b24604358654614e1b31e20e1a3112b2743.woff2
gemofthevalley.site/assets/font-awesome/ 147 KB
147 KB 113ms
113ms Font
application/font-woff2 50.17.250.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gemofthevalley.site/assets/font-awesome/fa-solid-900-0a278b0fc7d4a01771ea416c48d60b24604358654614e1b31e20e1a3112b2743.woff2
Requested by: Host: gemofthevalley.site
URL: https://gemofthevalley.site/assets/site-2185e9adc265d95dfee02de3772789c854ec51e2170a3787bf651326f3496432.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.17.250.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-250-125.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/assets/site-2185e9adc265d95dfee02de3772789c854ec51e2170a3787bf651326f3496432.css
Origin: https://gemofthevalley.site
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 15:07:18 GMT
last-modified: Mon, 12 Feb 2024 21:22:40 GMT
server: nginx
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 150020
expires: Fri, 25 Apr 2025 15:07:18 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 304 KB
87 KB 23ms
19ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=91cb6c215d5f7893439a264edbfe4a38

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a16a6137d0421fe88b94145facd2229d7951a19a3c74d4f93e2468123ad49fbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Origin: https://gemofthevalley.site
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 25 Apr 2024 15:07:18 GMT
content-md5: BgeqRO9/zdutupaESF+Q4Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89017
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=21, mss=1294, tbw=6488, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: STijRl4H3ENEfK6cF4nN+BAG+bpQJNLA1knPU65gdy3mvcJxUZqnfS95N0qXN7kTAS/PPbTOwRMN2yD+H3bN0Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: ef32d979354980ab1cce5c832094c989
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "a77bb284d8820c9d16c1852dc970adbd"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer: 1
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 25 Apr 2025 13:09:35 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/ 509 KB
203 KB 85ms
26ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Origin: https://gemofthevalley.site
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 14:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207268
x-xss-protection: 0
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Apr 2025 14:58:57 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 111ms
20ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: gemofthevalley.site
URL: https://gemofthevalley.site/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674D) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 25 Apr 2024 15:07:18 GMT
Content-Encoding: gzip
Age: 491
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (frb/674D)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

POST
H2 204 track_map_view Show response
gemofthevalley.site/a/ 0
646 B 983ms
983ms XHR
text/plain 50.17.250.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gemofthevalley.site/a/track_map_view

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

50.17.250.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-17-250-125.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-NewRelic-ID: VwAAU1RaCBABVFJSDwQGU1cE
tracestate: 3672290@nr=0-1-3672290-1134260961-c17940a5040eaf62----1714057638296
X-CSRF-Token: 7sVp_wl3g7VpGMXc1Y04nGLlQFzj9p6t3LydJSqZe5fuOnYNtWb9tJsKMfOiXUS97Cmb1soaiReKOppYf_cftQ
traceparent: 00-db55caff9c7b739db718a96abc1c001f-c17940a5040eaf62-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM2NzIyOTAiLCJhcCI6IjExMzQyNjA5NjEiLCJpZCI6ImMxNzk0MGE1MDQwZWFmNjIiLCJ0ciI6ImRiNTVjYWZmOWM3YjczOWRiNzE4YTk2YWJjMWMwMDFmIiwidGkiOjE3MTQwNTc2MzgyOTZ9fQ==
Accept: */*
Referer: https://gemofthevalley.site/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

x-runtime: 0.186121
date: Thu, 25 Apr 2024 15:07:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
cache-control: no-cache
x-xss-protection: 1; mode=block
x-request-id: e8c3ba72-1152-4a87-9e8a-594d2257eed3

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 69ms
18ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 25 Apr 2024 13:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4750
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 25 Apr 2024 15:48:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
85 KB 51ms
48ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-183KX7JDET&l=dataLayer&cx=c

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

28d0072c72f1f7b1f7a2f7cd54e101eb95b2c06f09c11823bd023d5f5be9d5ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 15:07:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87331
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Apr 2024 15:07:18 GMT

GET
H2 200 step1_original.jpg
d14tal8bchn59o.cloudfront.net/sJGiV02aiT-YfH6OGUYq7OF2Apscivy4LLoFaeVjoFo/rs:fill:960:960:1/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photo... 49 KB
49 KB 22ms
22ms Image
image/webp 2600:9000:2490:5200:0:ee22:db00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d14tal8bchn59o.cloudfront.net/sJGiV02aiT-YfH6OGUYq7OF2Apscivy4LLoFaeVjoFo/rs:fill:960:960:1/plain/https://02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com/sites/76827/photos/20551606/step1_original.jpg

