savingplaces.production.nthp.vigetx.com Open in urlscan Pro
34.236.116.142 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://savingplaces.production.nthp.vigetx.com/
Submission: On July 15 via automatic, source certstream-suspicious (July 15th 2024, 11:54:37 pm UTC) — Scanned from DE

Summary HTTP 45 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 17 domains to perform 45 HTTP transactions. The main IP is 34.236.116.142, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is savingplaces.production.nthp.vigetx.com.
TLS certificate: Issued by R11 on July 15th 2024. Valid for: 3 months.

This is the only time savingplaces.production.nthp.vigetx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	34.236.116.142 34.236.116.142	14618 (AMAZON-AES) (AMAZON-AES)
5	2600:9000:206... 2600:9000:206f:1000:1c:9a14:86c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1 2	2606:4700::68... 2606:4700::6811:f6cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.28.154.160 52.28.154.160	16509 (AMAZON-02) (AMAZON-02)
1	52.48.79.92 52.48.79.92	16509 (AMAZON-02) (AMAZON-02)
1 2	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
1	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:264... 2600:9000:2646:2000:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
1	3.225.63.64 3.225.63.64	14618 (AMAZON-AES) (AMAZON-AES)
45	19

12 34.236.116.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-116-142.compute-1.amazonaws.com

savingplaces.production.nthp.vigetx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:206f:1000:1c:9a14:86c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.savingplaces.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f6cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.28.154.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-154-160.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.79.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-79-92.eu-west-1.compute.amazonaws.com

api.uxtweak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f6.1e100.net

12366623.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:2000:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.63.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-63-64.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	vigetx.com savingplaces.production.nthp.vigetx.com	241 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	460 KB
5	savingplaces.org cdn.savingplaces.org	398 KB
4	doubleclick.net 1 redirects 12366623.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 210 stats.g.doubleclick.net — Cisco Umbrella Rank: 252	1 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 4688	10 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 534	15 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1314	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	73 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1859	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2461	15 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1356	393 B
1	t.co t.co — Cisco Umbrella Rank: 979	376 B
1	uxtweak.com api.uxtweak.com — Cisco Umbrella Rank: 171149	741 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	15 KB
45	17

	Domain	Requested by
12	savingplaces.production.nthp.vigetx.com	savingplaces.production.nthp.vigetx.com
5	www.googletagmanager.com	savingplaces.production.nthp.vigetx.com www.googletagmanager.com
5	cdn.savingplaces.org	savingplaces.production.nthp.vigetx.com
4	tags.srv.stackadapt.com	savingplaces.production.nthp.vigetx.com tags.srv.stackadapt.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com savingplaces.production.nthp.vigetx.com
2	www.facebook.com	savingplaces.production.nthp.vigetx.com
2	12366623.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	unpkg.com	1 redirects savingplaces.production.nthp.vigetx.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
1	ping.chartbeat.net
1	static.chartbeat.com	savingplaces.production.nthp.vigetx.com
1	www.google.de	savingplaces.production.nthp.vigetx.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	analytics.twitter.com	savingplaces.production.nthp.vigetx.com
1	t.co	savingplaces.production.nthp.vigetx.com
1	ad.doubleclick.net	savingplaces.production.nthp.vigetx.com
1	api.uxtweak.com	savingplaces.production.nthp.vigetx.com
1	static.ads-twitter.com	www.googletagmanager.com
45	19

This site contains links to these domains. Also see Links.

Domain
support.savingplaces.org
mainstreet.org
legacy.savingplaces.org
events.savingplaces.org
savingplaces.org
www.facebook.com
twitter.com
instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
savingplaces.production.nthp.vigetx.com R11	`2024-07-15` - `2024-10-13`	3 months	crt.sh
cdn.savingplaces.org Amazon RSA 2048 M02	`2023-12-21` - `2025-01-19`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-24` - `2024-07-23`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
api.uxtweak.com Amazon RSA 2048 M02	`2023-11-12` - `2024-12-10`	a year	crt.sh
*.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.de WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://savingplaces.production.nthp.vigetx.com/
Frame ID: 80B2C49F506E152AC17AAAF72958675E
Requests: 44 HTTP requests in this frame

Frame: https://12366623.fls.doubleclick.net/activityi;dc_pre=CNfUqZqfqocDFUpGkQUdqb4JZw;src=12366623;type=remar0;cat=websi0;ord=1;num=348986753090;npa=1;auiddc=1202362093.1721087671;ps=1;pcor=933203524;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9190899351z86574497za201zb6574497;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsavingplaces.production.nthp.vigetx.com%2F
Frame ID: 60CC394A0C0C96A6CA0D8177DCDC9752
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

@SavingPlaces | National Trust for Historic Preservation

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

45
Requests

98 %
HTTPS

53 %
IPv6

17
Domains

19
Subdomains

19
IPs

5
Countries

1235 kB
Transfer

2772 kB
Size

22
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://support.savingplaces.org/page/66750/action/1?frequency=monthly&transaction.othamt1=WF25ZZRDGENC
Title: Donate

Search URL Search Domain Scan URL

URL: https://support.savingplaces.org/page/48486/donate/1?transaction.othamt1=WR25ZZSDLAPC
Title: Renew

Search URL Search Domain Scan URL

URL: https://support.savingplaces.org/page/56820/donate/1?transaction.othamt1=WA25ZZSDPROC
Title: Join

Search URL Search Domain Scan URL

URL: https://mainstreet.org/
Title: Main Street America

Search URL Search Domain Scan URL

URL: https://legacy.savingplaces.org/
Title: Planned Giving

Search URL Search Domain Scan URL

URL: https://events.savingplaces.org/pastforward
Title: <img alt="PastForward 2024" src="https://cdn.savingplaces.org/2024/07/01/01/01/20/182/PF24_NOLA_HP_CARD_Half.webp" loading="lazy"> .st0{fill:#FFFFFF;}

Search URL Search Domain Scan URL

URL: https://savingplaces.org/historicrealestate
Title: Historic Real Estate

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NationalTrustforHistoricPreservation
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/SavingPlaces
Title: Twitter

