urlscan.io logo urlscan.io
SecurityTrails logo

www.midwestheritage.com Open in urlscan Pro
172.67.147.60  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://midwestheritagebank.com/
Effective URL: https://www.midwestheritage.com/
Submission: On October 16 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 15 domains to perform 90 HTTP transactions. The main IP is 172.67.147.60, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.midwestheritage.com.
TLS certificate: Issued by WE1 on September 5th 2024. Valid for: 3 months.
This is the only time www.midwestheritage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.189.188 13335 (CLOUDFLAR...)
1 1 172.67.190.56 13335 (CLOUDFLAR...)
29 172.67.147.60 13335 (CLOUDFLAR...)
16 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a04:4e42:200... 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
2 178.249.97.23 11054 (LIVEPERSON)
1 142.250.74.196 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.206.35 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 142.250.185.99 15169 (GOOGLE)
2 34.107.203.234 396982 (GOOGLE-CL...)
1 142.250.185.227 15169 (GOOGLE)
8 178.249.97.99 11054 (LIVEPERSON)
7 34.120.154.120 396982 (GOOGLE-CL...)
1 142.250.186.100 15169 (GOOGLE)
7 208.89.12.87 11054 (LIVEPERSON)
90 20
1    172.67.189.188 (United States)

ASN13335 (CLOUDFLARENET, US)
midwestheritagebank.com
1    172.67.190.56 (United States)

ASN13335 (CLOUDFLARENET, US)
www.mhbank.com
29    172.67.147.60 (United States)

ASN13335 (CLOUDFLARENET, US)
www.midwestheritage.com
16    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
2    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)
lptag.liveperson.net
1    142.250.74.196 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f3.1e100.net
fonts.gstatic.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:2057:da00:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tools.luckyorange.com
2    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
www.google.de
2    34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com
settings.luckyorange.com
1    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
www.gstatic.com
8    178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net
accdn.lpsnmedia.net
7    34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com
lpcdn.lpsnmedia.net
1    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
7    208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net
va.v.liveperson.net
Apex Domain
Subdomains		 Transfer
29 midwestheritage.com
www.midwestheritage.com
2 MB
16 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1955
ka-p.fontawesome.com — Cisco Umbrella Rank: 3223
393 KB
15 lpsnmedia.net
accdn.lpsnmedia.net — Cisco Umbrella Rank: 4602
lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4284
308 KB
9 liveperson.net
lptag.liveperson.net — Cisco Umbrella Rank: 4143
va.v.liveperson.net — Cisco Umbrella Rank: 4688
166 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
298 KB
3 luckyorange.com
tools.luckyorange.com — Cisco Umbrella Rank: 14252
settings.luckyorange.com — Cisco Umbrella Rank: 14201
5 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4401
993 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
912 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
22 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
250 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
49 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 11271
63 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
1 mhbank.com
www.mhbank.com
547 B
1 midwestheritagebank.com
midwestheritagebank.com
556 B
90 15
Domain Requested by
29 www.midwestheritage.com www.midwestheritage.com
14 ka-p.fontawesome.com kit.fontawesome.com
www.midwestheritage.com
8 accdn.lpsnmedia.net lptag.liveperson.net
7 va.v.liveperson.net lptag.liveperson.net
7 lpcdn.lpsnmedia.net lptag.liveperson.net
4 www.googletagmanager.com www.midwestheritage.com
www.googletagmanager.com
2 settings.luckyorange.com tools.luckyorange.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.com www.midwestheritage.com
www.gstatic.com
2 lptag.liveperson.net www.midwestheritage.com
2 cdn.jsdelivr.net www.midwestheritage.com
2 kit.fontawesome.com www.midwestheritage.com
kit.fontawesome.com
1 www.gstatic.com www.google.com
1 www.google.de www.midwestheritage.com
1 region1.analytics.google.com www.googletagmanager.com
1 tools.luckyorange.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.midwestheritage.com
1 www.mhbank.com 1 redirects
1 midwestheritagebank.com 1 redirects
90 21
Subject Issuer Validity Valid
www.midwestheritage.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-27		 6 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
*.google-analytics.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2023-11-28 -
2024-11-27		 a year crt.sh
*.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
luckyorange.com
Amazon RSA 2048 M03		 2023-11-18 -
2024-12-15		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.google.de
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
settings.luckyorange.com
R11		 2024-10-08 -
2025-01-06		 3 months crt.sh
*.lpsnmedia.net
Sectigo RSA Organization Validation Secure Server CA		 2024-10-08 -
2025-10-08		 a year crt.sh
*.v.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2024-08-20 -
2025-08-20		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.midwestheritage.com/
Frame ID: 0B0DED9341BAE219E5C92797272E436F
Requests: 86 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4a90/sw_iframe.html?origin=https%3A%2F%2Fwww.midwestheritage.com
Frame ID: ABE4F29A297F27F2AF6C7D12603BF3BF
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.30.1-release_1430893787/storage.secure.min.html?loc=https%3A%2F%2Fwww.midwestheritage.com&site=85467047&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net
Frame ID: 1BA04EC9CC5CF5A50B24C39D65FE7DB6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4jIIpAAAAAAzoi-rltjOQO73aEtefQsnwKK9A&co=aHR0cHM6Ly93d3cubWlkd2VzdGhlcml0YWdlLmNvbTo0NDM.&hl=de&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=j7bkcxr6xfri
Frame ID: 58908544CE60E512C8C9EF994BC4851E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Your home for all your banking needs | Midwest Heritage

Page URL History Show full URLs

  1. https://midwestheritagebank.com/ HTTP 301
    https://www.mhbank.com/ HTTP 301
    https://www.midwestheritage.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

90
Requests

99 %
HTTPS

38 %
IPv6

15
Domains

21
Subdomains

20
IPs

3
Countries

3611 kB
Transfer

7785 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://midwestheritagebank.com/ HTTP 301
    https://www.mhbank.com/ HTTP 301
    https://www.midwestheritage.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

90 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.midwestheritage.com/
Redirect Chain
  • https://midwestheritagebank.com/
  • https://www.mhbank.com/
  • https://www.midwestheritage.com/
100 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
a1150723cf07153e2eb8681135913424b8e3bbec221536539adf7e3d0841928d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d385e3689986885-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 16 Oct 2024 13:24:14 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://www.midwestheritage.com/wp-json/>; rel="https://api.w.org/" <https://www.midwestheritage.com/wp-json/wp/v2/pages/12>; rel="alternate"; title="JSON"; type="application/json" <https://www.midwestheritage.com/>; rel=shortlink
pragma
no-cache
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 42
x-cache-group
normal
x-cacheable
SHORT
x-orig-cache-control
no-store, no-cache, must-revalidate
x-powered-by
WP Engine

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
8d385e335e7818d8-FRA
content-length
167
content-type
text/html
date
Wed, 16 Oct 2024 13:24:13 GMT
expires
Wed, 16 Oct 2024 14:24:13 GMT
location
https://www.midwestheritage.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2Bx3Lywv5OOgUrvBo5DzOSRyy5vx6csmwmLo76F5dFxBPUhcrJRAOBhr4BH9X5qafqGjUVigskC78Ou1VPrLKHOnY4srU07rV4PSv0llByEU%2FjaJWMKvBmq9%2Bd%2B8NdIC8w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
211a5cebdd.js
kit.fontawesome.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/211a5cebdd.js
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae79f4527706f23ebaaf2b92ff1013c85fa6492ec88b051cff8e42f2e45bb6b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.midwestheritage.com
Referer
https://www.midwestheritage.com/

