urlscan.io logo urlscan.io
SecurityTrails logo

www.heritagevalley.org Open in urlscan Pro
142.93.197.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.ohiovalleyhospital.org/
Effective URL: https://www.heritagevalley.org/
Submission: On December 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 5 countries across 15 domains to perform 59 HTTP transactions. The main IP is 142.93.197.2, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.heritagevalley.org.
TLS certificate: Issued by R3 on December 14th 2022. Valid for: 3 months.
This is the only time www.heritagevalley.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    205.178.189.131 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: wf.networksolutions.com
www.ohiovalleyhospital.org
33    142.93.197.2 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 722501.cloudwaysapps.com
heritagevalley.org
www.heritagevalley.org
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:400d:803::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net
5118841.fls.doubleclick.net
1    143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net
sc-static.net
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
1    2a00:1450:4025:401::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    3.126.34.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-34-117.eu-central-1.compute.amazonaws.com
tags.w55c.net
1    2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)
cvt.mydas.mobi
Apex Domain
Subdomains		 Transfer
33 heritagevalley.org
heritagevalley.org
www.heritagevalley.org
5 MB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
282 KB
4 doubleclick.net
5118841.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 156
2 KB
3 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 1051
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 87
region1.google-analytics.com — Cisco Umbrella Rank: 2158
20 KB
2 w55c.net
tags.w55c.net — Cisco Umbrella Rank: 5068
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 112
203 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 178
112 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 115
154 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 15
adservice.google.com — Cisco Umbrella Rank: 129
2 KB
1 mydas.mobi
cvt.mydas.mobi
1 google.de
adservice.google.de — Cisco Umbrella Rank: 6468
854 B
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1091
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
1 KB
1 ohiovalleyhospital.org
www.ohiovalleyhospital.org
205 B
59 15
Domain Requested by
31 www.heritagevalley.org www.heritagevalley.org
6 fonts.gstatic.com fonts.googleapis.com
3 tr.snapchat.com sc-static.net
3 5118841.fls.doubleclick.net 1 redirects www.googletagmanager.com
adservice.google.com
2 tags.w55c.net 1 redirects 5118841.fls.doubleclick.net
2 www.facebook.com www.heritagevalley.org
connect.facebook.net
2 connect.facebook.net www.heritagevalley.org
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.heritagevalley.org
2 www.googletagmanager.com www.heritagevalley.org
www.googletagmanager.com
2 heritagevalley.org 2 redirects
1 cvt.mydas.mobi 5118841.fls.doubleclick.net
1 adservice.google.de 1 redirects
1 adservice.google.com 5118841.fls.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 sc-static.net www.googletagmanager.com
1 www.gstatic.com www.google.com
1 www.google.com www.heritagevalley.org
1 fonts.googleapis.com www.heritagevalley.org
1 www.ohiovalleyhospital.org 1 redirects
59 20
Subject Issuer Validity Valid
heritagevalley.org
R3		 2022-12-14 -
2023-03-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.snap.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-08-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-12-14 -
2023-02-01		 2 months crt.sh

This page contains 5 frames:

Primary Page: https://www.heritagevalley.org/
Frame ID: 99467CE7F60D58AB38E9AF39110C0AAE
Requests: 53 HTTP requests in this frame

Frame: https://5118841.fls.doubleclick.net/activityi;dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Frame ID: 46598EB7D32D5F61C5BBAAA980165593
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=4ce72ccc-880f-4386-866b-1210bbf0a8ef&u_scsid=c65fc4a4-1643-4fa2-aa20-80592270faee&u_sclid=bd30c899-3487-4314-ae30-1d70f16dc3e8
Frame ID: B9F331D4B5F64ACEB7800C34B347A280
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Frame ID: ADDAB7C4794DB39753E7A99E6C34DB13
Requests: 1 HTTP requests in this frame

Frame: https://5118841.fls.doubleclick.net/ddm/fls/r/dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Frame ID: C6661102D69B4C71B30BDAE2F456C422
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Heritage Valley Health System - Uniquely Connected. For Life.