Search URL Search Domain Scan URL

URL: http://instagram.com/savingplaces
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/national-trust-for-historic-preservation
Title: LinkedIn

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@4.2.1/dist/web-vitals.iife.js

Request Chain 26

https://12366623.fls.doubleclick.net/activityi;src=12366623;type=remar0;cat=websi0;ord=1;num=348986753090;npa=1;auiddc=1202362093.1721087671;ps=1;pcor=933203524;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9190899351z86574497za201zb6574497;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsavingplaces.production.nthp.vigetx.com%2F HTTP 302
https://12366623.fls.doubleclick.net/activityi;dc_pre=CNfUqZqfqocDFUpGkQUdqb4JZw;src=12366623;type=remar0;cat=websi0;ord=1;num=348986753090;npa=1;auiddc=1202362093.1721087671;ps=1;pcor=933203524;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9190899351z86574497za201zb6574497;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsavingplaces.production.nthp.vigetx.com%2F

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
savingplaces.production.nthp.vigetx.com/ 264 KB
75 KB 324ms
103ms Document
text/html 34.236.116.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://savingplaces.production.nthp.vigetx.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.236.116.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-116-142.compute-1.amazonaws.com

Software

nginx + Phusion Passenger(R) 6.0.16 / Phusion Passenger(R) 6.0.16

Resource Hash

d1981fc0715329149ada8c239a56b432e818011b876f0eddd9dfcce676310821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://nthp.maps.arcgis.com
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 15 Jul 2024 23:54:30 GMT
etag: W/"46f9ec5837deb21e83e16cb9902380ec"
server: nginx + Phusion Passenger(R) 6.0.16
status: 200 OK
strict-transport-security: max-age=31536000 max-age=63072000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: allow-from https://nthp.maps.arcgis.com
x-powered-by: Phusion Passenger(R) 6.0.16
x-request-id: f1b5e2a5-f6d0-4e5f-978d-d426e6f3c295
x-runtime: 0.004443
x-xss-protection: 1; mode=block

GET
H2 200 calendas-plus-regular.woff2
savingplaces.production.nthp.vigetx.com/fonts/ 33 KB
34 KB 289ms
280ms Font
font/woff2 34.236.116.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://savingplaces.production.nthp.vigetx.com/fonts/calendas-plus-regular.woff2
Requested by: Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.236.116.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-116-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf27183b9f801d9ecc2e23803f80d2f187afafc9ebc248876809c0705b0432c3

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
Origin: https://savingplaces.production.nthp.vigetx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
content-encoding: gzip
last-modified: Sat, 21 Jan 2023 01:58:10 GMT
server: nginx
etag: W/"63cb46b2-859c"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *

GET
H2 200 gibson-light.woff2
savingplaces.production.nthp.vigetx.com/fonts/ 32 KB
32 KB 289ms
280ms Font
font/woff2 34.236.116.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://savingplaces.production.nthp.vigetx.com/fonts/gibson-light.woff2
Requested by: Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.236.116.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-116-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b0fab0c42555a4552556a78d9041196e7287b2ee9e0eeca6e65ed3ad3ae9593d

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
Origin: https://savingplaces.production.nthp.vigetx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
content-encoding: gzip
last-modified: Sat, 21 Jan 2023 01:58:10 GMT
server: nginx
etag: W/"63cb46b2-7e08"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *

GET
H2 200 gibson-semibold.woff2
savingplaces.production.nthp.vigetx.com/fonts/ 33 KB
33 KB 289ms
280ms Font
font/woff2 34.236.116.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://savingplaces.production.nthp.vigetx.com/fonts/gibson-semibold.woff2
Requested by: Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.236.116.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-116-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a149a6dc97d8269d407f42b4419ea5f37b2dba437f4e51c654590e8f02deb0c8

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
Origin: https://savingplaces.production.nthp.vigetx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
content-encoding: gzip
last-modified: Sat, 21 Jan 2023 01:58:10 GMT
server: nginx
etag: W/"63cb46b2-8564"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *

GET
H2 200 application-16083a760cea09878050543623e69e90f6dc1f9eb352fe9e1a0b8fd45024c97e.css
savingplaces.production.nthp.vigetx.com/assets/ 148 KB
25 KB 283ms
274ms Stylesheet
text/css 34.236.116.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://savingplaces.production.nthp.vigetx.com/assets/application-16083a760cea09878050543623e69e90f6dc1f9eb352fe9e1a0b8fd45024c97e.css
Requested by: Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.236.116.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-116-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 569007a5d025f4caa8243762fbe4b33f307e96b78dfb733981b912b83b7b723b

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
content-encoding: gzip
last-modified: Mon, 08 Jul 2024 14:14:08 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
content-length: 25614
expires: Tue, 15 Jul 2025 23:54:31 GMT

GET
H2 200 application-print-aa36071e182f9fbcb53e4bfaf9c9b567464e51b48363c4b7167705ce3814b85b.css
savingplaces.production.nthp.vigetx.com/assets/ 4 KB
2 KB 100ms
100ms Stylesheet
text/css 34.236.116.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://savingplaces.production.nthp.vigetx.com/assets/application-print-aa36071e182f9fbcb53e4bfaf9c9b567464e51b48363c4b7167705ce3814b85b.css
Requested by: Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.236.116.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-116-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: aa36071e182f9fbcb53e4bfaf9c9b567464e51b48363c4b7167705ce3814b85b

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
content-encoding: gzip
last-modified: Mon, 13 Mar 2023 13:09:06 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
content-length: 1627
expires: Tue, 15 Jul 2025 23:54:31 GMT

GET
H2 200 Route66_033_cr_KellyParas_HERO.webp
cdn.savingplaces.org/2024/06/28/11/34/00/811/ 207 KB
207 KB 501ms
430ms Image
application/octet-stream 2600:9000:206f:1000:1c:9a14:86c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.savingplaces.org/2024/06/28/11/34/00/811/Route66_033_cr_KellyParas_HERO.webp
Requested by: Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:1c:9a14:86c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad43348815691f20283a9117b9e8b5394224bd4500d32e450eee15c1ceaface9