Response headers

access-control-max-age
3000
x-request-id
F_7xsk7tCP3wsT2gI0qB
cache-control
max-age=60, public, stale-while-revalidate=30
content-encoding
gzip
cf-cache-status
EXPIRED
access-control-allow-methods
GET, OPTIONS
cf-ray
8d385e398998d27a-FRA
access-control-allow-origin
*
date
Wed, 16 Oct 2024 13:24:15 GMT
content-type
text/javascript
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
server
cloudflare
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.midwestheritage.com
Referer
https://www.midwestheritage.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
age
1822395
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 16 Oct 2024 13:24:14 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220021-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
25360
x-jsd-version
5.0.2
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 		77 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.midwestheritage.com
Referer
https://www.midwestheritage.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
age
2178423
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 16 Oct 2024 13:24:14 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220021-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
23943
x-jsd-version
5.0.2
style.min.css
www.midwestheritage.com/wp-includes/css/dist/block-library/ 		110 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.midwestheritage.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"669948b9-1b723"
age
75183
cf-ray
8d385e3a38046885-NRT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:15 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Thu, 18 Jul 2024 16:54:17 GMT
style.css
www.midwestheritage.com/wp-content/uploads/maxmegamenu/ 		66 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.midwestheritage.com/wp-content/uploads/maxmegamenu/style.css?ver=0b16ac
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a5b4be3e2c658c1b01707d4d0a1c1188be1a6dcd0ec5d6a1147b1e10f4cbe67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"66cf1cce-108d9"
age
75183
cf-ray
8d385e3a38066885-NRT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:15 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 28 Aug 2024 12:49:18 GMT
dashicons.min.css
www.midwestheritage.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.midwestheritage.com/wp-includes/css/dashicons.min.css?ver=6.6.1
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"603ffca6-e688"
age
75183
cf-ray
8d385e3a38116885-NRT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:15 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
style.css
www.midwestheritage.com/wp-content/themes/midwest-heritage-23/ 		332 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.midwestheritage.com/wp-content/themes/midwest-heritage-23/style.css?ver=3449698724
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db5ba5b8a1b6ba0b77ce7c5711797d839feced4aa3a3140009d46bd19e81362f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"66cf1cd2-52e72"
age
75183
cf-ray
8d385e3a38126885-NRT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:15 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 28 Aug 2024 12:49:22 GMT
bootstrap.min.css
www.midwestheritage.com/wp-content/themes/midwest-heritage-23/bootstrap/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.midwestheritage.com/wp-content/themes/midwest-heritage-23/bootstrap/css/bootstrap.min.css?ver=6.6.1
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"66cf1ced-235ed"
age
75183
cf-ray
8d385e3a381b6885-NRT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:15 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 28 Aug 2024 12:49:49 GMT
jquery.min.js
www.midwestheritage.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.midwestheritage.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"64ecd5ef-15601"
age
75183
cf-ray
8d385e3a381f6885-NRT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:15 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
jquery-migrate.min.js
www.midwestheritage.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.midwestheritage.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6482bd64-3509"
age
175582
cf-ray
8d385e3a38216885-NRT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:15 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
bootstrap.bundle.min.js
www.midwestheritage.com/wp-content/themes/midwest-heritage-23/bootstrap/js/ 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.midwestheritage.com/wp-content/themes/midwest-heritage-23/bootstrap/js/bootstrap.bundle.min.js?ver=6.6.1
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"66cf1ced-1089e"
age
75183
cf-ray
8d385e3a38246885-NRT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:15 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 28 Aug 2024 12:49:49 GMT
MWH-logo-HR-new2x.2-1.png
www.midwestheritage.com/wp-content/uploads/2023/03/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.midwestheritage.com/wp-content/uploads/2023/03/MWH-logo-HR-new2x.2-1.png
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1523fff790bea7f4aa0a4f0da92e18620fd0b837e7cbd5bfd6fdaa9ad1d356d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66cf1cd2-97de"
age
75183
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=38878
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:15 GMT
content-type
image/webp
content-disposition
inline; filename="MWH-logo-HR-new2x.webp"
vary
Accept
last-modified
Wed, 28 Aug 2024 12:49:22 GMT
cache-control
public, max-age=31536000
cf-ray
8d385e3a38266885-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
12890
server
cloudflare
gtm.js
www.googletagmanager.com/ 		310 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-ML6956
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c985a3b656752b398e449d181229abb40cb6a1d50b0a14a7b375edd488f7e6e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 16 Oct 2024 13:24:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 16 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108633
x-xss-protection
0
server
Google Tag Manager
tag.js
lptag.liveperson.net/tag/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=85467047
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
2823fbfa7b9256867e21af1ecbfbb98583c8ef0e0b495f6f01d862ef58e3d93d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
content-encoding
gzip
etag
"6657cfc2-253d"
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
x-content-type-options
nosniff
content-length
9533
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
application/javascript
last-modified
Thu, 30 May 2024 01:00:50 GMT
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
Rectangle-26.png
www.midwestheritage.com/wp-content/uploads/2023/02/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.midwestheritage.com/wp-content/uploads/2023/02/Rectangle-26.png
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bead95a66fd89fd5b1c01e62923e5ad1da07580cb25df5b3cdd73664387ded2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66cf1cd2-27b8"
age
75095
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=10168
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:15 GMT
content-type
image/webp
content-disposition
inline; filename="Rectangle-26.webp"
vary
Accept
last-modified
Wed, 28 Aug 2024 12:49:22 GMT
cache-control
public, max-age=31536000
cf-ray
8d385e3bcabf6885-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
4900
server
cloudflare
Rectangle-24.png
www.midwestheritage.com/wp-content/uploads/2023/02/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.midwestheritage.com/wp-content/uploads/2023/02/Rectangle-24.png
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5588ce889d6a0560724bababe001d0d69f84b8d3ef0c713fe3edc1c439c12ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66cf1cd2-2471"
age
85823
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=9329
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
image/webp
content-disposition
inline; filename="Rectangle-24.webp"
vary
Accept
last-modified
Wed, 28 Aug 2024 12:49:22 GMT
cache-control
public, max-age=31536000
cf-ray
8d385e410b9a6885-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
5162
server
cloudflare
fdic.png
www.midwestheritage.com/wp-content/uploads/2023/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.midwestheritage.com/wp-content/uploads/2023/03/fdic.png
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d9543291bc76dc3d6a7dbb8b400bb38ad6bb75f295620eee526713813f7ed0a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66cf1cd2-165e"
age
75182
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=5726
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
image/webp
content-disposition
inline; filename="fdic.webp"
vary
Accept
last-modified
Wed, 28 Aug 2024 12:49:22 GMT
cache-control
public, max-age=31536000
cf-ray
8d385e411ba86885-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
3094
server
cloudflare
Group-3535.png
www.midwestheritage.com/wp-content/uploads/2023/02/ 		654 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.midwestheritage.com/wp-content/uploads/2023/02/Group-3535.png
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4944eb19b4c4b1d44b2e4007e2365ef89006e1592df7d05d70c429cbc14ad6b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66cf1cd2-2d6"
age
75182
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=726
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
image/webp
content-disposition
inline; filename="Group-3535.webp"
vary
Accept
last-modified
Wed, 28 Aug 2024 12:49:22 GMT
cache-control
public, max-age=31536000
cf-ray
8d385e411bac6885-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
654
server
cloudflare
email-decode.min.js
www.midwestheritage.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
854 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.midwestheritage.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"670ce573-4d7"
x-content-type-options
nosniff
cf-ray
8d385e411bb66885-NRT
expires
Fri, 18 Oct 2024 13:24:16 GMT
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 09:33:39 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
navigation.js
www.midwestheritage.com/wp-content/themes/midwest-heritage-23/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.midwestheritage.com/wp-content/themes/midwest-heritage-23/js/navigation.js?ver=3449698724
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ee0654259fda0bbfeab4305b895e740659613080d90352bd36c1452fd426ef6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"66cf1ced-ba4"
age
75182
cf-ray
8d385e411bb96885-NRT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 28 Aug 2024 12:49:49 GMT
main-min.js
www.midwestheritage.com/wp-content/themes/midwest-heritage-23/resources/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.midwestheritage.com/wp-content/themes/midwest-heritage-23/resources/js/main-min.js?ver=3449698724
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
842f1cd528ab5c5524c3823905278316eb5fdac0b18fcfa12a191c322acfda5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"66cf1cd2-135b"
age
75182
cf-ray
8d385e411bbe6885-NRT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 28 Aug 2024 12:49:22 GMT
api.js
www.google.com/recaptcha/ 		1 KB
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lc4jIIpAAAAAAzoi-rltjOQO73aEtefQsnwKK9A&ver=1.6.0
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
ESF /
Resource Hash
1271b0938802a844492c6c6be29a71c6f330d5dae96d2c97fb024da47b6b02f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 13:24:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Wed, 16 Oct 2024 13:24:16 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
hoverIntent.min.js
www.midwestheritage.com/wp-includes/js/ 		1 KB
942 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.midwestheritage.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"667d6e6f-5db"
age
175582
cf-ray
8d385e411bc16885-NRT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Thu, 27 Jun 2024 13:51:43 GMT
maxmegamenu.js
www.midwestheritage.com/wp-content/plugins/megamenu/js/ 		33 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.midwestheritage.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.3.1.2
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de77aed14166ff6c0bee39653090b8cc6eaa2230de83630de11ebfc5f108fa46