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5200:0:ee22:db00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy /

Resource Hash

1360f6e4dc5e4e0e0665aeb62786e2899d5253fcc5fcde8bd2c34be45e7bc6b9

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:16:15 GMT
content-security-policy: script-src 'none'
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 996663
x-cache: Hit from cloudfront
content-disposition: inline; filename="step1_original.webp"
content-length: 50026
x-request-id: eIV5x6k7JFoPuNWFxYkt3
server: imgproxy
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: 3cwUoTVLQFCcSbU91mEZCswalt2pFhUT53TB0_79Vim6TjUydaUcqQ==

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 938F 0
0 72ms
18ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgemofthevalley.site
Requested by: Host: gemofthevalley.site
URL: https://gemofthevalley.site/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://gemofthevalley.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2718396
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Thu, 25 Apr 2024 15:07:18 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67C0)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 27ms
26ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1201529618&t=pageview&_s=1&dl=https%3A%2F%2Fgemofthevalley.site%2F&ul=de-de&de=UTF-8&dt=Affordable%20Website%20Design%20near%20Casa%20Grande%2C%20AZ%20-%20Gema%20Perry&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1533936183&gjid=1185515188&cid=1087080084.1714057638&tid=UA-25110184-1&_gid=242735998.1714057638&_r=1&gtm=457e44o0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=1692975795

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Apr 2024 15:07:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gemofthevalley.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 75ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-183KX7JDET&gtm=45je44o0v9117958918za200&_p=1714057638191&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1087080084.1714057638&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714057638&sct=1&seg=0&dl=https%3A%2F%2Fgemofthevalley.site%2F&dt=Affordable%20Website%20Design%20near%20Casa%20Grande%2C%20AZ%20-%20Gema%20Perry&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2692
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-183KX7JDET&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 25 Apr 2024 15:07:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gemofthevalley.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame C63A 0
0 49ms
49ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfj9UUUAAAAAE4AjXBcpuxOxAmq9-Nl6asnEbR6&co=aHR0cHM6Ly9nZW1vZnRoZXZhbGxleS5zaXRlOjQ0Mw..&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&badge=inline&cb=540dt26g5oh7

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BGBcIlSTO94kQjBQH6SYtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://gemofthevalley.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-BGBcIlSTO94kQjBQH6SYtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Apr 2024 15:07:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame D93A 0
0 48ms
48ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J5Xh99s4zBCsOfah-8Jq7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://gemofthevalley.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-J5Xh99s4zBCsOfah-8Jq7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Apr 2024 15:07:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame F3B6 0
0 36ms
36ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6Lfj9UUUAAAAAE4AjXBcpuxOxAmq9-Nl6asnEbR6

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Id32KvZHWHMB9rk_WJIMQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://gemofthevalley.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Id32KvZHWHMB9rk_WJIMQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Apr 2024 15:07:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 2A0C 0
0 35ms
34ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6Lfj9UUUAAAAAE4AjXBcpuxOxAmq9-Nl6asnEbR6

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-flk6eABVwEYkYutijiurdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://gemofthevalley.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-flk6eABVwEYkYutijiurdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Apr 2024 15:07:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 nr-spa-1.257.0.min.js Show response
js-agent.newrelic.com/ 106 KB
34 KB 64ms
20ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.257.0.min.js

Requested by

Host: gemofthevalley.site
URL: https://gemofthevalley.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

949dd8b079ca0ab786c81d7c167da40fea9cd0c89b43b185bc9e58442f6b46b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Origin: https://gemofthevalley.site
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8lx2yHKebisc5tgqY1i.rEOm4AHzJoDM
content-encoding: br
via: 1.1 varnish
date: Thu, 25 Apr 2024 15:07:19 GMT
strict-transport-security: max-age=300
x-amz-request-id: SXZZZHE6NHMJP505
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 34476
x-amz-id-2: udMbZ65RJh8H96Dg8fe7vkfZsXf767fj7DZdp4VToCqcGeoF6pUZNMVVMBXFQJUK0YBSQeb3XPE=
x-served-by: cache-fra-eddf8230026-FRA
last-modified: Fri, 19 Apr 2024 00:43:41 GMT
server: AmazonS3
etag: "34409e01359ee8c8db0c50eb0d12e36c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 570493