Page URL History Show full URLs

  1. http://www.ohiovalleyhospital.org/ HTTP 301
    http://heritagevalley.org/ HTTP 301
    https://heritagevalley.org/ HTTP 301
    https://www.heritagevalley.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

59
Requests

97 %
HTTPS

68 %
IPv6

15
Domains

20
Subdomains

17
IPs

5
Countries

5423 kB
Transfer

6744 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.ohiovalleyhospital.org/ HTTP 301
    http://heritagevalley.org/ HTTP 301
    https://heritagevalley.org/ HTTP 301
    https://www.heritagevalley.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://5118841.fls.doubleclick.net/activityi;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F HTTP 302
  • https://5118841.fls.doubleclick.net/activityi;dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Request Chain 54
  • https://adservice.google.de/ddm/fls/i/dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F HTTP 302
  • https://5118841.fls.doubleclick.net/ddm/fls/r/dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Request Chain 56
  • https://tags.w55c.net/rs?id=5d8a801a4caa4a7f9d2363efeda8866d&t=marketing HTTP 302
  • https://tags.w55c.net/rs?sccid=ea5a106f-721f-694b-5a91-e81549f84ccc&scc=1&id=5d8a801a4caa4a7f9d2363efeda8866d&t=marketing

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heritagevalley.org/
Redirect Chain
  • http://www.ohiovalleyhospital.org/
  • http://heritagevalley.org/
  • https://heritagevalley.org/
  • https://www.heritagevalley.org/
168 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
59f6ff65dc001ae2bd155bab4b50ec05d687539b2c44bb5571db0eeff8b3af77

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
no-cache, max-age=0
content-encoding
gzip
content-length
37133
content-type
text/html; charset=UTF-8
date
Mon, 26 Dec 2022 01:00:41 GMT
expires
Mon, 26 Dec 2022 01:00:40 GMT
link
<https://www.heritagevalley.org/wp-json/>; rel="https://api.w.org/", <https://www.heritagevalley.org/wp-json/wp/v2/pages/9>; rel="alternate"; type="application/json", <https://www.heritagevalley.org/>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache
MISS
x-tec-api-origin
https://www.heritagevalley.org
x-tec-api-root
https://www.heritagevalley.org/wp-json/tribe/events/v1/
x-tec-api-version
v1

Redirect headers

age
14405
cache-control
max-age=3600
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 26 Dec 2022 01:00:40 GMT
expires
Sun, 25 Dec 2022 22:00:34 GMT
location
https://www.heritagevalley.org/
server
nginx
x-cache
HIT
x-redirect-by
WordPress
style.min.css
www.heritagevalley.org/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 20:12:41 GMT
server
nginx
etag
W/"62e98539-15b64"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
style.css
www.heritagevalley.org/wp-content/plugins/constant-contact-forms/assets/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-content/plugins/constant-contact-forms/assets/css/style.css?ver=1.13.0
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
2482c78f63244feb1c68183c888ee9f1705b0e48b798faa197575a6a89bddcc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 13:11:24 GMT
server
nginx
etag
W/"628b87fc-4b9a"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C500%2C700&display=swap&ver=6.0.3
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
caba3618d33a0b8223691d02f63e85e951bb4ffd0f5da0fcc44eaef0dd0858b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Dec 2022 01:00:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Dec 2022 01:00:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Dec 2022 01:00:41 GMT
style.min.css
www.heritagevalley.org/wp-content/themes/boxpress/assets/css/ 		88 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/css/style.min.css?ver=1649340206
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
6934453a3fabfff63f01680aab4d754d44fbe50938fa5b1347b3bfb93e71a03d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:03:26 GMT
server
nginx
etag
W/"624eef2e-15f11"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
jquery.min.js
www.heritagevalley.org/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 21:21:23 GMT
server
nginx
etag
W/"6109b353-15db1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
jquery-migrate.min.js
www.heritagevalley.org/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 21:21:23 GMT
server
nginx
etag
W/"6109b353-2bd8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
GettyImages-1183657318-Small-scaled.jpg
www.heritagevalley.org/wp-content/uploads/2022/03/ 		366 KB
366 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/03/GettyImages-1183657318-Small-scaled.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
7a31386fdc14ca3f63c87c77d02fb6d5d426f9dd58830d06bb5b4440e8b49e91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
last-modified
Tue, 08 Mar 2022 20:58:04 GMT
server
nginx
etag
"6227c35c-5b736"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
374582
2022-Social-Card-Facebook-1200x630-1.jpg
www.heritagevalley.org/wp-content/uploads/2022/11/ 		429 KB
430 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/11/2022-Social-Card-Facebook-1200x630-1.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
8f6168c2a2fa4941c9bbd6a1cc9868b3671b6b1a664370eac506302dbbc84c6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
last-modified
Tue, 22 Nov 2022 17:21:13 GMT
server
nginx
etag
"637d0509-6b463"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
439395
Covid-scaled.jpg
www.heritagevalley.org/wp-content/uploads/2022/03/ 		529 KB
530 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/03/Covid-scaled.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
6d65d871712dfaef97e9c0213372666348bd8a35e2321851885e65d406e79151

