secured.heritage.org Open in urlscan Pro
2606:4700:10::6814:28f0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paracom.paramountcommunication.com/ct/54529193:WWbYCBvNA:m:1:2209800031:EE7DDFED292CB511ECDEEC7B6653ECBA:r
Effective URL:
https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content...
Submission: On March 02 via manual (March 2nd 2020, 5:48:59 pm UTC) from US

Summary HTTP 66 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 6 countries across 19 domains to perform 66 HTTP transactions. The main IP is 2606:4700:10::6814:28f0, located in United States and belongs to CLOUDFLARENET, US. The main domain is secured.heritage.org.
TLS certificate: Issued by Thawte EV RSA CA 2018 on May 17th 2019. Valid for: a year.

This is the only time secured.heritage.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.10.83.209 52.10.83.209	16509 (AMAZON-02) (AMAZON-02)
16	2606:4700:10:... 2606:4700:10::6814:28f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.112.176 151.101.112.176	54113 (FASTLY) (FASTLY)
1 3	2a00:1450:400... 2a00:1450:4001:825::2004	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:10c... 2a02:26f0:10c:399::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
66	16

1 52.10.83.209 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-83-209.us-west-2.compute.amazonaws.com

paracom.paramountcommunication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:10::6814:28f0 (United States)

ASN13335 (CLOUDFLARENET, US)

secured.heritage.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:399::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	heritage.org secured.heritage.org	139 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	158 KB
3	google-analytics.com 1 redirects www.google-analytics.com	45 KB
3	google.com 1 redirects www.google.com	885 B
3	stripe.com js.stripe.com	21 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	facebook.com www.facebook.com	499 B
2	facebook.net connect.facebook.net	142 KB
2	google.de www.google.de	219 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
2	bing.com bat.bing.com	7 KB
2	googletagmanager.com www.googletagmanager.com	29 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com netdna.bootstrapcdn.com	15 KB
1	bizographics.com sjs.bizographics.com	2 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	paramountcommunication.com 1 redirects paracom.paramountcommunication.com	838 B
0	optimizely.com Failed cdn.optimizely.com Failed
0	marketo.net Failed munchkin.marketo.net Failed
0	linkedin.com Failed px.ads.linkedin.com Failed
66	19

	Domain	Requested by
16	secured.heritage.org	secured.heritage.org
5	fonts.gstatic.com	secured.heritage.org
3	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com
3	www.google.com	1 redirects secured.heritage.org www.gstatic.com
3	js.stripe.com	secured.heritage.org js.stripe.com
3	fonts.googleapis.com	secured.heritage.org
2	www.facebook.com	secured.heritage.org
2	connect.facebook.net	secured.heritage.org connect.facebook.net
2	www.google.de	secured.heritage.org
2	bat.bing.com	www.googletagmanager.com secured.heritage.org
2	www.googletagmanager.com	secured.heritage.org
1	www.gstatic.com	www.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	1 redirects
1	sjs.bizographics.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	netdna.bootstrapcdn.com	secured.heritage.org
1	maxcdn.bootstrapcdn.com	secured.heritage.org
1	paracom.paramountcommunication.com	1 redirects
0	cdn.optimizely.com Failed	www.googletagmanager.com
0	munchkin.marketo.net Failed	www.googletagmanager.com
0	px.ads.linkedin.com Failed	secured.heritage.org
66	22

This site contains links to these domains. Also see Links.

Domain
www.myheritage.org
heritageaction.com

Subject Issuer	Validity	Valid
secured.heritage.org Thawte EV RSA CA 2018	`2019-05-17` - `2020-07-15`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2020-02-12` - `2020-06-03`	4 months	crt.sh
www.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2018-04-13` - `2020-04-17`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Frame ID: 2FDCD37C5AC1BD6362947EF1AD59F127
Requests: 63 HTTP requests in this frame

Frame: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fsecured.heritage.org&stripe_xdm_c=default533353&stripe_xdm_p=1
Frame ID: C3523603B4DD934C3D03EB14ED6332DC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetGrgUAAAAAOhcw8UgeMraDxTV4cnuw__SZdWZ&co=aHR0cHM6Ly9zZWN1cmVkLmhlcml0YWdlLm9yZzo0NDM.&hl=en&v=61bII03-TtCmSUR7dw9MJF9q&size=invisible&cb=p87g74qszdg1
Frame ID: 545E7810BDA1F7CC1D8C9541AA93EEF3
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v2/m/outer.html
Frame ID: 110281A2D540C5086F571E85D9B70C29
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://paracom.paramountcommunication.com/ct/54529193:WWbYCBvNA:m:1:2209800031:EE7DDFED292CB511ECDEEC7B6653ECBA:r HTTP 302
https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=pro... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Visual Website Optimizer (Analytics) Expand

Overall confidence: 100%
Detected patterns

html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

66
Requests

71 %
HTTPS

82 %
IPv6

19
Domains

22
Subdomains

16
IPs

6
Countries

572 kB
Transfer

1871 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.myheritage.org/campaign/state-disclosure/
Title: State Registration Disclosures

Search URL Search Domain Scan URL

URL: http://heritageaction.com/state-registrations/
Title: State Registration Disclosures