GET
H2 200 favicon.ico
gemofthevalley.site/ 0
110 B 113ms
112ms Other
image/x-icon 50.17.250.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gemofthevalley.site/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.17.250.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-250-125.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 15:07:19 GMT
last-modified: Wed, 24 Apr 2024 14:32:53 GMT
server: nginx
accept-ranges: bytes
etag: "66291815-0"
content-length: 0
content-type: image/x-icon

POST
H/1.1 200 NRJS-243b9dcdd9befd954e4 Show response
bam.nr-data.net/1/ 151 B
606 B 917ms
862ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-243b9dcdd9befd954e4?a=1030851535&v=1.257.0&to=JVddFRZYX1tSFhdEUAFdQE4XX1xA&rst=3492&ck=0&s=0621a8e92df54c24&ref=https://gemofthevalley.site/&af=err,xhr,stn,ins,spa&qt=8&ap=1361&be=1953&fe=1449&dc=553&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1714057635780,%22n%22:0,%22f%22:2,%22dn%22:26,%22dne%22:26,%22c%22:26,%22s%22:147,%22ce%22:327,%22rq%22:327,%22rp%22:1954,%22rpe%22:2066,%22di%22:2505,%22ds%22:2505,%22de%22:2506,%22dc%22:3398,%22l%22:3398,%22le%22:3402%7D,%22navigation%22:%7B%7D%7D&fp=2504&fcp=2504
Requested by: Host: gemofthevalley.site
URL: https://gemofthevalley.site/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 788c29afc6b04179766ba51e058d4cf7e1e986d470a8e1dc148619df3e9c6dfa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 25 Apr 2024 15:07:20 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://gemofthevalley.site
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: https://gemofthevalley.site
Content-Length: 151
x-served-by: cache-fra-eddf8230039-FRA

POST
H/1.1 200 NRJS-243b9dcdd9befd954e4 Show response
bam.nr-data.net/events/1/ 24 B
346 B 243ms
243ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-243b9dcdd9befd954e4?a=1030851535&v=1.257.0&to=JVddFRZYX1tSFhdEUAFdQE4XX1xA&rst=4429&ck=0&s=0621a8e92df54c24&ref=https://gemofthevalley.site/
Requested by: Host: gemofthevalley.site
URL: https://gemofthevalley.site/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://gemofthevalley.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 25 Apr 2024 15:07:20 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://gemofthevalley.site
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230039-FRA