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:32 GMT
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified: Fri, 28 Jun 2024 15:34:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
etag: "7a545bb3aee6dccd5aa0d8369fce511d"
x-cache: RefreshHit from cloudfront
content-type: application/octet-stream
x-amz-meta-json: {"name":"Route66_033_cr_KellyParas_HERO.webp","model_class":"Photo","model_attachment":"image","format":"webp","mime_type":null}
accept-ranges: bytes
content-length: 211512
x-amz-cf-id: wJ6yrADr3W4EDT9unZAwUralrzR9AOf9hmvKdD6f6r_n07svxKrHdA==

GET
H2 200 application-ce1cd4fccede54dfaa99e64695e387b9172c780a3d43f7d00dde83f759c276e5.js Show response
savingplaces.production.nthp.vigetx.com/assets/ 8 KB
3 KB 191ms
191ms Script
application/javascript 34.236.116.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://savingplaces.production.nthp.vigetx.com/assets/application-ce1cd4fccede54dfaa99e64695e387b9172c780a3d43f7d00dde83f759c276e5.js
Requested by: Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.236.116.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-116-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ce1cd4fccede54dfaa99e64695e387b9172c780a3d43f7d00dde83f759c276e5

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 13:56:26 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
content-length: 3033
expires: Tue, 15 Jul 2025 23:54:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 358 KB
111 KB 78ms
33ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KHZ5FZ

Requested by

Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e024aa987a21b2a2f5f7a75734608bc9556e5f6b5c32f643b82dba0aa9c7fff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112938
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 22:56:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Jul 2024 23:54:31 GMT

GET
H2 200 nearby_places Show response
savingplaces.production.nthp.vigetx.com/ 11 KB
2 KB 145ms
144ms XHR
text/html 34.236.116.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://savingplaces.production.nthp.vigetx.com/nearby_places

Requested by

Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.236.116.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-116-142.compute-1.amazonaws.com

Software

nginx + Phusion Passenger(R) 6.0.16 / Phusion Passenger(R) 6.0.16

Resource Hash

feab57a9e5e5088b4dc09ce802446a8d87840d4b4e1205f8f89198e578703c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://nthp.maps.arcgis.com
X-Xss-Protection	1; mode=block

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.044115
strict-transport-security: max-age=31536000, max-age=63072000; preload
date: Mon, 15 Jul 2024 23:54:31 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: nginx + Phusion Passenger(R) 6.0.16
etag: W/"7514bf43af061a9a8f50f5b2be125bd6"
x-powered-by: Phusion Passenger(R) 6.0.16
vary: Accept-Encoding
x-frame-options: allow-from https://nthp.maps.arcgis.com
content-type: text/html; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: 1a72cfc8-b9a3-4c62-86f6-27492c8d5598

GET
H2 200 loader-58a1a7504433c250b15bc8d03e634b08e5e44ad7701b38501100ee4592bfcbee.gif
savingplaces.production.nthp.vigetx.com/assets/home/ 7 KB
7 KB 102ms
102ms Image
image/gif 34.236.116.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingplaces.production.nthp.vigetx.com/assets/home/loader-58a1a7504433c250b15bc8d03e634b08e5e44ad7701b38501100ee4592bfcbee.gif
Requested by: Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/assets/application-16083a760cea09878050543623e69e90f6dc1f9eb352fe9e1a0b8fd45024c97e.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.236.116.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-116-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 58a1a7504433c250b15bc8d03e634b08e5e44ad7701b38501100ee4592bfcbee

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/assets/application-16083a760cea09878050543623e69e90f6dc1f9eb352fe9e1a0b8fd45024c97e.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
last-modified: Sat, 21 Jan 2023 01:58:10 GMT
server: nginx
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 6820
expires: Tue, 15 Jul 2025 23:54:31 GMT

GET
H2 200 wave-loose-light-blue-4c9bc5d2774c1bb0e5223b1df0334e89d23207a0cb61134e096fad13084162ea.svg
savingplaces.production.nthp.vigetx.com/assets/ 183 B
356 B 102ms
102ms Image
image/svg+xml 34.236.116.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingplaces.production.nthp.vigetx.com/assets/wave-loose-light-blue-4c9bc5d2774c1bb0e5223b1df0334e89d23207a0cb61134e096fad13084162ea.svg
Requested by: Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/assets/application-16083a760cea09878050543623e69e90f6dc1f9eb352fe9e1a0b8fd45024c97e.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.236.116.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-116-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4c9bc5d2774c1bb0e5223b1df0334e89d23207a0cb61134e096fad13084162ea

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/assets/application-16083a760cea09878050543623e69e90f6dc1f9eb352fe9e1a0b8fd45024c97e.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
content-encoding: gzip
last-modified: Sat, 21 Jan 2023 01:58:10 GMT
server: nginx
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public
content-length: 164
expires: Tue, 15 Jul 2025 23:54:31 GMT

GET
H2 200 range-mono-regular.woff2
savingplaces.production.nthp.vigetx.com/fonts/ 24 KB
24 KB 102ms
102ms Font
font/woff2 34.236.116.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://savingplaces.production.nthp.vigetx.com/fonts/range-mono-regular.woff2
Requested by: Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/assets/application-16083a760cea09878050543623e69e90f6dc1f9eb352fe9e1a0b8fd45024c97e.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.236.116.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-116-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 655dad10c1b4fcd367299ead416869c1dc8a399c1da648cda7ca7a9aa118fc5a

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/assets/application-16083a760cea09878050543623e69e90f6dc1f9eb352fe9e1a0b8fd45024c97e.css
Origin: https://savingplaces.production.nthp.vigetx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
content-encoding: gzip
last-modified: Sat, 21 Jan 2023 01:58:10 GMT
server: nginx
etag: W/"63cb46b2-611c"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *

GET
H2 200 05_eFullCard_MainStreetDeadwood.webp
cdn.savingplaces.org/2023/06/22/16/47/08/574/ 56 KB
56 KB 407ms
406ms Image
application/octet-stream 2600:9000:206f:1000:1c:9a14:86c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.savingplaces.org/2023/06/22/16/47/08/574/05_eFullCard_MainStreetDeadwood.webp
Requested by: Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:1c:9a14:86c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa237e7c877d0b075f069086189e371a18b3e5045d4194176095f2a79cfb5c13