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paracom.paramountcommunication.com/ct/54529193:WWbYCBvNA:m:1:2209800031:EE7DDFED292CB511ECDEEC7B6653ECBA:r HTTP 302
https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1352173757&t=pageview&_s=1&dl=https%3A%2F%2Fsecured.heritage.org%2F_2019%2Fjoin-heritage%2F%3Futm_campaign%3Dmembership%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DDaly_RR&ul=en-us&de=UTF-8&dt=Join%20the%20Heritage%20Foundation%20%E2%80%93%202019%20Treatment%20%7C%20The%20Heritage%20Foundation&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEADQ~&jid=941398811&gjid=694611075&cid=1643068866.1583171322&tid=UA-1393129-30&_gid=1875669064.1583171322&_r=1&gtm=2wg2j0M7B3LZV&z=263233058 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1393129-30&cid=1643068866.1583171322&jid=941398811&_gid=1875669064.1583171322&gjid=694611075&_v=j81&z=263233058 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1393129-30&cid=1643068866.1583171322&jid=941398811&_v=j81&z=263233058 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1393129-30&cid=1643068866.1583171322&jid=941398811&_v=j81&z=263233058&slf_rd=1&random=844990688

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
secured.heritage.org/_2019/join-heritage/
Redirect Chain

http://paracom.paramountcommunication.com/ct/54529193:WWbYCBvNA:m:1:2209800031:EE7DDFED292CB511ECDEEC7B6653ECBA:r
https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

47 KB
11 KB

681ms
518ms

Document
text/html

2606:4700:10::6814:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc66f77054620d441a9b3f6438745395e85265886cd7433195e60c107a2fcba0

Request headers

:method: GET
:authority: secured.heritage.org
:scheme: https
:path: /_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 02 Mar 2020 17:48:40 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d358e3ecb39b7fd0a4830a4f4ef965add1583171320; expires=Wed, 01-Apr-20 17:48:40 GMT; path=/; domain=.heritage.org; HttpOnly; SameSite=Lax LB-Persist=!NaozPjJCn7ljvWbsRjndrbgI2S90RbphiLADac9/3by9sm+F1+NKItBfbxADW8yLV4RboR1GdJVTAQ==; path=/
vary: Accept-Encoding
link: <https://secured.heritage.org/wp-json/>; rel="https://api.w.org/" <https://secured.heritage.org/?p=12557>; rel=shortlink
server-id: WW2.PROD
content-encoding: gzip
cf-cache-status: BYPASS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56dcf330ca47175a-FRA

Redirect headers

Date: Mon, 02 Mar 2020 17:48:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 238
Connection: keep-alive
Set-Cookie: AWSALB=5I6kfgmhbwGVkyTfRucn7876LS/56rpBr8SgXnGFQ74Y9TAbYMT8Z6gyRhEAKlSaPLRWfHymZAi48W7giALLVAsaI9wLnXWcZtxzLbZ/xiYIeJTWkIXL74cXD4qm; Expires=Mon, 09 Mar 2020 17:48:40 GMT; Path=/ AWSALBCORS=5I6kfgmhbwGVkyTfRucn7876LS/56rpBr8SgXnGFQ74Y9TAbYMT8Z6gyRhEAKlSaPLRWfHymZAi48W7giALLVAsaI9wLnXWcZtxzLbZ/xiYIeJTWkIXL74cXD4qm; Expires=Mon, 09 Mar 2020 17:48:40 GMT; Path=/; SameSite=None
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
AMFplus-Ver: 1.4.0.0
Cache-Control: no-cache
Pragma: no-cache
Location: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Content-Encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 7 KB
803 B 106ms
49ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d00255a582d67e7d1061097b97f939b3d4e4bd48c31e6e0fd1cdf3d2f271ab63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 02 Mar 2020 17:48:41 GMT
server: ESF
date: Mon, 02 Mar 2020 17:48:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Mar 2020 17:48:41 GMT

GET
H2 200 bootstrap.min.css
secured.heritage.org/wp-content/themes/secured/_css/ 114 KB
19 KB 622ms
565ms Stylesheet
text/css 2606:4700:10::6814:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.heritage.org/wp-content/themes/secured/_css/bootstrap.min.css
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d77ffa18764e98bed1fe2b7a7423a58ce0d67c294c60ffd881f0f690bbbf4ee

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

pragma: public
date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 16 Dec 2019 21:03:58 GMT
server: cloudflare
etag: W/"5df7f13e-1c99f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1209600, public
cf-ray: 56dcf334fe0d175a-FRA
expires: Mon, 16 Mar 2020 17:48:41 GMT

GET
H2 200 style.css
secured.heritage.org/wp-content/themes/secured/ 76 KB
14 KB 534ms
479ms Stylesheet
text/css 2606:4700:10::6814:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.heritage.org/wp-content/themes/secured/style.css
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07fcd4f0a4d27c83589748e10580f37fc364c1874c7209c29b65a6c6e17c9b6a

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

pragma: public
date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 16 Dec 2019 21:03:59 GMT
server: cloudflare
etag: W/"5df7f13f-130d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1209600, public
cf-ray: 56dcf334fe10175a-FRA
expires: Mon, 16 Mar 2020 17:48:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
690 B 101ms
47ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700&ver=5.2.2

Requested by

Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00838395cd8b377d7164786319e394a09e9002e048ecb8651c1d7ba94b2d65a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 02 Mar 2020 17:48:41 GMT
server: ESF
date: Mon, 02 Mar 2020 17:48:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Mar 2020 17:48:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
642 B 90ms
38ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C400italic%2C700%2C700italic&ver=5.2.2