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
last-modified
Tue, 08 Mar 2022 20:19:49 GMT
server
nginx
etag
"6227ba65-84350"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
541520
GettyImages-163752654.jpg
www.heritagevalley.org/wp-content/uploads/2022/03/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/03/GettyImages-163752654.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
8709e43e29b83d4aea33eef70bf66b91c1c565bd9049bddcde590ad8ada328d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
last-modified
Wed, 30 Mar 2022 17:58:23 GMT
server
nginx
etag
"62449a3f-13fa15"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1309205
IMG_4214-scaled-e1649944082458.jpg
www.heritagevalley.org/wp-content/uploads/2020/10/ 		515 KB
516 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2020/10/IMG_4214-scaled-e1649944082458.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
e445d9d1b9272eab38d3e20b02cc80a2e5449e8c22b086016cb628bdbd92e660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
last-modified
Thu, 14 Apr 2022 13:48:02 GMT
server
nginx
etag
"62582612-80dd2"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
527826
Bedi-M-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/03/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/03/Bedi-M-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
4c85c972291d5d105fb727127076bc1c7ede6695012a963d3ac6dabec5a429aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
last-modified
Thu, 10 Mar 2022 17:58:53 GMT
server
nginx
etag
"622a3c5d-17b37"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
97079
Cheng-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/Cheng-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
e264344709ffad08486d65fc663ff2aa0faf7adc85731d98608cb51ea552c4b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
last-modified
Tue, 02 Aug 2022 16:03:54 GMT
server
nginx
etag
"62e94aea-1ef4d"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
126797
Cherian-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/06/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/06/Cherian-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
a5a31d3d8d8104a65f41a3152363a59c72bb19c0320dff603b8ff9afdd8165a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
last-modified
Wed, 29 Jun 2022 13:51:38 GMT
server
nginx
etag
"62bc58ea-125f3"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
75251
Kolibash-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/Kolibash-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
61f3418768601f93b4e586a3cceee96e48be8cd1b4988dd86c2357a700c47e35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
last-modified
Tue, 02 Aug 2022 16:04:55 GMT
server
nginx
etag
"62e94b27-18e58"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
101976
Ladani-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/09/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/09/Ladani-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
dd17ff319a8b89f9413876d6ba32cb8bc98e6f31e01998d8417b8b577e13b245

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:42 GMT
last-modified
Thu, 01 Sep 2022 16:49:07 GMT
server
nginx
etag
"6310e283-d47a"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
54394
McCaffery-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/McCaffery-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
4f6c3999b8d82e89d3bb3204ffd09d0119a8b7e68195ca6349ae37027cccd733