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:32 GMT
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jun 2023 20:47:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
etag: "03f93013b7db8592500e344ad6a5c007"
x-cache: RefreshHit from cloudfront
content-type: application/octet-stream
x-amz-meta-json: {"name":"05_eFullCard_MainStreetDeadwood.webp","model_class":"Photo","model_attachment":"image","format":"webp","mime_type":null}
accept-ranges: bytes
content-length: 57002
x-amz-cf-id: U1qkd65ScxVHITTUxYgRfx0-lXmvxQcqr0YBudL-ZNwgX68W01k9iQ==

GET
H2 200 PF24_NOLA_HP_CARD_Half.webp
cdn.savingplaces.org/2024/06/27/12/18/03/475/ 7 KB
7 KB 403ms
402ms Image
application/octet-stream 2600:9000:206f:1000:1c:9a14:86c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.savingplaces.org/2024/06/27/12/18/03/475/PF24_NOLA_HP_CARD_Half.webp
Requested by: Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:1c:9a14:86c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4113998697625677a79327e5d266100b35a37d786146144ad44de3167f45df7

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:32 GMT
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jun 2024 16:18:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
etag: "7514ef2af7822ca299c5c7fa9b59c470"
x-cache: RefreshHit from cloudfront
content-type: application/octet-stream
x-amz-meta-json: {"name":"PF24_NOLA_HP_CARD_Half.webp","model_class":"Photo","model_attachment":"image","format":"webp","mime_type":null}
accept-ranges: bytes
content-length: 7044
x-amz-cf-id: hcnlnNsyifefkhkABFeQcEe7pBT6sjFhZnNMen3YGpq6tQftPOpb9A==

GET
H2 200 SP24_Chinatown_NYC_crMoDaoud-CARD.webp
cdn.savingplaces.org/2024/05/01/14/13/38/741/ 77 KB
78 KB 413ms
413ms Image
application/octet-stream 2600:9000:206f:1000:1c:9a14:86c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.savingplaces.org/2024/05/01/14/13/38/741/SP24_Chinatown_NYC_crMoDaoud-CARD.webp
Requested by: Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:1c:9a14:86c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc74bd6610f9d2f493cdfdd7ec3773def4c0f8db0a803ddab4308ba5f5ddbbb5

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:32 GMT
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified: Wed, 01 May 2024 18:13:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
etag: "318882e26b1784fbc585593c389a1313"
x-cache: RefreshHit from cloudfront
content-type: application/octet-stream
x-amz-meta-json: {"name":"SP24_Chinatown_NYC_crMoDaoud-CARD.webp","model_class":"Photo","model_attachment":"image","format":"webp","mime_type":null}
accept-ranges: bytes
content-length: 78864
x-amz-cf-id: R3GxQb81QHnkd8j33oTQ1UKpB62ZZGvgdZNZhEbh_3fds20Cz9MIDQ==

GET
H2 200 Lyndhurst_0250-HDR-Pano2_crCliffordPickett_mr.webp
cdn.savingplaces.org/2023/03/13/09/10/26/293/ 49 KB
49 KB 413ms
413ms Image
application/octet-stream 2600:9000:206f:1000:1c:9a14:86c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.savingplaces.org/2023/03/13/09/10/26/293/Lyndhurst_0250-HDR-Pano2_crCliffordPickett_mr.webp
Requested by: Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:1c:9a14:86c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9bc94e9b2ca35fdd5b872aaa72080f1533789d9168290b5b0093d885abb5dac

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:32 GMT
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified: Mon, 13 Mar 2023 13:10:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
etag: "dfee6631bd6da9a9d26f561d11d28496"
x-cache: RefreshHit from cloudfront
content-type: application/octet-stream
x-amz-meta-json: {"name":"Lyndhurst_0250-HDR-Pano2_crCliffordPickett_mr.webp","model_class":"Photo","model_attachment":"image","format":"webp","mime_type":null}
accept-ranges: bytes
content-length: 50036
x-amz-cf-id: CR8Xc5qwwBWTRX6STPFswr1YMJ5Uft0d3oXDOB4McbPS7-my6bnOuA==

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 112ms
58ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHZ5FZ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 15 Jul 2024 23:54:30 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 674DF3615DD14D049A7EA757E9525C08 Ref B: FRAEDGE1407 Ref C: 2024-07-15T23:54:31Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 223 KB
60 KB 29ms
10ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHZ5FZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 15 Jul 2024 23:54:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: ghErSiSxGg6UdJtRMY9valJ0quEdEJ0pghL2xSBR1rgi9X5/gKXcp7LRYGKM0DUvSZWewWnX9Zav11moCURE/A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 45ms
8ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHZ5FZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-eddf8230158-FRA

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@4.2.1/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@4.2.1/dist/web-vitals.iife.js

7 KB
3 KB

21ms
19ms

Script
application/javascript

2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@4.2.1/dist/web-vitals.iife.js

Requested by

Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/

Protocol

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf7f9b0dd938575c72ff1592ea18e7ab9bc53ff8838a38c8484c10f5d9be7fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1309464
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J1NC9S42WMVRE2QHZX1CCXRJ-fra
server: cloudflare
etag: "1c0c-hOpjVE2mSiNVJWsLrpc64ergTOY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a3dad9a89072c42-FRA

Redirect headers

date: Mon, 15 Jul 2024 23:54:31 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J2WCVFVNBMPC57W56D1TTGJS-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 261
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@4.2.1/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8a3dad9a68ef2c42-FRA

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 211 KB
76 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-12366623&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHZ5FZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ddb878c1d9e7082ffb60bec5e8bf8fb5882e3423bc29ae3cc845aced2a7f27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77989
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 22:56:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Jul 2024 23:54:31 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 238 KB
85 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-988050808&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHZ5FZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9303a9e2fb454e9bc1aa8893ef150ac02b9c29ec50873a3682dd528702fae23c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86769
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 22:56:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Jul 2024 23:54:31 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 242 KB
86 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1037843218&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHZ5FZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