Requested by

Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 02 Mar 2020 17:48:41 GMT
server: ESF
date: Mon, 02 Mar 2020 17:48:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Mar 2020 17:48:41 GMT

GET
H2 200 style.min.css
secured.heritage.org//wp-includes/css/dist/block-library/ 29 KB
5 KB 533ms
483ms Stylesheet
text/css 2606:4700:10::6814:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.heritage.org//wp-includes/css/dist/block-library/style.min.css?ver=5.2.2
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

pragma: public
date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 16 Dec 2019 21:03:59 GMT
server: cloudflare
etag: W/"5df7f13f-726f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1209600, public
cf-ray: 56dcf334fe12175a-FRA
expires: Mon, 16 Mar 2020 17:48:41 GMT

GET
H2 200 video-js.min.css
secured.heritage.org/wp-content/plugins/videojs-html5-player/videojs/ 32 KB
9 KB 527ms
477ms Stylesheet
text/css 2606:4700:10::6814:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.heritage.org/wp-content/plugins/videojs-html5-player/videojs/video-js.min.css?ver=5.2.2
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5f27684cdabf14f880903abadbda42e6fb03a46508596923ad5d412ac123410

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

pragma: public
date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 16 Dec 2019 21:03:58 GMT
server: cloudflare
etag: W/"5df7f13e-7f5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1209600, public
cf-ray: 56dcf334fe14175a-FRA
expires: Mon, 16 Mar 2020 17:48:41 GMT

GET
H2 200 plugin.styles.css
secured.heritage.org/wp-content/plugins/wp-comment-fields/ 22 B
176 B 445ms
400ms Stylesheet
text/css 2606:4700:10::6814:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.heritage.org/wp-content/plugins/wp-comment-fields/plugin.styles.css?ver=5.2.2
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc58f389596fca7bf0b80a914df1ed2ca6cb46564afce1a59647c5a411670225

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

pragma: public
date: Mon, 02 Mar 2020 17:48:41 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 16 Dec 2019 21:03:58 GMT
server: cloudflare
etag: "5df7f13e-16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1209600, public
accept-ranges: bytes
cf-ray: 56dcf334fe16175a-FRA
content-length: 22
expires: Mon, 16 Mar 2020 17:48:41 GMT

GET
H2 200 bootstrap-grid.css
secured.heritage.org/wp-content/plugins/wp-comment-fields/assets/css/ 52 KB
7 KB 537ms
494ms Stylesheet
text/css 2606:4700:10::6814:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.heritage.org/wp-content/plugins/wp-comment-fields/assets/css/bootstrap-grid.css?ver=5.2.2
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a74ed85c97537594bfe3272093ee95f5181de9c38990b3e41ffe9b833b28fd96

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

pragma: public
date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 16 Dec 2019 21:03:58 GMT
server: cloudflare
etag: W/"5df7f13e-cf6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1209600, public
cf-ray: 56dcf334fe18175a-FRA
expires: Mon, 16 Mar 2020 17:48:41 GMT

GET
H2 200 parallax.min.js Show response
secured.heritage.org/wp-content/themes/secured/_js/ 6 KB
2 KB 430ms
391ms Script
application/javascript 2606:4700:10::6814:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.heritage.org/wp-content/themes/secured/_js/parallax.min.js?ver=5.2.2
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f478a91163c4b569e5bc2a46a2ca28bff93e2772912aa186f8ab0e4778c7172

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: public
date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 16 Dec 2019 21:03:59 GMT
server: cloudflare
etag: W/"5df7f13f-17b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600, public
cf-ray: 56dcf334fe19175a-FRA
expires: Mon, 02 Mar 2020 18:48:41 GMT

GET
H2 200 jquery.js Show response
secured.heritage.org//wp-includes/js/jquery/ 95 KB
33 KB 699ms
665ms Script
application/javascript 2606:4700:10::6814:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.heritage.org//wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: public
date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 16 Dec 2019 21:03:59 GMT
server: cloudflare
etag: W/"5df7f13f-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600, public
cf-ray: 56dcf334fe1b175a-FRA
expires: Mon, 02 Mar 2020 18:48:41 GMT

GET
H2 200 jquery-migrate.min.js Show response
secured.heritage.org//wp-includes/js/jquery/ 10 KB
4 KB 520ms
488ms Script
application/javascript 2606:4700:10::6814:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.heritage.org//wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: public
date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 16 Dec 2019 21:03:59 GMT
server: cloudflare
etag: W/"5df7f13f-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600, public
cf-ray: 56dcf334fe1c175a-FRA
expires: Mon, 02 Mar 2020 18:48:41 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.2/js/ 35 KB
9 KB 41ms
9ms Script
text/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/js/bootstrap.min.js?ver=5.2.2
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
access-control-allow-origin: *
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 9407

GET
H2 200 modernizr.js Show response
secured.heritage.org/wp-content/themes/secured/_js/ 49 KB
15 KB 592ms
563ms Script
application/javascript 2606:4700:10::6814:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.heritage.org/wp-content/themes/secured/_js/modernizr.js?ver=5.2.2
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9ed55e76e18c41069e635a88c37648b50b8cb39fb5862fa2d129661931b6705