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:42 GMT
last-modified
Tue, 02 Aug 2022 16:06:20 GMT
server
nginx
etag
"62e94b7c-13b31"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
80689
Miske-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/Miske-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
eaa3c0834688c0bbfcc63ef48969aa1033a3e1522ecd0f507e30aa6b63923c55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:42 GMT
last-modified
Tue, 02 Aug 2022 16:13:13 GMT
server
nginx
etag
"62e94d19-fa21"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
64033
Patel-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/Patel-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
e589a96cdc38a15a6db72b8d17132052502e63817ed609b84ebe95670e3d9bff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:42 GMT
last-modified
Thu, 25 Aug 2022 16:38:20 GMT
server
nginx
etag
"6307a57c-caac"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
51884
Ridenour-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/Ridenour-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
e08f58dadb18f1990b1b60eb7d3a45516fabeac8f9b48f4a9c260ad4029a7bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:42 GMT
last-modified
Tue, 02 Aug 2022 16:14:45 GMT
server
nginx
etag
"62e94d75-24e13"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
151059
print.min.css
www.heritagevalley.org/wp-content/themes/boxpress/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/css/print.min.css?ver=1649340206
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
db5acc1c8c888ee8c33d3146fe2b4ab448089432f074670ae78d93451ef9c0f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:42 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:03:26 GMT
server
nginx
etag
W/"624eef2e-a0b"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
Sanjari-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/Sanjari-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
1e2e6f86116a4adee2d52ec06e53ffd717db45efa73adba608e8609f6e58f4cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:42 GMT
last-modified
Tue, 02 Aug 2022 16:15:41 GMT
server
nginx
etag
"62e94dad-1777e"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
96126
Tiberio-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		354 KB
354 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/Tiberio-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
3d65b1096a44ad858ce08c93446ae2fd09c8477091afdfcbb136ff2c20e6dea3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:42 GMT
last-modified
Tue, 02 Aug 2022 16:16:50 GMT
server
nginx
etag
"62e94df2-58642"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
362050
Venet-Dr-Slideshow.jpg
www.heritagevalley.org/wp-content/uploads/2022/08/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2022/08/Venet-Dr-Slideshow.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
0e450c5af5b2b902e16e72353ca566141471ae75f2045e2d29256d7a113f65d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:42 GMT
last-modified
Tue, 02 Aug 2022 16:17:35 GMT
server
nginx
etag
"62e94e1f-10146"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
65862
home-block-careers-bkg.jpg
www.heritagevalley.org/wp-content/uploads/2020/05/ 		243 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/uploads/2020/05/home-block-careers-bkg.jpg
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
dc8674a75b098e04a8f1e0809649ac9ad518f857a03dcfbd43467474493c881c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:42 GMT
last-modified
Tue, 20 Oct 2020 15:32:53 GMT
server
nginx
etag
"5f8f0325-3cc33"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
248883
ctct-plugin-recaptcha-v2.min.js
www.heritagevalley.org/wp-content/plugins/constant-contact-forms/assets/js/ 		2 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-content/plugins/constant-contact-forms/assets/js/ctct-plugin-recaptcha-v2.min.js?ver=1.13.0
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
8bf36225d6afa995aede0e9b4594d929b8ed7f021175614f112e5927aa30419a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 13:11:24 GMT
server
nginx
etag
W/"628b87fc-695"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
api.js
www.google.com/recaptcha/ 		910 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=renderReCaptcha&render=explicit&ver=1.13.0
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d63fe2fa82e825892cec8c2558491540138765a5cb8233e12e7f2dab992ed7b5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
573
x-xss-protection
1; mode=block
expires
Mon, 26 Dec 2022 01:00:41 GMT
ctct-plugin-frontend.min.js
www.heritagevalley.org/wp-content/plugins/constant-contact-forms/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-content/plugins/constant-contact-forms/assets/js/ctct-plugin-frontend.min.js?ver=1.13.0
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
57094990a5724535c6697a73c46c0828cf57c9cd3d47b2377a3d9784f130f1b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 13:11:24 GMT
server
nginx
etag
W/"628b87fc-1062"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
site.min.js
www.heritagevalley.org/wp-content/themes/boxpress/assets/js/build/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/js/build/site.min.js?ver=1649340207
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
31f78ed76f3dded737d238c902d43a9193c688439dcfcaa64c761a346171d7b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:03:27 GMT
server
nginx
etag
W/"624eef2f-261a2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
gtm.js
www.googletagmanager.com/ 		228 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MM6ZBP
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8f5c10d05be184823ac2ec25811db179835c6c0c5cf1dbd8914267c4fd977af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80444
x-xss-protection
0
last-modified
Mon, 26 Dec 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 26 Dec 2022 01:00:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C500%2C700&display=swap&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heritagevalley.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:14:53 GMT
x-content-type-options
nosniff
age
215148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 13:14:53 GMT
large-arrow-right.png
www.heritagevalley.org/wp-content/themes/boxpress/assets/img/dist/icons/ 		259 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/img/dist/icons/large-arrow-right.png
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/wp-content/themes/boxpress/assets/css/style.min.css?ver=1649340206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
31222968e48f9e47c8de3f042dd08097ceb92e08d095eb9ff0613abba330c6be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/css/style.min.css?ver=1649340206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:42 GMT
last-modified
Thu, 07 Apr 2022 14:03:26 GMT
server
nginx
etag
"624eef2e-103"
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
259
footer-bkg@2x.png
www.heritagevalley.org/wp-content/themes/boxpress/assets/img/dist/backgrounds/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/img/dist/backgrounds/footer-bkg@2x.png
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/wp-content/themes/boxpress/assets/css/style.min.css?ver=1649340206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
aff4e867219ceae3e1802efa5658370b5d37e46c135c361eddc7d1c05de5ae0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/css/style.min.css?ver=1649340206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:42 GMT
last-modified
Thu, 07 Apr 2022 14:03:26 GMT
server
nginx
etag
"624eef2e-30cd"
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12493
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C500%2C700&display=swap&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heritagevalley.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 05:09:29 GMT
x-content-type-options
nosniff
age
244272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 05:09:29 GMT
kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C500%2C700&display=swap&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heritagevalley.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 08:47:15 GMT
x-content-type-options
nosniff
age
231206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27976
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:45:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 08:47:15 GMT
kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C500%2C700&display=swap&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heritagevalley.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:13:18 GMT
x-content-type-options
nosniff
age
460043
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27120
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:42:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Dec 2023 17:13:18 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C500%2C700&display=swap&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heritagevalley.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 20:10:25 GMT
x-content-type-options
nosniff
age
363016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 20:10:25 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderReCaptcha&render=explicit&ver=1.13.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heritagevalley.org/