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"66cf1cf1-83b2"
age
175582
cf-ray
8d385e411bc26885-NRT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 28 Aug 2024 12:49:53 GMT
pro.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/ 		1 MB
179 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=211a5cebdd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/211a5cebdd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
max-age=31556926
content-encoding
gzip
cf-cache-status
HIT
etag
"6695a0b7-2cce4"
age
1299949
cf-ray
8d385e3b1defd27a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
183524
date
Wed, 16 Oct 2024 13:24:15 GMT
content-type
text/css
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/ 		27 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v4-shims.min.css?token=211a5cebdd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/211a5cebdd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0fdba09e5424857290d8e5aa6beb9953d22465dd8cd82e760e549a3f0663320

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
max-age=31556926
content-encoding
gzip
cf-cache-status
HIT
etag
"6695a0b7-10e7"
age
4429647
cf-ray
8d385e3b0deed27a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
4327
date
Wed, 16 Oct 2024 13:24:15 GMT
content-type
text/css
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/ 		50 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v5-font-face.min.css?token=211a5cebdd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/211a5cebdd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
max-age=31556926
content-encoding
gzip
cf-cache-status
HIT
etag
"6695a0b8-1c1c"
age
1217026
cf-ray
8d385e3b0de9d27a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
7196
date
Wed, 16 Oct 2024 13:24:15 GMT
content-type
text/css
last-modified
Mon, 15 Jul 2024 22:20:40 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v4-font-face.min.css?token=211a5cebdd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/211a5cebdd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42ffeae687ee562cc3d669407321ce1754cc922ed793e3371efac196b33cbf47

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
max-age=31556926
content-encoding
gzip
cf-cache-status
HIT
etag
"6695a0b7-6ca"
age
490262
cf-ray
8d385e3b0dedd27a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1738
date
Wed, 16 Oct 2024 13:24:15 GMT
content-type
text/css
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
kit-upload.css
kit.fontawesome.com/211a5cebdd/85698314/ 		0
141 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/211a5cebdd/85698314/kit-upload.css
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/211a5cebdd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

access-control-max-age
3000
x-request-id
F_a0SXsxXDsmI6AKGx_h
cf-cache-status
HIT
etag
54af53b207eef226d6511e0a88e3038e
age
2301685
access-control-allow-methods
GET, OPTIONS
date
Wed, 16 Oct 2024 13:24:15 GMT
content-type
text/css
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
cache-control
max-age=31556926, public, must-revalidate
cf-ray
8d385e3b0ddbd27a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
server
cloudflare
f257df3c-5133-494c-8adb-e3ec8a03d45c
https://www.midwestheritage.com/ Frame 		0
0
css2
fonts.googleapis.com/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/wp-content/themes/midwest-heritage-23/style.css?ver=3449698724
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
38f7774596cd15ebd026074cde2dd12d98a81af30a70aecec689e9899efef0a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 13:24:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 16 Oct 2024 12:35:22 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.midwestheritage.com
Referer
https://fonts.googleapis.com/

Response headers

age
104106
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 08:29:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 08:29:10 GMT
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33092
x-xss-protection
0
server
sffe
Header-3840x1320-2.jpg
www.midwestheritage.com/wp-content/uploads/2023/04/ 		658 KB
658 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.midwestheritage.com/wp-content/uploads/2023/04/Header-3840x1320-2.jpg
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f5b86efd288bf40b4d94f5e4b0bd436ec560484ea46888e998eb2d54095765c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66cf1cd0-ae9af"
age
75095
cf-cache-status
HIT
cf-polished
origSize=715183
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
image/jpeg
last-modified
Wed, 28 Aug 2024 12:49:20 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8d385e416bfe6885-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
673594
server
cloudflare
BOI_HomepageCard.png
www.midwestheritage.com/wp-content/uploads/2024/10/ 		545 KB
546 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.midwestheritage.com/wp-content/uploads/2024/10/BOI_HomepageCard.png
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2cfcedba40b99655db54cb6bab8d7eedefb7b6d531da46a1276b6a8dba686c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"670e8de6-cab4f"
age
75161
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=830287
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
image/webp
content-disposition
inline; filename="BOI_HomepageCard.webp"
vary
Accept
last-modified
Tue, 15 Oct 2024 15:44:38 GMT
cache-control
public, max-age=31536000
cf-ray
8d385e416c006885-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
558332
server
cloudflare
card_CD-offer_GettyImages-6437578082.jpg
www.midwestheritage.com/wp-content/uploads/2023/03/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.midwestheritage.com/wp-content/uploads/2023/03/card_CD-offer_GettyImages-6437578082.jpg
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfd6a26b69807c78fe2978086588346e519de4fb087d32e02d5b9e2187cef2f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66cf1cd2-333f"
age
75095
cf-cache-status
HIT
cf-polished
origSize=13119
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
image/jpeg
last-modified
Wed, 28 Aug 2024 12:49:22 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8d385e416c016885-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
12850
server
cloudflare
Homecard-Image-for-Website.png
www.midwestheritage.com/wp-content/uploads/2023/08/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.midwestheritage.com/wp-content/uploads/2023/08/Homecard-Image-for-Website.png
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c58f7803ad28ceaa9111101f40aa36df0ac7fe9690549e654a7a060354b95355