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: public
date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 16 Dec 2019 21:03:59 GMT
server: cloudflare
etag: W/"5df7f13f-c3df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600, public
cf-ray: 56dcf334fe1e175a-FRA
expires: Mon, 02 Mar 2020 18:48:41 GMT

GET
H2 200 jquery.combobox.js Show response
secured.heritage.org/wp-content/themes/secured/_js/ 22 KB
5 KB 519ms
491ms Script
application/javascript 2606:4700:10::6814:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.heritage.org/wp-content/themes/secured/_js/jquery.combobox.js?ver=5.2.2
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d61154171452eed40f90e9b79a7a17b6ce0249ce12b45ac8958b857ad76914d

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: public
date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 16 Dec 2019 21:03:59 GMT
server: cloudflare
etag: W/"5df7f13f-5825"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600, public
cf-ray: 56dcf334fe25175a-FRA
expires: Mon, 02 Mar 2020 18:48:41 GMT

GET
H2 200 master.js Show response
secured.heritage.org/wp-content/themes/secured/_js/ 12 KB
4 KB 539ms
512ms Script
application/javascript 2606:4700:10::6814:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.heritage.org/wp-content/themes/secured/_js/master.js?ver=5.2.3
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a64516afdc2f54186d081b8eb8f46e65cdbf2a927f1ae9fb72a1686e473897f

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: public
date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 16 Dec 2019 21:03:59 GMT
server: cloudflare
etag: W/"5df7f13f-3040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600, public
cf-ray: 56dcf334fe26175a-FRA
expires: Mon, 02 Mar 2020 18:48:41 GMT

GET
H2 200 script.js Show response
secured.heritage.org/wp-content/plugins/wp-comment-fields/js/ 749 B
452 B 464ms
437ms Script
application/javascript 2606:4700:10::6814:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.heritage.org/wp-content/plugins/wp-comment-fields/js/script.js?ver=5.2.2
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa9824e6c6f541143c069014c1b24a90aeb2b801f582cf624c282c215bb11684

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: public
date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 16 Dec 2019 21:03:58 GMT
server: cloudflare
etag: W/"5df7f13e-2ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600, public
cf-ray: 56dcf334fe28175a-FRA
expires: Mon, 02 Mar 2020 18:48:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 85 KB
29 KB 76ms
54ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV

Requested by

Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6092b7c5c15b61ba2c7634c56c6b33a0b41eccbffda03fd78bc892804f66272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29613
x-xss-protection: 0
last-modified: Mon, 02 Mar 2020 17:08:35 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 Mar 2020 17:48:41 GMT

GET
H2 200 logo-thf.png
secured.heritage.org/wp-content/themes/secured/_img/ 4 KB
4 KB 505ms
496ms Image
image/png 2606:4700:10::6814:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secured.heritage.org/wp-content/themes/secured/_img/logo-thf.png
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96bf35b6085e3a7ee102e56310a49020056aef7e2a8b5d80f68b93b57efe05d6

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: public
date: Mon, 02 Mar 2020 17:48:41 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 16 Dec 2019 21:03:59 GMT
server: cloudflare
etag: "5df7f13f-10e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 56dcf334fe2c175a-FRA
content-length: 4322
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET thf-membership-card-2019-300x189.jpg
secured.heritage.org/wp-content/uploads/2019/03/ 0
0

GET card2.png
secured.heritage.org/wp-content/uploads/2015/10/ 0
0

GET member_briefing.jpg
secured.heritage.org/wp-content/uploads/2015/10/ 0
0

GET morningbell.jpg
secured.heritage.org/wp-content/uploads/2015/10/ 0
0

GET
H2 200 bootstrap-formhelpers.min.css
secured.heritage.org/wp-content/plugins/stripe-donation-form/_css/ 28 KB
5 KB 509ms
471ms Stylesheet
text/css 2606:4700:10::6814:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.heritage.org/wp-content/plugins/stripe-donation-form/_css/bootstrap-formhelpers.min.css?ver=5.2.2
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b551b157d9201f6a43d292cc07e01f3a5242a5a6c5c1418eb2635b19956b7db9

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

pragma: public
date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 16 Dec 2019 21:03:58 GMT
server: cloudflare
etag: W/"5df7f13e-701b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1209600, public
cf-ray: 56dcf335d898175a-FRA
expires: Mon, 16 Mar 2020 17:48:41 GMT

GET
H2 200 font-awesome.css
netdna.bootstrapcdn.com/font-awesome/3.2.1/css/ 27 KB
5 KB 9ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.css?ver=5.2.2
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 22a22e76f4de930e54dd33af00c71b68828847409e5e79787df5224dd9776c6f

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
access-control-allow-origin: *
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 5376

GET stripe-form.css
secured.heritage.org/wp-content/plugins/stripe-donation-form/_css/ 0
0

GET video.min.js
secured.heritage.org/wp-content/plugins/videojs-html5-player/videojs/ 0
0

GET wp-embed.min.js
secured.heritage.org//wp-includes/js/ 0
0

GET h5f.js
secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/ 0
0

GET bootstrap-validator.min.js
secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/ 0
0

GET bootstrap-formhelpers.min.js
secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/ 0
0

GET
H2 200 / Show response
js.stripe.com/v2/ 63 KB
21 KB 22ms
19ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v2/?ver=5.2.2