Origin
https://www.heritagevalley.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 00:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Dec 2023 00:11:08 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM6ZBP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 25 Dec 2022 23:50:44 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4197
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 26 Dec 2022 01:50:44 GMT
activityi;dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
5118841.fls.doubleclick.net/ Frame 4659
Redirect Chain
  • https://5118841.fls.doubleclick.net/activityi;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F?
  • https://5118841.fls.doubleclick.net/activityi;dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww....
487 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5118841.fls.doubleclick.net/activityi;dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM6ZBP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f198.1e100.net
Software
cafe /
Resource Hash
89c4f099eb8a812b1fbfbbc14a5d71aeda1a69897d16a5d25f4694b9d1d6b4d6
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heritagevalley.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
260
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 01:00:42 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 01:00:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5118841.fls.doubleclick.net/activityi;dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
scevent.min.js
sc-static.net/ 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM6ZBP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-250.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
4873b20f1a4561114f55aa1114e0bb530bd87e12054a8159446b4aff75c48c2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA53-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
13268
x-amz-cf-id
Bsy0YI19lLmTJ67E0JIuygEKEKj1JJAq205HKzyO0pDYZz5s9QHPcw==
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 26 Dec 2022 01:00:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
f1QmsIi0zYZZQNcOIsLIjRkjuDLCr5iXXOJ4bkkdwC1aKrlgf6ElTuQqYxJYQnukvirJfK8TaxWMyf50VOEuqg==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		213 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B7PDX6QBWS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM6ZBP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
643c13b51c3e1516148b7a424eab0ac4c3c286e14f30410d26508c31080b2d2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76343
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 26 Dec 2022 01:00:41 GMT
430909190736370
connect.facebook.net/signals/config/ 		293 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/430909190736370?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6d15a82006c3d71bc8005cce2492ba6556b605fb16ac24c33b5b27892fb9f332
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 26 Dec 2022 01:00:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
/OsidxZQG+q10jVbxWJTHPQ6V1bGd3Gb34J9X8QxXy8V9PE5fd3Dv4lBLB3FRJdvqEyKYf40u8+AYH5k4iW7gA==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
i
tr.snapchat.com/cm/ Frame B9F3 		0
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=4ce72ccc-880f-4386-866b-1210bbf0a8ef&u_scsid=c65fc4a4-1643-4fa2-aa20-80592270faee&u_sclid=bd30c899-3487-4314-ae30-1d70f16dc3e8
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heritagevalley.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Mon, 26 Dec 2022 01:00:42 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
4ce72ccc-880f-4386-866b-1210bbf0a8ef.js
tr.snapchat.com/config/org/ 		144 B
537 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/org/4ce72ccc-880f-4386-866b-1210bbf0a8ef.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
a09ba389d76ac04b3802a46c8f317bd0b82265fbcce6819260ace0b4831f19dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heritagevalley.org/
Origin
https://www.heritagevalley.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.heritagevalley.org
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
stats.g.doubleclick.net/j/ 		1 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-50003668-1&cid=1847996664.1672016442&jid=1240033340&gjid=161547635&_gid=713736043.1672016442&_u=YGBAgEABAAAAAEAAI~&z=646783949
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heritagevalley.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 26 Dec 2022 01:00:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heritagevalley.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2043102330&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heritagevalley.org%2F&ul=en-us&de=UTF-8&dt=Heritage%20Valley%20Health%20System%20-%20Uniquely%20Connected.%20For%20Life.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAAAAAI~&jid=1240033340&gjid=161547635&cid=1847996664.1672016442&tid=UA-50003668-1&_gid=713736043.1672016442&gtm=2wgbu0MM6ZBP&z=1924397531
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
80291
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
p
tr.snapchat.com/ 		68 B
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heritagevalley.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 26 Dec 2022 01:00:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
text/html
access-control-allow-origin
https://www.heritagevalley.org
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
5
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
collect
region1.google-analytics.com/g/ 		0
352 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B7PDX6QBWS&gtm=2oebu0&_p=2043102330&cid=1847996664.1672016442&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672016442&sct=1&seg=0&dl=https%3A%2F%2Fwww.heritagevalley.org%2F&dt=Heritage%20Valley%20Health%20System%20-%20Uniquely%20Connected.%20For%20Life.&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B7PDX6QBWS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 01:00:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heritagevalley.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=430909190736370&ev=PageView&dl=https%3A%2F%2Fwww.heritagevalley.org%2F&rl=&if=false&ts=1672016442095&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1672016442092.1498321381&it=1672016441893&coo=false&rqm=GET
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 26 Dec 2022 01:00:42 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
adservice.google.com/ddm/fls/i/ Frame ADDA 		486 B
727 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Requested by
Host: 5118841.fls.doubleclick.net
URL: https://5118841.fls.doubleclick.net/activityi;dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae0640409ca7fde935727c3375eeb47bf86c64a61e77b19fe05d7694e508ab6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5118841.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
260
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 01:00:42 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
home-arrow-left.png
www.heritagevalley.org/wp-content/themes/boxpress/assets/img/dist/icons/ 		617 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/img/dist/icons/home-arrow-left.png
Requested by
Host: www.heritagevalley.org
URL: https://www.heritagevalley.org/wp-content/themes/boxpress/assets/css/style.min.css?ver=1649340206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.93.197.2 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
722501.cloudwaysapps.com
Software
nginx /
Resource Hash
b9ae663ffcdb8415ba25ad6f820ba6b0aaca62aceb90246df2629515db6b4dc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heritagevalley.org/wp-content/themes/boxpress/assets/css/style.min.css?ver=1649340206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:00:42 GMT
last-modified
Thu, 07 Apr 2022 14:03:26 GMT
server
nginx
etag
"624eef2e-269"
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
617
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C500%2C700&display=swap&ver=6.0.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heritagevalley.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:25:53 GMT
x-content-type-options
nosniff
age
567289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 11:25:53 GMT
dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
5118841.fls.doubleclick.net/ddm/fls/r/ Frame C666
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritage...
  • https://5118841.fls.doubleclick.net/ddm/fls/r/dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww....
384 B
206 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5118841.fls.doubleclick.net/ddm/fls/r/dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f198.1e100.net
Software
cafe /
Resource Hash
5e2f8d3cd0bb39417d59f8d588c3393ee97199690af27bf9b40e0947d8f4f57f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
181
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 01:00:42 GMT
expires
Mon, 26 Dec 2022 01:00:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 01:00:42 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://5118841.fls.doubleclick.net/ddm/fls/r/dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heritagevalley.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary2gMNkKWHp5yMFbPT