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66cf1ccf-2072a"
age
85822
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=132906
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
image/webp
content-disposition
inline; filename="Homecard-Image-for-Website.webp"
vary
Accept
last-modified
Wed, 28 Aug 2024 12:49:19 GMT
cache-control
public, max-age=31536000
cf-ray
8d385e416c046885-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
78994
server
cloudflare
Home-Equity-Loan.png
www.midwestheritage.com/wp-content/uploads/2023/01/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.midwestheritage.com/wp-content/uploads/2023/01/Home-Equity-Loan.png
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9563278d26f583e72e50d7b6bf2dec52fb49347c1c5a7620f303e6c212d31bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66cf1cd2-31cbc"
age
75095
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=203964
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
image/webp
content-disposition
inline; filename="Home-Equity-Loan.webp"
vary
Accept
last-modified
Wed, 28 Aug 2024 12:49:22 GMT
cache-control
public, max-age=31536000
cf-ray
8d385e416c0b6885-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
100350
server
cloudflare
gettyimages-1359838986-170667a.jpg
www.midwestheritage.com/wp-content/uploads/2023/05/ 		266 KB
266 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.midwestheritage.com/wp-content/uploads/2023/05/gettyimages-1359838986-170667a.jpg
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ec29f9bdc5f2faedaf591cac400acf98c5d5954913bd8deaf7a39a7da366ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66cf1cd0-478aa"
age
75095
cf-cache-status
HIT
cf-polished
origSize=293034
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
image/jpeg
last-modified
Wed, 28 Aug 2024 12:49:20 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8d385e416c0d6885-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
272578
server
cloudflare
1930-e1682110104446.jpg
www.midwestheritage.com/wp-content/uploads/2023/04/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.midwestheritage.com/wp-content/uploads/2023/04/1930-e1682110104446.jpg
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22ffdeb96962f183bfb82158f515fdaeff9eb9a589812e0272cb1a9f99579aa5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66cf1cd0-d0f1"
age
75095
cf-cache-status
HIT
cf-polished
origSize=53489
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
image/jpeg
last-modified
Wed, 28 Aug 2024 12:49:20 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8d385e416c0f6885-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
53049
server
cloudflare
Untitled-design-5.png
www.midwestheritage.com/wp-content/uploads/2023/10/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.midwestheritage.com/wp-content/uploads/2023/10/Untitled-design-5.png
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
331b70010ec8aa41336c8ee8910cbb1ee5f8c0558c0eaf470305aeb227d5f98a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66cf1ccf-2978b"
age
85822
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=169867
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
image/webp
content-disposition
inline; filename="Untitled-design-5.webp"
vary
Accept
last-modified
Wed, 28 Aug 2024 12:49:19 GMT
cache-control
public, max-age=31536000
cf-ray
8d385e416c126885-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
136424
server
cloudflare
pro-fa-solid-900-3.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-solid-900-3.woff2
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b87c0ab1a296a9465421ba9ab0d06134796a226f8c251398919a815ab835636

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.midwestheritage.com
Referer
https://www.midwestheritage.com/

Response headers

cache-control
max-age=31556926
cf-cache-status
HIT
etag
"6695a640-4420"
age
4664936
cf-ray
8d385e40dcd2d27a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
17440
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 22:44:16 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.midwestheritage.com
Referer

Response headers

Content-Type
application/x-font-woff;charset=utf-8
pro-fa-solid-900-0.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-solid-900-0.woff2
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41704d8589e4826363b6316d6a5e5d6da5f3fdee55723188a25be0524b9399dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.midwestheritage.com
Referer
https://www.midwestheritage.com/

Response headers

cache-control
max-age=31556926
cf-cache-status
HIT
etag
"6695a63f-2ed4"
age
4314739
cf-ray
8d385e40dcd4d27a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
11988
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 22:44:15 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
pro-fa-light-300-16.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-light-300-16.woff2
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9025feddce1a4a3c462a065ba790540331b4315dc0f78076553d212f97aca360

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.midwestheritage.com
Referer
https://www.midwestheritage.com/

Response headers

cache-control
max-age=31556926
cf-cache-status
HIT
etag
"6695a639-5c20"
age
3618967
cf-ray
8d385e40dcd8d27a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
23584
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 22:44:09 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
pro-fa-light-300-13.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-light-300-13.woff2
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd30c4a7fb3732d8d1741ce0a3c67d20c67d41332d571931f7bbfc7f7040ed72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.midwestheritage.com
Referer
https://www.midwestheritage.com/

Response headers

cache-control
max-age=31556926
cf-cache-status
HIT
etag
"6695a639-4390"
age
447661
cf-ray
8d385e40dcdbd27a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
17296
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 22:44:09 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
pro-fa-light-300-0.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-light-300-0.woff2
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68485c1de649ab07654b44910ab22b746dab5f400810d107d7995e56d4d88fbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.midwestheritage.com
Referer
https://www.midwestheritage.com/

Response headers

cache-control
max-age=31556926
cf-cache-status
HIT
etag
"6695a639-3c48"
age
4664936
cf-ray
8d385e40dcdfd27a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
15432
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 22:44:09 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-brands-400-0.woff2
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79e9417cf4d24e3c015aad8e60a7c3ccdf12942cf2e7885937ddbcfde2bbd7b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.midwestheritage.com
Referer
https://www.midwestheritage.com/

Response headers

cache-control
max-age=31556926
cf-cache-status
HIT
etag
"6695a637-9204"
age
4429646
cf-ray
8d385e40dce0d27a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
37380
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 22:44:07 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
pro-fa-solid-900-13.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-solid-900-13.woff2
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4fe5429f4540e449f7bfc678c3daa5c1cd63445a218dc1ea929ecbf4d5f1da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.midwestheritage.com
Referer
https://www.midwestheritage.com/

Response headers

cache-control
max-age=31556926
cf-cache-status
HIT
etag
"6695a63f-369c"
age
447661
cf-ray
8d385e40dce4d27a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
13980
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 22:44:15 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-solid-900-12.woff2
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dafa841033726d67b9ca3e8ca8f6535f2ef4ad62ce45e1aab08286c862c6e7c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.midwestheritage.com
Referer
https://www.midwestheritage.com/

Response headers

cache-control
max-age=31556926
cf-cache-status
HIT
etag
"6695a63f-3d88"
age
3864279
cf-ray
8d385e40dce6d27a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
15752
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 22:44:15 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
pro-fa-light-300-21.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-light-300-21.woff2
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b99d2e3e654e15e090d54a61f693a1f14ffb634d7e6c6d4e8e7ab805a64409

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.midwestheritage.com
Referer
https://www.midwestheritage.com/

Response headers

cache-control
max-age=31556926
cf-cache-status
HIT
etag
"6695a639-6cec"
age
4124499
cf-ray
8d385e40dce8d27a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
27884
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 22:44:09 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
pro-fa-light-300-1.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-light-300-1.woff2
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dd27b9a8048aa16ee9080e709b5ccaa41a49395bd24a81242acd2624c8b31ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.midwestheritage.com
Referer
https://www.midwestheritage.com/