Requested by

Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c022247ac30c6eb77b20896361223eb803a87142f527fa5d44fa7c6f210c568a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
age: 110
x-cache: HIT
status: 200
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-length: 20958
x-amz-id-2: /khl3ITLuQM0To5YwXJtCXP+ms89XSbIHlJjJv6eBjKZPwCcpRW3fEH1sTEcTZkj49lS+IUHvuA=
x-served-by: cache-hhn4059-HHN
last-modified: Tue, 28 Jan 2020 17:27:37 GMT
server: AmazonS3
x-timer: S1583171322.825620,VS0,VE0
etag: "15fda0e26fec252d4d6a8e297ca90756"
vary: Accept-Encoding
x-amz-request-id: E5B5D84999338F4E
via: 1.1 varnish
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 39

GET stripe-form-functions.js
secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/ 0
0

GET utmna.js
secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/ 0
0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 708 B
580 B 34ms
32ms Script
text/javascript 2a00:1450:4001:825::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LetGrgUAAAAAOhcw8UgeMraDxTV4cnuw__SZdWZ&ver=5.2.2

Requested by

Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b1252b2c94b390313509419d45672a00188dc13d248412e398465676414d588e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 478
x-xss-protection: 1; mode=block
expires: Mon, 02 Mar 2020 17:48:41 GMT

GET stripe-applepay.js
secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6990
date: Mon, 02 Mar 2020 15:52:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Mon, 02 Mar 2020 17:52:11 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 32ms
31ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9931
x-xss-protection: 0
server: cafe
etag: 9478280665056484852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Mar 2020 17:48:41 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 29ms
27ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 21:01:31 GMT
x-msedge-ref: Ref A: C11F7657DE0D49CEBA674BF3953182D6 Ref B: FRAEDGE0420 Ref C: 2020-03-02T17:48:41Z
access-control-allow-origin: *
etag: "8087c39c79d8d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7295

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 3 KB
2 KB 15ms
13ms Script
application/x-javascript 2a02:26f0:10c:399::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B3LZV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:399::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 02 Mar 2020 17:48:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=57847
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET wp-emoji-release.min.js
secured.heritage.org/wp-includes/js/ 0
0

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: secured.heritage.org
URL: https://secured.heritage.org/wp-content/themes/secured/_js/modernizr.js?ver=5.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin: https://secured.heritage.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 02:11:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 2821004
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Fri, 29 Jan 2021 02:11:57 GMT

GET checkbox.png
secured.heritage.org/wp-content/themes/secured/_img/ 0
0

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Lato%3A400%2C400italic%2C700%2C700italic&ver=5.2.2
Origin: https://secured.heritage.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 18:51:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 3365820
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14044
x-xss-protection: 0
expires: Fri, 22 Jan 2021 18:51:41 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700&ver=5.2.2
Origin: https://secured.heritage.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:26:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 3396159
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13612
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:26:02 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Lato%3A400%2C400italic%2C700%2C700italic&ver=5.2.2
Origin: https://secured.heritage.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Feb 2020 23:09:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 585565
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14176
x-xss-protection: 0
expires: Tue, 23 Feb 2021 23:09:16 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v16/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2

Requested by

Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Lato%3A400%2C400italic%2C700%2C700italic&ver=5.2.2
Origin: https://secured.heritage.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 09:56:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:51 GMT
server: sffe
age: 3397907
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14864
x-xss-protection: 0
expires: Fri, 22 Jan 2021 09:56:54 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 75 KB
27 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TDTF3LZ&t=gtm2&cid=1643068866.1583171322

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31ccec2db898c30af4614ae3bb053ddfc4c5a48936cb9ca353a81d716b112f26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 27296
x-xss-protection: 0
expires: Mon, 02 Mar 2020 17:48:41 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1352173757&t=pageview&_s=1&dl=https%3A%2F%2Fsecured.heritage.org%2F_2019%2Fjoin-heritage%2F%3Futm_campaign%3Dmembership%26utm_medium%3Demail%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1393129-30&cid=1643068866.1583171322&jid=941398811&_gid=1875669064.1583171322&gjid=694611075&_v=j81&z=263233058
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1393129-30&cid=1643068866.1583171322&jid=941398811&_v=j81&z=263233058
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1393129-30&cid=1643068866.1583171322&jid=941398811&_v=j81&z=263233058&slf_rd=1&random=844990688

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1393129-30&cid=1643068866.1583171322&jid=941398811&_v=j81&z=263233058&slf_rd=1&random=844990688

Requested by

Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Mar 2020 17:48:41 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Mar 2020 17:48:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1393129-30&cid=1643068866.1583171322&jid=941398811&_v=j81&z=263233058&slf_rd=1&random=844990688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET collect
px.ads.linkedin.com/ 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: iSyWdMV4BUaHzzcQoMj+md9o/VwKNXMLbnO1t13S0QSP/xEDnAl3olsapHOKtx6uuVs9uvcBptxi9o1mGAkXiQ==
x-fb-trip-id: 1850256238
date: Mon, 02 Mar 2020 17:48:41 GMT, Mon, 02 Mar 2020 17:48:41 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET munchkin.js
munchkin.marketo.net/ 0
0