697c2f3da32ea41c76560e57bd6b1fbaf977fa9eea2e3f06563113c9617f7756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87749
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 22:56:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Jul 2024 23:54:31 GMT

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 22 KB
7 KB 135ms
107ms Script
text/javascript 52.28.154.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.28.154.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-154-160.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: fa5cc62f4845a4c6575690744f3772f3d076cf89d18fe9b6183c4b4741cfb7d1

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Jul 2024 23:54:31 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

POST
H2 200 f060c2ff-831d-4523-ad6f-621d4fb45763 Show response
api.uxtweak.com/snippet/ 2 B
741 B 155ms
40ms XHR
application/json 52.48.79.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.uxtweak.com/snippet/f060c2ff-831d-4523-ad6f-621d4fb45763

Requested by

Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.79.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-79-92.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https://recruit.uxtweak.com;
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://recruit.uxtweak.com
X-Xss-Protection	1; mode=block

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
content-security-policy: default-src * 'unsafe-inline'; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https://recruit.uxtweak.com;
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: ALLOW-FROM https://recruit.uxtweak.com
content-type: application/json; charset=utf-8
access-control-allow-origin: https://savingplaces.production.nthp.vigetx.com
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
102 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0Y4H4RFKN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHZ5FZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c11f4d3b4eff4408f17ac4406bf1b64eaff0e431a7581412e6ae9f5e5028194c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104468
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 Jul 2024 23:54:31 GMT

GET
H2

200

activityi;dc_pre=CNfUqZqfqocDFUpGkQUdqb4JZw;src=12366623;type=remar0;cat=websi0;ord=1;num=348986753090;npa=1;auiddc=1202362093.1721087671;ps=1;pcor=933203524;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...
12366623.fls.doubleclick.net/ Frame 60CC
Redirect Chain

https://12366623.fls.doubleclick.net/activityi;src=12366623;type=remar0;cat=websi0;ord=1;num=348986753090;npa=1;auiddc=1202362093.1721087671;ps=1;pcor=933203524;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
https://12366623.fls.doubleclick.net/activityi;dc_pre=CNfUqZqfqocDFUpGkQUdqb4JZw;src=12366623;type=remar0;cat=websi0;ord=1;num=348986753090;npa=1;auiddc=1202362093.1721087671;ps=1;pcor=933203524;ua...

0
0

82ms
81ms

Document
text/html

216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12366623.fls.doubleclick.net/activityi;dc_pre=CNfUqZqfqocDFUpGkQUdqb4JZw;src=12366623;type=remar0;cat=websi0;ord=1;num=348986753090;npa=1;auiddc=1202362093.1721087671;ps=1;pcor=933203524;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9190899351z86574497za201zb6574497;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsavingplaces.production.nthp.vigetx.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12366623&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 366
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jul 2024 23:54:31 GMT
expires: Mon, 15 Jul 2024 23:54:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jul 2024 23:54:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12366623.fls.doubleclick.net/activityi;dc_pre=CNfUqZqfqocDFUpGkQUdqb4JZw;src=12366623;type=remar0;cat=websi0;ord=1;num=348986753090;npa=1;auiddc=1202362093.1721087671;ps=1;pcor=933203524;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9190899351z86574497za201zb6574497;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsavingplaces.production.nthp.vigetx.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=12366623;type=remar0;cat=websi0;ord=1;num=348986753090;npa=1;auiddc=1202362093.1721087671;ps=1;pcor=933203524;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=...
ad.doubleclick.net/ 0
23 B 80ms
44ms Image
image/png 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=12366623;type=remar0;cat=websi0;ord=1;num=348986753090;npa=1;auiddc=1202362093.1721087671;ps=1;pcor=933203524;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9190899351z86574497za201zb6574497;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsavingplaces.production.nthp.vigetx.com%2F?

Requested by

Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jul 2024 23:54:31 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"3370593496481092671"}],"aggregatable_trigger_data":[{"filters":[{"14":["13134814"]}],"key_piece":"0x297c84cb8baeea05","source_keys":["12","13","14","15","16","17","18","19","20","21","14961212","14961213","14961214","14961215","628761788","628761789","628761790","628761791","638135380","638135381","638135382","638135383"]},{"key_piece":"0xe3d11187edaa8f72","not_filters":{"14":["13134814"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","14961212","14961213","14961214","14961215","628761788","628761789","628761790","628761791","638135380","638135381","638135382","638135383"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"14961212":655,"14961213":655,"14961214":655,"14961215":63569,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628761788":65,"628761789":65,"628761790":65,"628761791":6356,"638135380":218,"638135381":218,"638135382":218,"638135383":21189},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"11844164579033983313","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"3370593496481092671","filters":[{"14":["13134814"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"3370593496481092671","filters":[{"14":["13134814"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"3370593496481092671","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"3370593496481092671","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12366623"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 156ms
126ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=6844e7db-dc52-475c-81b8-c5b2b2fd60cb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e29a15bd-ee2b-4433-a5a8-4083beff3796&tw_document_href=https%3A%2F%2Fsavingplaces.production.nthp.vigetx.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nze8g&type=javascript&version=2.3.30

Requested by

Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 109
date: Mon, 15 Jul 2024 23:54:31 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c53dd4404ea98a28
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 1bedc98a33b13130e01bb11ee1422b5fd077aa8fb7f5d58c0df0fc63b0c7954a
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 260ms
208ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6844e7db-dc52-475c-81b8-c5b2b2fd60cb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e29a15bd-ee2b-4433-a5a8-4083beff3796&tw_document_href=https%3A%2F%2Fsavingplaces.production.nthp.vigetx.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nze8g&type=javascript&version=2.3.30

Requested by

Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 190
date: Mon, 15 Jul 2024 23:54:30 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: d5166bbfa059de82
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: fee68b7d53c10762357147e7800629fa6eced8d5d8eb8824c4cc3ccc7eba51c1
content-length: 43