Response headers

cache-control
max-age=31556926
cf-cache-status
HIT
etag
"6695a639-46d4"
age
568476
cf-ray
8d385e40dcead27a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
18132
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 22:44:09 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
js
www.googletagmanager.com/gtag/ 		321 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HX2TBTCBEV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML6956
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ae29795259aa3935fcd749a45550a95efcfaa49ad188458e9d51fae94ff44ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 16 Oct 2024 13:24:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108323
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML6956
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

content-encoding
gzip
age
6847
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 13:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 11:30:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
destination
www.googletagmanager.com/gtag/ 		238 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-956694839&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML6956
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
92362377d94ba28a637cf0e5540486b59d01a9dde3f194fc2a00be1efc79d42f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Wed, 16 Oct 2024 13:24:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 16 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
87227
x-xss-protection
0
server
Google Tag Manager
lo.js
tools.luckyorange.com/core/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/core/lo.js?site-id=0f144ee0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML6956
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:da00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
baedbe79b629b2650542bc6671300a75fc88aaacdfa3faed4975591fefaffa56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

content-encoding
gzip
etag
"cf826c613ca8817220b27ee016010218"
age
3439
x-cache
Hit from cloudfront
x-amz-cf-id
dLFxUk0wa5xFRIOvKUd_8z5PV82I7EarMkTnEtIKxIzunlEIzey7-Q==
date
Wed, 16 Oct 2024 12:26:58 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 19 Sep 2024 21:16:34 GMT
cache-control
max-age=3600
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
4675
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
sw_iframe.html
www.googletagmanager.com/static/service_worker/4a90/ Frame ABE4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4a90/sw_iframe.html?origin=https%3A%2F%2Fwww.midwestheritage.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML6956
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Oct 2024 13:24:16 GMT
expires
Thu, 16 Oct 2025 13:24:16 GMT
last-modified
Wed, 09 Oct 2024 09:08:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
.jsonp
lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/ 		505 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
9d09f3ead7e4109398613a1421afee922288a37c4d54dc85bbea7a07cd9dd20e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

x-cache-status
MISS
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public, max-age=630
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
application/x-javascript;charset=UTF-8
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
collect
www.google-analytics.com/j/ 		3 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1140153081&t=pageview&_s=1&dl=https%3A%2F%2Fwww.midwestheritage.com%2F&ul=de-de&de=UTF-8&dt=Your%20home%20for%20all%20your%20banking%20needs%20%7C%20Midwest%20Heritage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABAAAAAC~&jid=1158227117&gjid=711253735&cid=676310624.1729085056&tid=UA-28493477-1&_gid=392669099.1729085056&_slc=1&gtm=45He4ae0n71ML6956v71975901za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101823848&npa=1&z=545105490
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.midwestheritage.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:24:16 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.midwestheritage.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-28493477-1&cid=676310624.1729085056&jid=1158227117&gjid=711253735&_gid=392669099.1729085056&npa=1&_u=YGBAgAABAAAAAG~&z=96165846
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.midwestheritage.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:24:16 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://www.midwestheritage.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-HX2TBTCBEV&gtm=45je4ae0v872308060z871975901za200zb71975901&_p=1729085054967&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529666~101533421~101686685&cid=676310624.1729085056&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729085056&sct=1&seg=0&dl=https%3A%2F%2Fwww.midwestheritage.com%2F&dt=Your%20home%20for%20all%20your%20banking%20needs%20%7C%20Midwest%20Heritage&en=page_view&_fv=1&_ss=1&tfd=2477
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HX2TBTCBEV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.midwestheritage.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HX2TBTCBEV&cid=676310624.1729085056&gtm=45je4ae0v872308060z871975901za200zb71975901&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101529666~101533421~101686685
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HX2TBTCBEV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.midwestheritage.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HX2TBTCBEV&cid=676310624.1729085056&gtm=45je4ae0v872308060z871975901za200zb71975901&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101529666~101533421~101686685&tag_exp=101529666~101533421~101686685&z=890091087
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 16 Oct 2024 13:24:16 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
0f144ee0
settings.luckyorange.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.com/0f144ee0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method
GET
Origin
https://www.midwestheritage.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.midwestheritage.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 16 Oct 2024 13:24:16 GMT
via
1.1 google
0f144ee0
settings.luckyorange.com/ 		149 B
239 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.com/0f144ee0
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=0f144ee0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash
b2e1893a2461579a6234295045d238d4217d4ead509cedff5ded91a09f51fdf5

Request headers

x-lucky-uid
undefined
Referer
https://www.midwestheritage.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
x-lucky-referrer

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.midwestheritage.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
recaptcha__de.js
www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/ 		547 KB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lc4jIIpAAAAAAzoi-rltjOQO73aEtefQsnwKK9A&ver=1.6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
c786995bf890f9ed1a8b1f75ac9db975905b2bad0c88421ebbbc56cf62ea2327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.midwestheritage.com
Referer
https://www.midwestheritage.com/

Response headers

content-encoding
gzip
age
34982
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:41:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:41:14 GMT
last-modified
Mon, 07 Oct 2024 04:02:51 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222727
x-xss-protection
0
server
sffe
/
accdn.lpsnmedia.net/api/account/85467047/configuration/setting/accountproperties/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/85467047/configuration/setting/accountproperties/?cb=accountSettingsCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
0b0afc01c279aaddc65cc12560c0dc0a3ab0b3cbe2e20882ead37d85697df308
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

x-cache-status
EXPIRED
strict-transport-security
max-age=99999999999; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 13:25:16 GMT
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
application/javascript
vary
Accept
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
ui-framework.js
lpcdn.lpsnmedia.net/le_unified_window/10.39.2-release_1487040648/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.39.2-release_1487040648/ui-framework.js?version=10.39.2-release_1487040648
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
dd101610bfdd5074e44f8db73ae061dfbd46c7b6a7c860171e525088e85b6474
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=oKNHqQ==, md5=BYdG3qhck64DJvVkVcqFTw==
content-encoding
br
age
3252
x-content-type-options
nosniff
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
39335
date
Wed, 16 Oct 2024 12:30:04 GMT
last-modified
Sat, 12 Oct 2024 01:42:54 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0H4O6CSR83bY6j6Tk5z5K_J_qG3EPIOAKZ7Rj3XGbJgDa-5frXA3Hcvi3yntHogiZQabc6EhMPog
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public,max-age=31536000
timing-allow-origin
https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class
MULTI_REGIONAL
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1728697374019367
content-length
11797
server
UploadServer
surveylogicinstance.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.39.2-release_1487040648/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.39.2-release_1487040648/surveylogicinstance.min.js?version=10.39.2-release_1487040648
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7fcbc5d3c3265e7038e929c1cff2495764dd435c770852863eb46b9791c49524
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=Qyp3Rw==, md5=paUQAgyh/ZCObtCdJZmPqw==
content-encoding
br
age
3252
x-content-type-options
nosniff
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
7794
date
Wed, 16 Oct 2024 12:30:04 GMT
last-modified
Sat, 12 Oct 2024 01:42:54 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0O2BJ9jMu-stqpJcydW4I3Ga4O_VupHcxoEjBoj97AgFMHKhzQ3cRx_UjIh8TzBBMcOEDDCb4qhA
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public,max-age=31536000
timing-allow-origin
https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class
MULTI_REGIONAL
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1728697373996677
content-length
2275
server
UploadServer
zones
accdn.lpsnmedia.net/api/account/85467047/configuration/le-campaigns/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/85467047/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
98ca0828ad21846424380e6270d18e9ead312fed16e86c23690c64799ecec25f
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