GET
H2 204 0
bat.bing.com/action/ 0
93 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5060389&Ver=2&mid=b173f053-8507-0db9-5813-588554cc0222&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Join%20the%20Heritage%20Foundation%20%E2%80%93%202019%20Treatment%20%7C%20The%20Heritage%20Foundation&p=https%3A%2F%2Fsecured.heritage.org%2F_2019%2Fjoin-heritage%2F%3Futm_campaign%3Dmembership%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DDaly_RR&r=&evt=pageLoad&msclkid=N&rn=159657
Requested by: Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Mon, 02 Mar 2020 17:48:41 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 79721F3739D346F9800B879E9A9C2438 Ref B: FRAEDGE0420 Ref C: 2020-03-02T17:48:41Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975702554/ 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975702554/?random=1583171321886&cv=9&fst=1583171321886&num=1&label=E7Z9CIvpqVkQmpSg0QM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecured.heritage.org%2F_2019%2Fjoin-heritage%2F%3Futm_campaign%3Dmembership%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DDaly_RR&tiba=Join%20the%20Heritage%20Foundation%20%E2%80%93%202019%20Treatment%20%7C%20The%20Heritage%20Foundation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e22f2721c6fc7f4f86e66d17d225be7fa882ff1b2de6cc58177d97f43b3cfee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 02 Mar 2020 17:48:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1158
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 493332274159836 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/493332274159836?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

22246f07a8ded0d58759de6272db0766823e08abf4fe4dbfb48a047fdf310629

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 114947
x-xss-protection: 0
pragma: public
x-fb-debug: 2SVzyox+pfstybyLwkaYcnweyvToWIw1BJ4fl8f58tLboLPy/vi0vcY6H+eBhqVbl9aOy8DIWSIf8oX2Cc7ZFA==
x-fb-trip-id: 1850256238
date: Mon, 02 Mar 2020 17:48:41 GMT, Mon, 02 Mar 2020 17:48:41 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975702554/ 42 B
121 B 21ms
20ms Image
image/gif 2a00:1450:4001:825::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975702554/?random=1583171321886&cv=9&fst=1583168400000&num=1&label=E7Z9CIvpqVkQmpSg0QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2j0&sendb=1&frm=0&url=https%3A%2F%2Fsecured.heritage.org%2F_2019%2Fjoin-heritage%2F%3Futm_campaign%3Dmembership%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DDaly_RR&tiba=Join%20the%20Heritage%20Foundation%20%E2%80%93%202019%20Treatment%20%7C%20The%20Heritage%20Foundation&async=1&fmt=3&is_vtc=1&random=4160133665&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 02 Mar 2020 17:48:41 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/975702554/ 42 B
110 B 25ms
24ms Image
image/gif 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/975702554/?random=1583171321886&cv=9&fst=1583168400000&num=1&label=E7Z9CIvpqVkQmpSg0QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2j0&sendb=1&frm=0&url=https%3A%2F%2Fsecured.heritage.org%2F_2019%2Fjoin-heritage%2F%3Futm_campaign%3Dmembership%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DDaly_RR&tiba=Join%20the%20Heritage%20Foundation%20%E2%80%93%202019%20Treatment%20%7C%20The%20Heritage%20Foundation&async=1&fmt=3&is_vtc=1&random=4160133665&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 02 Mar 2020 17:48:41 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=493332274159836&ev=PageView&dl=https%3A%2F%2Fsecured.heritage.org%2F_2019%2Fjoin-heritage%2F%3Futm_campaign%3Dmembership%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DDaly_RR&rl=&if=false&ts=1583171321937&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1583171321937.173978604&it=1583171321898&coo=false&rqm=GET

Requested by

Host: secured.heritage.org
URL: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 02 Mar 2020 17:48:41 GMT, Mon, 02 Mar 2020 17:48:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Mon, 02 Mar 2020 17:48:41 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/61bII03-TtCmSUR7dw9MJF9q/ 259 KB
93 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/61bII03-TtCmSUR7dw9MJF9q/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LetGrgUAAAAAOhcw8UgeMraDxTV4cnuw__SZdWZ&ver=5.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e24eebce672e525c8268db380a3e65b3369b7c5335c7888d5b08554cbde79863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 24 Feb 2020 19:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 23 Feb 2020 21:06:15 GMT
server: sffe
age: 597514
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 94565
x-xss-protection: 0
expires: Tue, 23 Feb 2021 19:50:07 GMT

GET
H2 200 channel.html
js.stripe.com/v2/ Frame C352 0
0 61ms
19ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fsecured.heritage.org&stripe_xdm_c=default533353&stripe_xdm_p=1

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v2/?ver=5.2.2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v2/channel.html?stripe_xdm_e=https%3A%2F%2Fsecured.heritage.org&stripe_xdm_c=default533353&stripe_xdm_p=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

Response headers

status: 200
x-amz-id-2: NbnKw156bL5igFYskBwcDi77fDtSTIBrnVLzh8yeOocTjKKC7ntUoE8DE5sq5usksGXZTVNYxOk=
x-amz-request-id: 0F1A943085C84840
last-modified: Wed, 06 Sep 2017 17:40:34 GMT
etag: "19af0c6cc7a0bca20a355b3362dc64a0"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Mon, 02 Mar 2020 17:48:42 GMT
via: 1.1 varnish
age: 261
x-served-by: cache-hhn4032-HHN
x-cache: HIT
x-cache-hits: 88
x-timer: S1583171322.037234,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-length: 560