GET
H2 200 1006268026158193 Show response
connect.facebook.net/signals/config/ 60 KB
13 KB 141ms
141ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1006268026158193?v=2.9.161&r=stable&domain=savingplaces.production.nthp.vigetx.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f44ea0fcc3fd7a1a9c42dc29dac7d7269b3ded7b1e0ff957242b1f71df146f15

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 15 Jul 2024 23:54:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=64, mss=1328, tbw=64174, tp=-1, tpl=-1, uplat=117, ullat=0
pragma: public
x-fb-debug: ba8hO0mwcjJJz1XJLan/Eo3U83grJWcjJJzcDhVK0uR7vWIiehOVHuCM/MlKUd+1qYZtX/8gHT+1LxXC8xPHWg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 52ms
18ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Z0Y4H4RFKN&gtm=45je4790v872264017z86574497za200zb6574497&_p=1721087671259&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1601585364.1721087672&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721087671&sct=1&seg=0&dl=https%3A%2F%2Fsavingplaces.production.nthp.vigetx.com%2F&dt=%40SavingPlaces%20%7C%20National%20Trust%20for%20Historic%20Preservation&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=912&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0Y4H4RFKN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jul 2024 23:54:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://savingplaces.production.nthp.vigetx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
271 B 77ms
23ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Z0Y4H4RFKN&cid=1601585364.1721087672&gtm=45je4790v872264017z86574497za200zb6574497&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0Y4H4RFKN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jul 2024 23:54:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://savingplaces.production.nthp.vigetx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 42ms
22ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Z0Y4H4RFKN&cid=1601585364.1721087672&gtm=45je4790v872264017z86574497za200zb6574497&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1&npa=1&frm=0&z=1779679897

Requested by

Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jul 2024 23:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 26339499.js Show response
bat.bing.com/p/action/ 334 B
415 B 39ms
39ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26339499.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

08a70bbce72580774f43a559d6e8f338acb64136e2c102ad2e0b5b1c1766ce16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 15 Jul 2024 23:54:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 70A3F357F5194AB4BA5CDE6577EC303C Ref B: FRAEDGE1407 Ref C: 2024-07-15T23:54:31Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 106ms
105ms Stylesheet
text/css 52.28.154.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.28.154.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-154-160.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ca10329c91465a57091b3b33c53beaa7c54627c9074b3b8094ffb117643fc8d0

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Jul 2024 23:54:31 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 120ms
98ms Fetch
image/jpeg 52.28.154.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.28.154.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-154-160.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Jul 2024 23:54:31 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 204 0
bat.bing.com/action/ 0
177 B 36ms
35ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26339499&tm=gtm002&Ver=2&mid=1035c089-60d8-4e53-90fa-6aebd2bfabc7&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=%40SavingPlaces%20%7C%20National%20Trust%20for%20Historic%20Preservation&p=https%3A%2F%2Fsavingplaces.production.nthp.vigetx.com%2F&r=&lt=752&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=611315

Requested by

Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 15 Jul 2024 23:54:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A51703BF3A4F4293B2FD385C143288CA Ref B: FRAEDGE1407 Ref C: 2024-07-15T23:54:31Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 21ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1006268026158193&ev=PageView&dl=https%3A%2F%2Fsavingplaces.production.nthp.vigetx.com%2F&rl=&if=false&ts=1721087671685&sw=1600&sh=1200&v=2.9.161&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1721087671684.101853753665328403&ler=empty&cdl=API_unavailable&it=1721087671527&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET

Requested by

Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2795, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 15 Jul 2024 23:54:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 189ms
175ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1006268026158193&ev=PageView&dl=https%3A%2F%2Fsavingplaces.production.nthp.vigetx.com%2F&rl=&if=false&ts=1721087671685&sw=1600&sh=1200&v=2.9.161&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1721087671684.101853753665328403&ler=empty&cdl=API_unavailable&it=1721087671527&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=FGET

Requested by

Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x11e30917a2a14b31","source_keys":["1","2"]},{"key_piece":"0xba4b960ba34620b1","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 15 Jul 2024 23:54:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7392015260684295910", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=10, mss=1328, tbw=3112, tp=-1, tpl=-1, uplat=167, ullat=0
pragma: no-cache
x-fb-debug: aHF33yBaOWf/MpkrxFYGjeWkuRI+i/k7RJS30mRJGxpeS8ZMRuU3N08fjfYZvP9RyQfGO2PmoDAXE/fWAefWWg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7392015260684295910"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
304 B 98ms
98ms XHR
text/plain 52.28.154.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=7KG0920UIMx0qtutU5WlBA&is_js=true&landing_url=https%3A%2F%2Fsavingplaces.production.nthp.vigetx.com%2F&t=%40SavingPlaces%20%7C%20National%20Trust%20for%20Historic%20Preservation&tip=vCp_dNHE2M5Y_dV6xi8fVsXlHCybB84xFEb69mn9tE0&host=https%3A%2F%2Fsavingplaces.production.nthp.vigetx.com&sa_conv_data_css_value=%270-d1109c2f-59e9-5b7c-61fc-9a5eb1c2dc02%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9d1109c2f59e95b7c61fc9a5eb1c2dc022d8d984b&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIPEkS1ApquhhnI4Kv0xO6haxza_IBHBewIsjPnegBRouENYBGAQgt-3WtAYwAToErI9ciEIE9DzjTA.MHQHO3%252FaXEggKEvKchaJ%252FL1ncStF6PXzrG1PuvECUBo&sa-user-id-v2=s%253A0RCcL1npW3xh_JpescLcAi2NmEs.%252BEa0BZPOdw7tAGki532ZJWFjHrTeLKHFmbM9NccovzI&sa-user-id=s%253A0-d1109c2f-59e9-5b7c-61fc-9a5eb1c2dc02.MCYyDugaqtYVOmMzPBH69YHZJ9YcFGmCJdMQbpmsLao
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.28.154.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-154-160.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://savingplaces.production.nthp.vigetx.com
date: Mon, 15 Jul 2024 23:54:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 94
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 68ms
14ms Script
application/x-javascript 2600:9000:2646:2000:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: savingplaces.production.nthp.vigetx.com
URL: https://savingplaces.production.nthp.vigetx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:2000:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 16:20:20 GMT
content-encoding: gzip
via: 1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 00:13:00 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 27251
etag: W/"665fad8c-9895"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: pVAvDqlZo26_2DmkvVNBHG-bTEHMBxfYQ29fRpoDoT7c4gAyQh5mag==
expires: Tue, 16 Jul 2024 16:20:20 GMT