x-cache-status
EXPIRED
strict-transport-security
max-age=99999999999; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 13:25:16 GMT
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
application/javascript
vary
Accept
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
desktopEmbedded.js
lpcdn.lpsnmedia.net/le_unified_window/10.39.2-release_1487040648/ 		1 MB
251 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.39.2-release_1487040648/desktopEmbedded.js?version=10.39.2-release_1487040648
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6ec0004e9601ef913aa70f9aedc379061eb83eff6a8b5ec263c27e0a8d6fdc0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=WQS/Bg==, md5=I8t0PFQxARbJcHS6uWuQKg==
content-encoding
br
age
2736
x-content-type-options
nosniff
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1079573
date
Wed, 16 Oct 2024 12:38:40 GMT
last-modified
Sat, 12 Oct 2024 01:42:53 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY2hZdywRczH10Qn6z5te_yTctGyXE6e7Ae8s3Ums1q5JZGFewJzdkmI3ZJFZuHaWaGNUacwJMG1bw
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public,max-age=31536000
timing-allow-origin
https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class
MULTI_REGIONAL
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1728697373264065
content-length
256813
server
UploadServer
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.30.1-release_1430893787/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.30.1-release_1430893787/storage.secure.min.js?loc=https%3A%2F%2Fwww.midwestheritage.com&site=85467047&env=prod&accdn=accdn.lpsnmedia.net
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8637a49c03e14812f879ff37a81e18684bf001dbd57b50f2979d3da548a9c710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=FIZQ9g==, md5=0KOg156UvS3nvUpch5oB8Q==
content-encoding
br
age
780
x-content-type-options
nosniff
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
44277
date
Wed, 16 Oct 2024 13:11:16 GMT
last-modified
Wed, 04 Sep 2024 01:30:43 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3J6hQ5x1lvJXhO-j5nUZSB2DByfX7YIDhlDLVVDdQQFSsIsC5p-CeK8fioC8ARCKvsg5I
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public,max-age=31536000
timing-allow-origin
https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class
MULTI_REGIONAL
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1725413443361128
content-length
14772
server
UploadServer
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.30.1-release_1430893787/ Frame 1BA0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.30.1-release_1430893787/storage.secure.min.html?loc=https%3A%2F%2Fwww.midwestheritage.com&site=85467047&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.midwestheritage.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1901
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
br
content-length
15740
content-type
text/html
date
Wed, 16 Oct 2024 12:52:35 GMT
last-modified
Wed, 04 Sep 2024 01:30:43 GMT
server
UploadServer
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-goog-generation
1725413443383826
x-goog-hash
crc32c=q+dfQA== md5=B2c9V1IeikQWRHGSV/6emA==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
48187
x-guploader-uploadid
AHmUCY3uxCHbZPkQhe9_LefRWYCHKnesZsWAHMCDGw2YKpyqtxm4YSrupX5TOIlQLgh9mmV1icI
wp-emoji-release.min.js
www.midwestheritage.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.midwestheritage.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by
Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"667d6e6f-4926"
age
75181
cf-ray
8d385e44b83d6885-NRT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:16 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Thu, 27 Jun 2024 13:51:43 GMT
anchor
www.google.com/recaptcha/api2/ Frame 5890 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4jIIpAAAAAAzoi-rltjOQO73aEtefQsnwKK9A&co=aHR0cHM6Ly93d3cubWlkd2VzdGhlcml0YWdlLmNvbTo0NDM.&hl=de&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=j7bkcxr6xfri
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SDSazLTRyye_2ICRgfdPJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.midwestheritage.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-SDSazLTRyye_2ICRgfdPJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Oct 2024 13:24:16 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
85467047
va.v.liveperson.net/api/js/ 		177 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/85467047?&cb=lpCb59051x60893&t=sp&ts=1729085056429&pid=1831620166&tid=7714840776&pt=Your%20home%20for%20all%20your%20banking%20needs%20%7C%20Midwest%20Heritage&u=https%3A%2F%2Fwww.midwestheritage.com%2F&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
aa1868357fc83eff44389e51d731eb4580c52646b259e49f9e692e4a24882ab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
date
Wed, 16 Oct 2024 13:24:17 GMT
content-type
application/javascript
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
cropped-MH-Icon_512-32x32.jpg
www.midwestheritage.com/wp-content/uploads/2023/05/ 		621 B
848 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.midwestheritage.com/wp-content/uploads/2023/05/cropped-MH-Icon_512-32x32.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46fe1941fac77d5960dce1326434eead9c7a46f9d203fc10c89bf4645121f2f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66cf1cd0-26d"
age
74806
cf-cache-status
HIT
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:24:17 GMT
content-type
image/jpeg
last-modified
Wed, 28 Aug 2024 12:49:20 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8d385e4b38006885-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
621
server
cloudflare
85467047
va.v.liveperson.net/api/js/ 		244 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/85467047?&cb=lpCb81997x56709&t=sp&ts=1729085056429&pid=1831620166&tid=7714840776&pt=Your%20home%20for%20all%20your%20banking%20needs%20%7C%20Midwest%20Heritage&u=https%3A%2F%2Fwww.midwestheritage.com%2F&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D&rc=1&vid=Y5MThhN2ZkMWEwMTMwY2U4
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
5cb6aa0203dbb36ce826e919413d044d2570cf48895c77607579cd5422de93e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
date
Wed, 16 Oct 2024 13:24:20 GMT
content-type
application/javascript
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
85467047
va.v.liveperson.net/api/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/85467047?sid=s8wZDgf9QaKJ8YHP4OoRVg&cb=lpCb32134x37270&t=uc&ts=1729085056538&pid=1831620166&tid=7714840776&sdes=%5B%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22MEYOCKSTEST%22%7D%2C%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22help-component-chat%22%7D%2C%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22super-nav-chat-link%22%7D%5D&vid=Y5MThhN2ZkMWEwMTMwY2U4
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
c379d251642d9699b8daa9819253a33c45d1f5fa545fab3d854d8b76c609e63f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
date
Wed, 16 Oct 2024 13:24:20 GMT
content-type
application/javascript
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
overlay.js
lpcdn.lpsnmedia.net/le_re/3.61.0-release_1396603402/jsv2/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_re/3.61.0-release_1396603402/jsv2/overlay.js?_v=3.61.0-release_1396603402
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b0944dfea209566c3a89112514ffa483a8518bcdd8b3f0fab9ad70a08215a97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=EKkzfQ==, md5=poAquYxCNsds+dedc8EI+A==
content-encoding
br
age
1481
x-content-type-options
nosniff
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
9606
date
Wed, 16 Oct 2024 12:59:39 GMT
last-modified
Fri, 16 Aug 2024 01:05:28 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY1M-JyH4GNosYlP4YJbP8s0gsNx0SfKNZcp_IL9cEgJU80RAhq9pZ9ecVB0XfeDwd3k4wR8ZKAsRw
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public,max-age=31536000
timing-allow-origin
https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class
MULTI_REGIONAL
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1723770328298721
content-length
2958
server
UploadServer
UISuite.js
lpcdn.lpsnmedia.net/le_re/3.61.0-release_1396603402/jsv2/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_re/3.61.0-release_1396603402/jsv2/UISuite.js?_v=3.61.0-release_1396603402
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
940af9f2b22109831e80014bf6071cbd08f67e9623804a9b19a0467589046d9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=vyKrSw==, md5=iUFvgKQzwQVwF4GCanS7Qg==
content-encoding
br
age
586
x-content-type-options
nosniff
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
29322
date
Wed, 16 Oct 2024 13:14:34 GMT
last-modified
Fri, 16 Aug 2024 01:05:28 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY1ISYbOeSFdr7rZQ2gQQh8qF5n60Qh9IJ_wsymXDl97nITlOp9KNX__gFyEaLZtsSXdvcA
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public,max-age=31536000
timing-allow-origin
https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class
MULTI_REGIONAL
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1723770328315029
content-length
9298
server
UploadServer
297
accdn.lpsnmedia.net/api/account/85467047/configuration/le-campaigns/campaigns/4159152138/engagements/4159163138/revision/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/85467047/configuration/le-campaigns/campaigns/4159152138/engagements/4159163138/revision/297?v=3.0&cb=lp4159163138&flavor=dependency
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
d2e0576f8b48460b31fa1eafa575074dd97b8f87bbc83a9d521a4bb1f3467dde
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