GET heritage20.js
cdn.optimizely.com/public/31463647/s/ 0
0

GET anchor
www.google.com/recaptcha/api2/ Frame 545E 0
0

GET
H2 200 outer.html
js.stripe.com/v2/m/ Frame 1102 0
0 20ms
20ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v2/m/outer.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v2/?ver=5.2.2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v2/m/outer.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR

Response headers

status: 200
x-amz-id-2: Ct6Lo35nU+8/khAA2ThjgqWzeWmfZpZ25TZdkuVTV08gFY/uED+O796iiroLrK/smOMkeuepW6c=
x-amz-request-id: 082D8D93894DDA55
last-modified: Wed, 06 Sep 2017 17:40:34 GMT
etag: "51b76bd7931c50d2bf6d4c5a93d343f9"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Mon, 02 Mar 2020 17:48:42 GMT
via: 1.1 varnish
age: 135
x-served-by: cache-hhn4065-HHN
x-cache: HIT
x-cache-hits: 31
x-timer: S1583171322.145853,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-length: 388

GET
H2 204 a
www.googletagmanager.com/ 0
304 B 28ms
15ms Image
image/gif 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-TDTF3LZ&cv=26&t=ol&g=67&p=gtm&l=845&q=820&f=44&e=6&i=35&d=-44&c=83&hc=1&sr=0.050000&ps=0.022934142454552386&cb=1676140409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 02 Mar 2020 17:48:42 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
248 B 22ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=493332274159836&ev=Microdata&dl=https%3A%2F%2Fsecured.heritage.org%2F_2019%2Fjoin-heritage%2F%3Futm_campaign%3Dmembership%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DDaly_RR&rl=&if=false&ts=1583171322439&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtJoin%20the%20Heritage%20Foundation%20%E2%80%93%202019%20Treatment%20%7C%20The%20Heritage%20Foundation%5Ct%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Asite_name%22%3A%22The%20Heritage%20Foundation%22%2C%22og%3Atitle%22%3A%22Join%20the%20Heritage%20Foundation%20-%202019%20Treatment%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsecured.heritage.org%2F_2019%2Fjoin-heritage%2F%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Adescription%22%3A%22Join%20the%20Heritage%20Foundation%20-%202019%20Treatment%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fsecured.heritage.org%2Fwp-content%2Fuploads%2F2018%2F03%2FDocuments-Hi-Res.jpg%22%2C%22og%3Aimage%3Aurl%22%3A%22https%3A%2F%2Fsecured.heritage.org%2Fwp-content%2Fuploads%2F2018%2F03%2FDocuments-Hi-Res.jpg%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fsecured.heritage.org%2Fwp-content%2Fuploads%2F2018%2F03%2FDocuments-Hi-Res.jpg%22%2C%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fheritagefoundation%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1583171321937.173978604&it=1583171321898&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secured.heritage.org/_2019/join-heritage/?utm_campaign=membership&utm_medium=email&utm_source=prospecting&utm_content=Daly_RR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 02 Mar 2020 17:48:42 GMT, Mon, 02 Mar 2020 17:48:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Mon, 02 Mar 2020 17:48:42 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secured.heritage.org
URL: https://secured.heritage.org/wp-content/uploads/2019/03/thf-membership-card-2019-300x189.jpg

Domain: secured.heritage.org
URL: https://secured.heritage.org/wp-content/uploads/2015/10/card2.png

Domain: secured.heritage.org
URL: https://secured.heritage.org/wp-content/uploads/2015/10/member_briefing.jpg

Domain: secured.heritage.org
URL: https://secured.heritage.org/wp-content/uploads/2015/10/morningbell.jpg

Domain: secured.heritage.org
URL: https://secured.heritage.org/wp-content/plugins/stripe-donation-form/_css/stripe-form.css?ver=5.2.2

Domain: secured.heritage.org
URL: https://secured.heritage.org/wp-content/plugins/videojs-html5-player/videojs/video.min.js?ver=1.1.3

Domain: secured.heritage.org
URL: https://secured.heritage.org//wp-includes/js/wp-embed.min.js?ver=5.2.2

Domain: secured.heritage.org
URL: https://secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/h5f.js?ver=5.2.2

Domain: secured.heritage.org
URL: https://secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/bootstrap-validator.min.js?ver=5.2.2

Domain: secured.heritage.org
URL: https://secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/bootstrap-formhelpers.min.js?ver=5.2.2

Domain: secured.heritage.org
URL: https://secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/stripe-form-functions.js?ver=5.2.2

Domain: secured.heritage.org
URL: https://secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/utmna.js?ver=5.2.2

Domain: secured.heritage.org
URL: https://secured.heritage.org/wp-content/plugins/stripe-donation-form/_js/stripe-applepay.js?ver=5.2.2

Domain: secured.heritage.org
URL: https://secured.heritage.org/wp-includes/js/wp-emoji-release.min.js?ver=5.2.2

Domain: secured.heritage.org
URL: https://secured.heritage.org/wp-content/themes/secured/_img/checkbox.png

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1757818&url=https%3A%2F%2Fsecured.heritage.org%2F_2019%2Fjoin-heritage%2F%3Futm_campaign%3Dmembership%26utm_medium%3Demail%26utm_source%3Dprospecting%26utm_content%3DDaly_RR&time=1583171321876

Domain: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js

Domain: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/31463647/s/heritage20.js