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 00:26:49	Name: _GRECAPTCHA Value: 09AKPP-6fW2sPZN_sj90sDwXv9Jj883n3209nhjB6KkX7cWj2UCztPtU-FfsPWbwA7nv-W8y8bsZd5BkynW64t1m4
.gemofthevalley.site/	1970-01-20 20:09:04	Name: _gid Value: GA1.2.242735998.1714057638
.gemofthevalley.site/	1970-01-20 20:07:37	Name: _gat_gtag_UA_25110184_1 Value: 1
.gemofthevalley.site/	1970-01-21 05:43:37	Name: _ga_183KX7JDET Value: GS1.1.1714057638.1.0.1714057638.0.0.0
.gemofthevalley.site/	1970-01-21 05:43:37	Name: _ga Value: GA1.1.1087080084.1714057638
gemofthevalley.site/	1969-12-31 23:59:59	Name: _siteswan_session Value: hrFONgnVLbd%2BRVtIFQCDOcAq5CywER1gBcRNXX4KJ4RHwdLkK1kkSkM9YeRUjKMRP9z29JfRGXDtfyhUi3fl1KiyGUxzrMTiYew44ZxwK7cACplsrA%2BxsIAOmA%2FvAxi9MlGFz6hFmWQfSM4dpmrlrYYlummkpXMRn6P99irYxA%2FxV3Btzd3%2BqXkGjVf7jcq88RNkkSNnXf4BBzcZivtks5amLtUKOZo8OMGa%2BU6g1gCeyt5%2Bo2o%2BLzUalec%2FsQeJyBxKNhGaqmBoMu6N7qTINCKnmLRPG5fzkA%3D%3D--pOyMBpVw%2FK8tnwqB--X63zLJ8yvcGe5dgnIiuCmw%3D%3D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://gemofthevalley.site/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gemofthevalley.site/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gemofthevalley.site/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gemofthevalley.site/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02f0a56ef46d93f03c90-22ac5f107621879d5667e0d7ed595bdb.ssl.cf2.rackcdn.com
bam.nr-data.net
connect.facebook.net
d14tal8bchn59o.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gemofthevalley.site
js-agent.newrelic.com
platform.twitter.com
region1.google-analytics.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.186.36
162.247.243.29
2001:4860:4802:34::36
23.2.208.195
2600:9000:2490:5200:0:ee22:db00:21
2602:816:5001::39
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82f::2003
2a03:2880:f083:100:face:b00c:0:3
50.17.250.125
0295c241b9b6feff8cb29586fa95b040e0c9dd472327dabbaa99f4bccb879730
0492a4629ec393110348db9b792f683e51b82564ee2aeb86dd22de29d6574a3d
04cfda62c5e002e7ff4afa30e00b0e104d150dbfaa7fdc92ac7edc531d8a0f20
0a4c7e485e82e2105e393407df120faa49fecad682ebbfb3bd9d65b17280033f
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1360f6e4dc5e4e0e0665aeb62786e2899d5253fcc5fcde8bd2c34be45e7bc6b9
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1e8912a2c3e865cc0e858d999820073930512db982a45bf36074b380d946b979
248318284ccbd26b4baf5672110c244ac0bc579b2043cb6c84ee103a4824de9f
2844cd59682a526f0f3debe10b584b2bd9e6a201dcb98608034ff236c16a37ad
28d0072c72f1f7b1f7a2f7cd54e101eb95b2c06f09c11823bd023d5f5be9d5ca
2f4f98125dc08c86a79fbf712435262d85f169963c42546105f36a919a0c2cb3
3146c99b01bc5fb2537a2b7e10a1953f4c5a614780e3a6d1124b7e884b315cd3
352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824
378b9b4f34551157e0e4a2237a85e0db9556e2f52b3d2d0f9b3d88ba6f82da60
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
50055678c78493873d9e2e1934fe5ab96516deae18b0ee79217434b7e5167e73
5a4baa0aa0427e8f8afb847fd7c9b0643c1f86d460d118e6b87e45191060ad05
631bc9771a0c6c99f7c0d60f6300771faa2a3e3ab104c58ba58d0f5d8ce99472
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77222c0d04b792bd9292324baf4fbf21e4b292741871af1bd33bcb5b7c4ce957
788c29afc6b04179766ba51e058d4cf7e1e986d470a8e1dc148619df3e9c6dfa
8550e85cab825d49edf70b758efe361bfd6a4517505d27db036045b03484cd72
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
90d518ffe81fecf40bbdba3391f0d272a662476c2be02c05d342a52fdf413ebd
918b0cf6299f3d3109c4a0226dc362c4df585044ad999ed68491a5f0cb179284
949dd8b079ca0ab786c81d7c167da40fea9cd0c89b43b185bc9e58442f6b46b8
97b5d1ba55eaa19b28e16e621be14fb9a7a0c7e14ae3c781a62ca03307829492
9fa46e9401043a633a600459a39b3552e030a28d9bee29c91f02dba555428ac4
a16a6137d0421fe88b94145facd2229d7951a19a3c74d4f93e2468123ad49fbc
a5b1aaccacbe192e382f24fa211f57013e8844a32124f08d685262c49edff9f8
a82f13b51e775a26e0d1a502313b0bd922672fa233ecf2da605af7c3893294ef
b1866a80dfa20e7282894bc65b6dd1d625e2abd0cff63c05f0a2318e61d3898a
b5460b2b5c2117d58a7caa81c6dc34c31fe62b8ccf6472f0b884767225f8120b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ee260aa4f53a2308511b8956d00e3900c560e4df85156c17718d0bd7b0cafd
fb2398f646074d26dd4c761663776b5dd3d3f6019a7c146c16cb66ab38eaa583

gemofthevalley.site Open in urlscan Pro 50.17.250.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

73 %IPv6

12 Domains

14 Subdomains

15 IPs

3 Countries

1369 kBTransfer

2948 kBSize

6 Cookies

12 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gemofthevalley.site Open in urlscan Pro
50.17.250.125 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

73 %
IPv6

12
Domains

14
Subdomains

15
IPs

3
Countries

1369 kB
Transfer

2948 kB
Size

6
Cookies

46 HTTP transactions
0 data transactions