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 26 Dec 2022 01:00:42 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
https://www.heritagevalley.org
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=1
rs
tags.w55c.net/ Frame C666
Redirect Chain
  • https://tags.w55c.net/rs?id=5d8a801a4caa4a7f9d2363efeda8866d&t=marketing
  • https://tags.w55c.net/rs?sccid=ea5a106f-721f-694b-5a91-e81549f84ccc&scc=1&id=5d8a801a4caa4a7f9d2363efeda8866d&t=marketing
42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.w55c.net/rs?sccid=ea5a106f-721f-694b-5a91-e81549f84ccc&scc=1&id=5d8a801a4caa4a7f9d2363efeda8866d&t=marketing
Requested by
Host: 5118841.fls.doubleclick.net
URL: https://5118841.fls.doubleclick.net/ddm/fls/r/dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Protocol
HTTP/1.1
Server
3.126.34.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-34-117.eu-central-1.compute.amazonaws.com
Software
Retargeting/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0e252bea97934d44f@eu-central-1b@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5118841.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Dec 2022 01:00:42 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0e252bea97934d44f@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Dec 2022 01:00:42 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0f25e10db9e73ae52@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://tags.w55c.net/rs?sccid=ea5a106f-721f-694b-5a91-e81549f84ccc&scc=1&id=5d8a801a4caa4a7f9d2363efeda8866d&t=marketing
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
handleConversion
cvt.mydas.mobi/ Frame C666 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvt.mydas.mobi/handleConversion?goalId=55619
Requested by
Host: 5118841.fls.doubleclick.net
URL: https://5118841.fls.doubleclick.net/ddm/fls/r/dc_pre=CK6L1dCKlvwCFdOQ1Qodta8MRw;src=5118841;type=hvhsh0;cat=hvhsh0;ord=1130546347875;gtm=2wgbu0;auiddc=1896171957.1672016442;~oref=https%3A%2F%2Fwww.heritagevalley.org%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5118841.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange undefined| $ function| jQuery object| dataLayer object| tribe_l10n_datatables function| ctctEnableBtn function| ctctDisableBtn function| renderReCaptcha object| CTCTSupport function| storageAvailable function| tns object| MicroModal object| Popper object| ProgressBar function| tippy number| tnsId object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| tr function| snaptr function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData object| recaptcha function| onYouTubeIframeAPIReady