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetGrgUAAAAAOhcw8UgeMraDxTV4cnuw__SZdWZ&co=aHR0cHM6Ly9zZWN1cmVkLmhlcml0YWdlLm9yZzo0NDM.&hl=en&v=61bII03-TtCmSUR7dw9MJF9q&size=invisible&cb=p87g74qszdg1

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.heritage.org/	1970-01-19 09:55:47	Name: _fbp Value: fb.1.1583171321937.173978604
.heritage.org/	1970-01-19 07:46:11	Name: _gat_UA-1393129-30 Value: 1
.heritage.org/	1970-01-19 07:47:37	Name: _gid Value: GA1.2.1875669064.1583171322
.heritage.org/	1970-01-19 09:55:47	Name: _gcl_au Value: 1.1.786988738.1583171321
.heritage.org/	1970-01-20 01:17:23	Name: _ga Value: GA1.2.1643068866.1583171322
.secured.heritage.org/	1970-01-19 07:46:13	Name: __stripe_sid Value: d1f780c6-079b-4126-9073-ab963b3d0b4f
.secured.heritage.org/	1970-01-19 16:31:47	Name: __stripe_mid Value: 50f24692-0607-405b-81d6-aae4e52f32a9
secured.heritage.org/	1969-12-31 23:59:59	Name: LB-Persist Value: !NaozPjJCn7ljvWbsRjndrbgI2S90RbphiLADac9/3by9sm+F1+NKItBfbxADW8yLV4RboR1GdJVTAQ==
.heritage.org/	1970-01-19 08:29:23	Name: __cfduid Value: d358e3ecb39b7fd0a4830a4f4ef965add1583171320

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://secured.heritage.org//wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cdn.optimizely.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.stripe.com
maxcdn.bootstrapcdn.com
munchkin.marketo.net
netdna.bootstrapcdn.com
paracom.paramountcommunication.com
px.ads.linkedin.com
secured.heritage.org
sjs.bizographics.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
cdn.optimizely.com
munchkin.marketo.net
px.ads.linkedin.com
secured.heritage.org
www.google.com
151.101.112.176
172.217.23.98
2001:4de0:ac19::1:b:3a
2606:4700:10::6814:28f0
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:816::2002
2a00:1450:4001:818::200a
2a00:1450:4001:81f::2003
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
2a00:1450:4001:825::2004
2a00:1450:400c:c00::9c
2a02:26f0:10c:399::3adf
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.10.83.209
00838395cd8b377d7164786319e394a09e9002e048ecb8651c1d7ba94b2d65a0
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
07fcd4f0a4d27c83589748e10580f37fc364c1874c7209c29b65a6c6e17c9b6a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
22246f07a8ded0d58759de6272db0766823e08abf4fe4dbfb48a047fdf310629
22a22e76f4de930e54dd33af00c71b68828847409e5e79787df5224dd9776c6f
2a64516afdc2f54186d081b8eb8f46e65cdbf2a927f1ae9fb72a1686e473897f
31ccec2db898c30af4614ae3bb053ddfc4c5a48936cb9ca353a81d716b112f26
3d77ffa18764e98bed1fe2b7a7423a58ce0d67c294c60ffd881f0f690bbbf4ee
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
6d61154171452eed40f90e9b79a7a17b6ce0249ce12b45ac8958b857ad76914d
89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7
90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f
96bf35b6085e3a7ee102e56310a49020056aef7e2a8b5d80f68b93b57efe05d6
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9f478a91163c4b569e5bc2a46a2ca28bff93e2772912aa186f8ab0e4778c7172
a74ed85c97537594bfe3272093ee95f5181de9c38990b3e41ffe9b833b28fd96
b1252b2c94b390313509419d45672a00188dc13d248412e398465676414d588e
b551b157d9201f6a43d292cc07e01f3a5242a5a6c5c1418eb2635b19956b7db9
bc66f77054620d441a9b3f6438745395e85265886cd7433195e60c107a2fcba0
c022247ac30c6eb77b20896361223eb803a87142f527fa5d44fa7c6f210c568a
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
cc58f389596fca7bf0b80a914df1ed2ca6cb46564afce1a59647c5a411670225
d00255a582d67e7d1061097b97f939b3d4e4bd48c31e6e0fd1cdf3d2f271ab63
e22f2721c6fc7f4f86e66d17d225be7fa882ff1b2de6cc58177d97f43b3cfee4
e24eebce672e525c8268db380a3e65b3369b7c5335c7888d5b08554cbde79863
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a
e9ed55e76e18c41069e635a88c37648b50b8cb39fb5862fa2d129661931b6705
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5f27684cdabf14f880903abadbda42e6fb03a46508596923ad5d412ac123410
f6092b7c5c15b61ba2c7634c56c6b33a0b41eccbffda03fd78bc892804f66272
fa9824e6c6f541143c069014c1b24a90aeb2b801f582cf624c282c215bb11684
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382

secured.heritage.org Open in urlscan Pro 2606:4700:10::6814:28f0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

71 %HTTPS

82 %IPv6

19 Domains

22 Subdomains

16 IPs

6 Countries

572 kBTransfer

1871 kBSize

9 Cookies

2 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secured.heritage.org Open in urlscan Pro
2606:4700:10::6814:28f0 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

71 %
HTTPS

82 %
IPv6

19
Domains

22
Subdomains

16
IPs

6
Countries

572 kB
Transfer

1871 kB
Size

9
Cookies

66 HTTP transactions
0 data transactions