GET
H2 200 favicon-32x32.png
savingplaces.production.nthp.vigetx.com/ 3 KB
3 KB 100ms
99ms Other
image/png 34.236.116.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://savingplaces.production.nthp.vigetx.com/favicon-32x32.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.236.116.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-116-142.compute-1.amazonaws.com

Software

nginx /

Resource Hash

634b7fd8fd42e5d87afe57ebc1ff689574217d7946c57605d628ad6f6dcd1e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Frame-Options	allow-from https://nthp.maps.arcgis.com

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:54:31 GMT
strict-transport-security: max-age=63072000; preload
last-modified: Mon, 06 May 2024 14:20:38 GMT
server: nginx
etag: "6638e736-b18"
x-frame-options: allow-from https://nthp.maps.arcgis.com
content-type: image/png
accept-ranges: bytes
content-length: 2840

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 314ms
91ms Image
image/gif 3.225.63.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=savingplaces.org&p=%2F&u=DAy6-HDnAv2oCdWzrA&d=savingplaces.production.nthp.vigetx.com&g=64870&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5504&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fsavingplaces.production.nthp.vigetx.com%2F&b=1240&t=BUifB6CqzUzPB8Zp3vBLRo0JDOgLbs&V=147&i=%40SavingPlaces%20%7C%20National%20Trust%20for%20Historic%20Preservation&tz=-120&sn=1&sv=bL6cd_ok1ED9Q7rorQpVGB9-1Om&sr=external&sd=1&im=06132c43&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.63.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-63-64.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://savingplaces.production.nthp.vigetx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 15 Jul 2024 23:54:32 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vigetx.com/	1970-01-21 00:14:23	Name: _gcl_au Value: 1.1.1202362093.1721087671
savingplaces.production.nthp.vigetx.com/	1969-12-31 23:59:59	Name: _savingplaces_session Value: TFlKZURyc092TklPdW9aVnNBV2kvYkxQWHFRTGRVNTJWUW94eVRQZEo3M2pWQ1RuMk02UWhubG9TSUNUVDN0TkplR0FNNU05a0QrMjVUdnVSNkJKMTBHamtEaHpJTDc1TFZWV1JJcGJLbVhlTlhadHNSSDlpMHY4VEhGRURwOUd2RWcyS3Faa0ZGVmE0WU8vblFPdEFBPT0tLUFWSE1jekV5SUkvQ3E5cWsxNVRyQWc9PQ%3D%3D--ee847cc70a75a479b31cb30f90572fd98db5f5ab
tags.srv.stackadapt.com/	1970-01-21 06:50:23	Name: sa-user-id Value: s%3A0-d1109c2f-59e9-5b7c-61fc-9a5eb1c2dc02.MCYyDugaqtYVOmMzPBH69YHZJ9YcFGmCJdMQbpmsLao
.srv.stackadapt.com/	1970-01-21 06:50:23	Name: sa-user-id Value: s%3A0-d1109c2f-59e9-5b7c-61fc-9a5eb1c2dc02.MCYyDugaqtYVOmMzPBH69YHZJ9YcFGmCJdMQbpmsLao
tags.srv.stackadapt.com/	1970-01-21 06:50:23	Name: sa-user-id-v2 Value: s%3A0RCcL1npW3xh_JpescLcAi2NmEs.%2BEa0BZPOdw7tAGki532ZJWFjHrTeLKHFmbM9NccovzI
.srv.stackadapt.com/	1970-01-21 06:50:23	Name: sa-user-id-v2 Value: s%3A0RCcL1npW3xh_JpescLcAi2NmEs.%2BEa0BZPOdw7tAGki532ZJWFjHrTeLKHFmbM9NccovzI
tags.srv.stackadapt.com/	1970-01-21 06:50:23	Name: sa-user-id-v3 Value: s%3AAQAKIPEkS1ApquhhnI4Kv0xO6haxza_IBHBewIsjPnegBRouENYBGAQgt-3WtAYwAToErI9ciEIE9DzjTA.MHQHO3%2FaXEggKEvKchaJ%2FL1ncStF6PXzrG1PuvECUBo
.srv.stackadapt.com/	1970-01-21 06:50:23	Name: sa-user-id-v3 Value: s%3AAQAKIPEkS1ApquhhnI4Kv0xO6haxza_IBHBewIsjPnegBRouENYBGAQgt-3WtAYwAToErI9ciEIE9DzjTA.MHQHO3%2FaXEggKEvKchaJ%2FL1ncStF6PXzrG1PuvECUBo
.vigetx.com/	1970-01-21 07:40:47	Name: _ga_Z0Y4H4RFKN Value: GS1.1.1721087671.1.0.1721087671.60.0.0
.vigetx.com/	1970-01-21 07:40:47	Name: _ga Value: GA1.1.1601585364.1721087672
savingplaces.production.nthp.vigetx.com/	1970-01-21 06:50:23	Name: sa-user-id Value: s%253A0-d1109c2f-59e9-5b7c-61fc-9a5eb1c2dc02.MCYyDugaqtYVOmMzPBH69YHZJ9YcFGmCJdMQbpmsLao
savingplaces.production.nthp.vigetx.com/	1970-01-21 06:50:23	Name: sa-user-id-v2 Value: s%253A0RCcL1npW3xh_JpescLcAi2NmEs.%252BEa0BZPOdw7tAGki532ZJWFjHrTeLKHFmbM9NccovzI
savingplaces.production.nthp.vigetx.com/	1970-01-21 06:50:23	Name: sa-user-id-v3 Value: s%253AAQAKIPEkS1ApquhhnI4Kv0xO6haxza_IBHBewIsjPnegBRouENYBGAQgt-3WtAYwAToErI9ciEIE9DzjTA.MHQHO3%252FaXEggKEvKchaJ%252FL1ncStF6PXzrG1PuvECUBo
.doubleclick.net/	1970-01-20 22:47:59	Name: ar_debug Value: 1
.t.co/	1970-01-21 07:40:47	Name: muc_ads Value: 63d67f25-95ce-4bb6-a091-0fa09179fbc6
.doubleclick.net/	1970-01-21 07:26:23	Name: IDE Value: AHWqTUk2jRiLuT9ONHdN_cSAbHG1Qj2uCs2vXTihlvx2R7VBr1Ystadlxzb-N5hbEEM
.doubleclick.net/	1970-01-21 02:23:59	Name: receive-cookie-deprecation Value: 1
.vigetx.com/	1970-01-21 00:14:23	Name: _fbp Value: fb.1.1721087671684.101853753665328403
.twitter.com/	1970-01-21 07:40:47	Name: personalization_id Value: "v1_WObmmPmGFl9DiMLgG3UboA=="
.vigetx.com/	1970-01-21 07:33:35	Name: _cb Value: DAy6-HDnAv2oCdWzrA
.vigetx.com/	1970-01-21 07:33:35	Name: _chartbeat2 Value: .1721087671950.1721087671950.1.bL6cd_ok1ED9Q7rorQpVGB9-1Om.1
.vigetx.com/	1970-01-20 22:04:49	Name: _cb_svref Value: external