13 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
.heritagevalley.org/ Name: _gcl_au
Value: 1.1.1896171957.1672016442
.heritagevalley.org/ Name: _schn
Value: _9rzzpb
.heritagevalley.org/ Name: _scid
Value: 4165d395-56c2-4ac4-b4b9-eae887bb334f
.heritagevalley.org/ Name: _gid
Value: GA1.2.713736043.1672016442
.heritagevalley.org/ Name: _dc_gtm_UA-50003668-1
Value: 1
.heritagevalley.org/ Name: _ga_B7PDX6QBWS
Value: GS1.1.1672016442.1.0.1672016442.0.0.0
.heritagevalley.org/ Name: _ga
Value: GA1.1.1847996664.1672016442
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQgCZMOacd6xUcP7tfBW6W1V40NGVH37ZONSR3kjNRT3oUkOM/6bjz3TIAAAA=
.heritagevalley.org/ Name: _fbp
Value: fb.1.1672016442092.1498321381
.doubleclick.net/ Name: IDE
Value: AHWqTUncLbmDT0HvYVqknnEXRoK6y8gGWb0iAACrM_S7wM0zXNanELPOE9eAm_j7ab4
.w55c.net/ Name: wfivefivec
Value: zv1dcvJe1P9BR82
.mydas.mobi/ Name: A3
Value: d=AQABBDryqGMCEEgKej1ZjVTZbUbaWiYjGf4&S=AQAAArp2UEks8ylzuYeFLxvD1x0