x-cache-status
EXPIRED
strict-transport-security
max-age=99999999999; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 13:25:20 GMT
date
Wed, 16 Oct 2024 13:24:20 GMT
content-type
application/javascript
vary
Accept
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
212
accdn.lpsnmedia.net/api/account/85467047/configuration/le-campaigns/campaigns/4161029838/engagements/4161032438/revision/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/85467047/configuration/le-campaigns/campaigns/4161029838/engagements/4161032438/revision/212?v=3.0&cb=lp4161032438&flavor=dependency
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
d506d20332ddbf0f163939d1292824a622be3be1a29fd946f2b2f24c0a040b1f
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

x-cache-status
EXPIRED
strict-transport-security
max-age=99999999999; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 13:25:20 GMT
date
Wed, 16 Oct 2024 13:24:20 GMT
content-type
application/javascript
vary
Accept
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
236
accdn.lpsnmedia.net/api/account/85467047/configuration/le-campaigns/campaigns/4143577938/engagements/4157738438/revision/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/85467047/configuration/le-campaigns/campaigns/4143577938/engagements/4157738438/revision/236?v=3.0&cb=lp4157738438&flavor=dependency
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
4c9edc3c713c8ec751ae4c148c5e58d0dfb7fce5baf2366ad85dbfa257c6f324
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

x-cache-status
EXPIRED
strict-transport-security
max-age=99999999999; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 13:25:20 GMT
date
Wed, 16 Oct 2024 13:24:20 GMT
content-type
application/javascript
vary
Accept
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
85467047
va.v.liveperson.net/api/js/ 		111 B
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/85467047?sid=s8wZDgf9QaKJ8YHP4OoRVg&cb=lpCb95376x90682&t=pl&ts=1729085056686&pid=1831620166&tid=7714840776&vid=Y5MThhN2ZkMWEwMTMwY2U4
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
77a51e951d095b7e1557556514d0f335331c37504a52a1b1986e8673d188794b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
date
Wed, 16 Oct 2024 13:24:20 GMT
content-type
application/javascript
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
22888412
accdn.lpsnmedia.net/api/account/85467047/configuration/engagement-window/window-confs/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/85467047/configuration/engagement-window/window-confs/22888412?cb=lpCb64708x18657
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
d7fb277e5f6f14f84cf6acb063f8a041a54ff011adc1bf12f680ee0bce7696ee
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

x-cache-status
EXPIRED
strict-transport-security
max-age=99999999999; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 13:25:20 GMT
date
Wed, 16 Oct 2024 13:24:20 GMT
content-type
application/javascript
vary
Accept
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
3613883738
accdn.lpsnmedia.net/api/account/85467047/configuration/engagement-window/window-confs/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/85467047/configuration/engagement-window/window-confs/3613883738?cb=lpCb75271x32339
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
286b41e2c4db235190ed8af655a443cc3a48e93cd718d3f47c14bd271a13ba10
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

x-cache-status
EXPIRED
strict-transport-security
max-age=99999999999; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 13:25:20 GMT
date
Wed, 16 Oct 2024 13:24:20 GMT
content-type
application/javascript
vary
Accept
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
85467047
va.v.liveperson.net/api/js/ 		41 B
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/85467047?sid=s8wZDgf9QaKJ8YHP4OoRVg&cb=lpCb2749x90980&t=uc&ts=1729085060471&pid=1831620166&tid=7714840776&vid=Y5MThhN2ZkMWEwMTMwY2U4&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A4159152138%2C%22engId%22%3A4159163138%2C%22revision%22%3A297%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
dee58973287ce0e25b22d97883e323ebc486931ea8312c752727b8f65ad4114c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
date
Wed, 16 Oct 2024 13:24:20 GMT
content-type
application/javascript
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
22888412
accdn.lpsnmedia.net/api/account/85467047/configuration/engagement-window/window-confs/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/85467047/configuration/engagement-window/window-confs/22888412?cb=lpCb4803x67642
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
e67e9e368e7cd2388c26a924bba5dd02dd5e3f7cb2760ac992ab12a8d3c462d4
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

x-cache-status
HIT
strict-transport-security
max-age=99999999999; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 13:25:20 GMT
date
Wed, 16 Oct 2024 13:24:20 GMT
content-type
application/javascript
vary
Accept
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
85467047
va.v.liveperson.net/api/js/ 		42 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/85467047?sid=s8wZDgf9QaKJ8YHP4OoRVg&cb=lpCb99939x95055&t=uc&ts=1729085060492&pid=1831620166&tid=7714840776&vid=Y5MThhN2ZkMWEwMTMwY2U4&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A4161029838%2C%22engId%22%3A4161032438%2C%22revision%22%3A212%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%222%22%7D%5D%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
482cf879c2e465173d991738c13f36129a4f0f316be8b043b8f9b1fbe83d792b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
date
Wed, 16 Oct 2024 13:24:20 GMT
content-type
application/javascript
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
85467047
va.v.liveperson.net/api/js/ 		42 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/85467047?sid=s8wZDgf9QaKJ8YHP4OoRVg&cb=lpCb94839x57780&t=uc&ts=1729085060596&pid=1831620166&tid=7714840776&vid=Y5MThhN2ZkMWEwMTMwY2U4&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A4143577938%2C%22engId%22%3A4157738438%2C%22revision%22%3A236%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%223%22%7D%5D%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
0c8fc7da930d6d230809d06c36ab6862c8b44ebf38f943a849d270f43e942c73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.midwestheritage.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
date
Wed, 16 Oct 2024 13:24:20 GMT
content-type
application/javascript
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.midwestheritage.com
URL
blob:https://www.midwestheritage.com/f257df3c-5133-494c-8adb-e3ec8a03d45c

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| dataLayer object| lpTag object| FontAwesomeKitConfig number| uidEvent object| bootstrap object| _wpemojiSettings function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| LO object| gforms_recaptcha_recaptcha_strings object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| _typeof function| ownKeys function| _objectSpread function| _defineProperty function| _toPropertyKey function| _toPrimitive object| lpTaglogListeners object| proxyless object| lpMTagConfig object| recaptcha function| createFrameworkGlobals object| liveperson function| SurveyManager object| STORAGE object| proto function| _stateChanged string| QUESTION_ERROR_TYPE object| __core-js_shared__ object| lpIntlTelInputUtils object| lpIntlTelInputGlobals object| megamenu object| closure_lm_337360 object| twemoji object| wp