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://nthp.maps.arcgis.com
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12366623.fls.doubleclick.net
ad.doubleclick.net
analytics.twitter.com
api.uxtweak.com
bat.bing.com
cdn.savingplaces.org
connect.facebook.net
ping.chartbeat.net
region1.analytics.google.com
savingplaces.production.nthp.vigetx.com
static.ads-twitter.com
static.chartbeat.com
stats.g.doubleclick.net
t.co
tags.srv.stackadapt.com
unpkg.com
www.facebook.com
www.google.de
www.googletagmanager.com
104.244.42.3
142.250.185.166
146.75.120.157
2001:4860:4802:32::36
216.58.212.134
2600:9000:206f:1000:1c:9a14:86c0:93a1
2600:9000:2646:2000:18:1fcd:354:4b41
2606:4700::6811:f6cb
2620:1ec:c11::237
2a00:1450:4001:81d::2003
2a00:1450:4001:827::2008
2a00:1450:400c:c00::9c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.225.63.64
34.236.116.142
52.28.154.160
52.48.79.92
93.184.221.165
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
08a70bbce72580774f43a559d6e8f338acb64136e2c102ad2e0b5b1c1766ce16
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
4c9bc5d2774c1bb0e5223b1df0334e89d23207a0cb61134e096fad13084162ea
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
569007a5d025f4caa8243762fbe4b33f307e96b78dfb733981b912b83b7b723b
58a1a7504433c250b15bc8d03e634b08e5e44ad7701b38501100ee4592bfcbee
634b7fd8fd42e5d87afe57ebc1ff689574217d7946c57605d628ad6f6dcd1e40
655dad10c1b4fcd367299ead416869c1dc8a399c1da648cda7ca7a9aa118fc5a
697c2f3da32ea41c76560e57bd6b1fbaf977fa9eea2e3f06563113c9617f7756
6ddb878c1d9e7082ffb60bec5e8bf8fb5882e3423bc29ae3cc845aced2a7f27b
8e024aa987a21b2a2f5f7a75734608bc9556e5f6b5c32f643b82dba0aa9c7fff
9303a9e2fb454e9bc1aa8893ef150ac02b9c29ec50873a3682dd528702fae23c
a149a6dc97d8269d407f42b4419ea5f37b2dba437f4e51c654590e8f02deb0c8
aa36071e182f9fbcb53e4bfaf9c9b567464e51b48363c4b7167705ce3814b85b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad43348815691f20283a9117b9e8b5394224bd4500d32e450eee15c1ceaface9
adf7f9b0dd938575c72ff1592ea18e7ab9bc53ff8838a38c8484c10f5d9be7fd
b0fab0c42555a4552556a78d9041196e7287b2ee9e0eeca6e65ed3ad3ae9593d
c11f4d3b4eff4408f17ac4406bf1b64eaff0e431a7581412e6ae9f5e5028194c
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
ca10329c91465a57091b3b33c53beaa7c54627c9074b3b8094ffb117643fc8d0
ce1cd4fccede54dfaa99e64695e387b9172c780a3d43f7d00dde83f759c276e5
cf27183b9f801d9ecc2e23803f80d2f187afafc9ebc248876809c0705b0432c3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1981fc0715329149ada8c239a56b432e818011b876f0eddd9dfcce676310821
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4113998697625677a79327e5d266100b35a37d786146144ad44de3167f45df7
e9bc94e9b2ca35fdd5b872aaa72080f1533789d9168290b5b0093d885abb5dac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f44ea0fcc3fd7a1a9c42dc29dac7d7269b3ded7b1e0ff957242b1f71df146f15
fa237e7c877d0b075f069086189e371a18b3e5045d4194176095f2a79cfb5c13
fa5cc62f4845a4c6575690744f3772f3d076cf89d18fe9b6183c4b4741cfb7d1
fc74bd6610f9d2f493cdfdd7ec3773def4c0f8db0a803ddab4308ba5f5ddbbb5
feab57a9e5e5088b4dc09ce802446a8d87840d4b4e1205f8f89198e578703c8c

savingplaces.production.nthp.vigetx.com Open in urlscan Pro 34.236.116.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

98 %HTTPS

53 %IPv6

17 Domains

19 Subdomains

19 IPs

5 Countries

1235 kBTransfer

2772 kBSize

22 Cookies

11 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

savingplaces.production.nthp.vigetx.com Open in urlscan Pro
34.236.116.142 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

98 %
HTTPS

53 %
IPv6

17
Domains

19
Subdomains

19
IPs

5
Countries

1235 kB
Transfer

2772 kB
Size

22
Cookies

45 HTTP transactions
0 data transactions