1 Console Messages

Source Level URL
Text
network error URL: https://cvt.mydas.mobi/handleConversion?goalId=55619
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5118841.fls.doubleclick.net
adservice.google.com
adservice.google.de
connect.facebook.net
cvt.mydas.mobi
fonts.googleapis.com
fonts.gstatic.com
heritagevalley.org
region1.google-analytics.com
sc-static.net
stats.g.doubleclick.net
tags.w55c.net
tr.snapchat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.heritagevalley.org
www.ohiovalleyhospital.org
142.93.197.2
143.204.207.250
172.217.16.198
2001:4860:4802:32::178
2001:4860:4802:32::36
205.178.189.131
2a00:1288:f03d:1fa::2000
2a00:1450:4001:806::200a
2a00:1450:4001:809::2003
2a00:1450:4001:827::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:400d:803::2002
2a00:1450:400d:803::2008
2a00:1450:4025:401::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.126.34.117
35.190.43.134
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0e450c5af5b2b902e16e72353ca566141471ae75f2045e2d29256d7a113f65d5
1e2e6f86116a4adee2d52ec06e53ffd717db45efa73adba608e8609f6e58f4cb
2482c78f63244feb1c68183c888ee9f1705b0e48b798faa197575a6a89bddcc8
31222968e48f9e47c8de3f042dd08097ceb92e08d095eb9ff0613abba330c6be
31f78ed76f3dded737d238c902d43a9193c688439dcfcaa64c761a346171d7b5
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3d65b1096a44ad858ce08c93446ae2fd09c8477091afdfcbb136ff2c20e6dea3
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4873b20f1a4561114f55aa1114e0bb530bd87e12054a8159446b4aff75c48c2b
4c85c972291d5d105fb727127076bc1c7ede6695012a963d3ac6dabec5a429aa
4f6c3999b8d82e89d3bb3204ffd09d0119a8b7e68195ca6349ae37027cccd733
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
57094990a5724535c6697a73c46c0828cf57c9cd3d47b2377a3d9784f130f1b0
59f6ff65dc001ae2bd155bab4b50ec05d687539b2c44bb5571db0eeff8b3af77
5e2f8d3cd0bb39417d59f8d588c3393ee97199690af27bf9b40e0947d8f4f57f
61f3418768601f93b4e586a3cceee96e48be8cd1b4988dd86c2357a700c47e35
643c13b51c3e1516148b7a424eab0ac4c3c286e14f30410d26508c31080b2d2f
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
6934453a3fabfff63f01680aab4d754d44fbe50938fa5b1347b3bfb93e71a03d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
6d15a82006c3d71bc8005cce2492ba6556b605fb16ac24c33b5b27892fb9f332
6d65d871712dfaef97e9c0213372666348bd8a35e2321851885e65d406e79151
7a31386fdc14ca3f63c87c77d02fb6d5d426f9dd58830d06bb5b4440e8b49e91
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8709e43e29b83d4aea33eef70bf66b91c1c565bd9049bddcde590ad8ada328d1
89c4f099eb8a812b1fbfbbc14a5d71aeda1a69897d16a5d25f4694b9d1d6b4d6
8bf36225d6afa995aede0e9b4594d929b8ed7f021175614f112e5927aa30419a
8f6168c2a2fa4941c9bbd6a1cc9868b3671b6b1a664370eac506302dbbc84c6c
a09ba389d76ac04b3802a46c8f317bd0b82265fbcce6819260ace0b4831f19dc
a5a31d3d8d8104a65f41a3152363a59c72bb19c0320dff603b8ff9afdd8165a2
ae0640409ca7fde935727c3375eeb47bf86c64a61e77b19fe05d7694e508ab6f
aff4e867219ceae3e1802efa5658370b5d37e46c135c361eddc7d1c05de5ae0c
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b9ae663ffcdb8415ba25ad6f820ba6b0aaca62aceb90246df2629515db6b4dc5
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
caba3618d33a0b8223691d02f63e85e951bb4ffd0f5da0fcc44eaef0dd0858b9
d63fe2fa82e825892cec8c2558491540138765a5cb8233e12e7f2dab992ed7b5
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
db5acc1c8c888ee8c33d3146fe2b4ab448089432f074670ae78d93451ef9c0f2
dc8674a75b098e04a8f1e0809649ac9ad518f857a03dcfbd43467474493c881c
dd17ff319a8b89f9413876d6ba32cb8bc98e6f31e01998d8417b8b577e13b245
e08f58dadb18f1990b1b60eb7d3a45516fabeac8f9b48f4a9c260ad4029a7bdc
e264344709ffad08486d65fc663ff2aa0faf7adc85731d98608cb51ea552c4b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e445d9d1b9272eab38d3e20b02cc80a2e5449e8c22b086016cb628bdbd92e660
e589a96cdc38a15a6db72b8d17132052502e63817ed609b84ebe95670e3d9bff
e8f5c10d05be184823ac2ec25811db179835c6c0c5cf1dbd8914267c4fd977af
eaa3c0834688c0bbfcc63ef48969aa1033a3e1522ecd0f507e30aa6b63923c55
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615