7 Cookies

Domain/Path Name / Value
.midwestheritage.com/ Name: _gcl_au
Value: 1.1.1889640292.1729085056
.midwestheritage.com/ Name: _gid
Value: GA1.2.392669099.1729085056
.midwestheritage.com/ Name: _dc_gtm_UA-28493477-1
Value: 1
.midwestheritage.com/ Name: _ga_HX2TBTCBEV
Value: GS1.1.1729085056.1.0.1729085056.60.0.0
.midwestheritage.com/ Name: _ga
Value: GA1.1.676310624.1729085056
.midwestheritage.com/ Name: LPVID
Value: Y5MThhN2ZkMWEwMTMwY2U4
.midwestheritage.com/ Name: LPSID-85467047
Value: s8wZDgf9QaKJ8YHP4OoRVg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
ka-p.fontawesome.com
kit.fontawesome.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
midwestheritagebank.com
region1.analytics.google.com
settings.luckyorange.com
stats.g.doubleclick.net
tools.luckyorange.com
va.v.liveperson.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.mhbank.com
www.midwestheritage.com
www.midwestheritage.com
142.250.185.227
142.250.185.99
142.250.186.100
142.250.74.196
172.67.147.60
172.67.189.188
172.67.190.56
178.249.97.23
178.249.97.99
2001:4860:4802:32::36
208.89.12.87
216.58.206.35
2600:9000:2057:da00:18:6c16:27c0:93a1
2606:4700:4400::ac40:93bc
2a00:1450:4001:811::200e
2a00:1450:4001:813::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c0a::9a
2a04:4e42:200::485
34.107.203.234
34.120.154.120
08b99d2e3e654e15e090d54a61f693a1f14ffb634d7e6c6d4e8e7ab805a64409
0b0afc01c279aaddc65cc12560c0dc0a3ab0b3cbe2e20882ead37d85697df308
0c8fc7da930d6d230809d06c36ab6862c8b44ebf38f943a849d270f43e942c73
1271b0938802a844492c6c6be29a71c6f330d5dae96d2c97fb024da47b6b02f6
1523fff790bea7f4aa0a4f0da92e18620fd0b837e7cbd5bfd6fdaa9ad1d356d8
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22ffdeb96962f183bfb82158f515fdaeff9eb9a589812e0272cb1a9f99579aa5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2823fbfa7b9256867e21af1ecbfbb98583c8ef0e0b495f6f01d862ef58e3d93d
286b41e2c4db235190ed8af655a443cc3a48e93cd718d3f47c14bd271a13ba10
2a5b4be3e2c658c1b01707d4d0a1c1188be1a6dcd0ec5d6a1147b1e10f4cbe67
2ae29795259aa3935fcd749a45550a95efcfaa49ad188458e9d51fae94ff44ee
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2dafa841033726d67b9ca3e8ca8f6535f2ef4ad62ce45e1aab08286c862c6e7c
331b70010ec8aa41336c8ee8910cbb1ee5f8c0558c0eaf470305aeb227d5f98a
38f7774596cd15ebd026074cde2dd12d98a81af30a70aecec689e9899efef0a6
3b0944dfea209566c3a89112514ffa483a8518bcdd8b3f0fab9ad70a08215a97
3b87c0ab1a296a9465421ba9ab0d06134796a226f8c251398919a815ab835636
41704d8589e4826363b6316d6a5e5d6da5f3fdee55723188a25be0524b9399dc
42ffeae687ee562cc3d669407321ce1754cc922ed793e3371efac196b33cbf47
46fe1941fac77d5960dce1326434eead9c7a46f9d203fc10c89bf4645121f2f9
482cf879c2e465173d991738c13f36129a4f0f316be8b043b8f9b1fbe83d792b
4944eb19b4c4b1d44b2e4007e2365ef89006e1592df7d05d70c429cbc14ad6b2
49ec29f9bdc5f2faedaf591cac400acf98c5d5954913bd8deaf7a39a7da366ab
4c9edc3c713c8ec751ae4c148c5e58d0dfb7fce5baf2366ad85dbfa257c6f324
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5bead95a66fd89fd5b1c01e62923e5ad1da07580cb25df5b3cdd73664387ded2
5cb6aa0203dbb36ce826e919413d044d2570cf48895c77607579cd5422de93e8
5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8
68485c1de649ab07654b44910ab22b746dab5f400810d107d7995e56d4d88fbf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d9543291bc76dc3d6a7dbb8b400bb38ad6bb75f295620eee526713813f7ed0a
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f
6ec0004e9601ef913aa70f9aedc379061eb83eff6a8b5ec263c27e0a8d6fdc0d
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
77a51e951d095b7e1557556514d0f335331c37504a52a1b1986e8673d188794b
79e9417cf4d24e3c015aad8e60a7c3ccdf12942cf2e7885937ddbcfde2bbd7b5
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
7fcbc5d3c3265e7038e929c1cff2495764dd435c770852863eb46b9791c49524
842f1cd528ab5c5524c3823905278316eb5fdac0b18fcfa12a191c322acfda5d
8637a49c03e14812f879ff37a81e18684bf001dbd57b50f2979d3da548a9c710
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
8ee0654259fda0bbfeab4305b895e740659613080d90352bd36c1452fd426ef6
9025feddce1a4a3c462a065ba790540331b4315dc0f78076553d212f97aca360
92362377d94ba28a637cf0e5540486b59d01a9dde3f194fc2a00be1efc79d42f
940af9f2b22109831e80014bf6071cbd08f67e9623804a9b19a0467589046d9a
98ca0828ad21846424380e6270d18e9ead312fed16e86c23690c64799ecec25f
9d09f3ead7e4109398613a1421afee922288a37c4d54dc85bbea7a07cd9dd20e
9dd27b9a8048aa16ee9080e709b5ccaa41a49395bd24a81242acd2624c8b31ed
9f5b86efd288bf40b4d94f5e4b0bd436ec560484ea46888e998eb2d54095765c
a1150723cf07153e2eb8681135913424b8e3bbec221536539adf7e3d0841928d
aa1868357fc83eff44389e51d731eb4580c52646b259e49f9e692e4a24882ab8
ae79f4527706f23ebaaf2b92ff1013c85fa6492ec88b051cff8e42f2e45bb6b8
ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582
b2e1893a2461579a6234295045d238d4217d4ead509cedff5ded91a09f51fdf5
baedbe79b629b2650542bc6671300a75fc88aaacdfa3faed4975591fefaffa56
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c379d251642d9699b8daa9819253a33c45d1f5fa545fab3d854d8b76c609e63f
c58f7803ad28ceaa9111101f40aa36df0ac7fe9690549e654a7a060354b95355
c786995bf890f9ed1a8b1f75ac9db975905b2bad0c88421ebbbc56cf62ea2327
c9563278d26f583e72e50d7b6bf2dec52fb49347c1c5a7620f303e6c212d31bd
c985a3b656752b398e449d181229abb40cb6a1d50b0a14a7b375edd488f7e6e6
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf4fe5429f4540e449f7bfc678c3daa5c1cd63445a218dc1ea929ecbf4d5f1da
d2e0576f8b48460b31fa1eafa575074dd97b8f87bbc83a9d521a4bb1f3467dde
d506d20332ddbf0f163939d1292824a622be3be1a29fd946f2b2f24c0a040b1f
d7fb277e5f6f14f84cf6acb063f8a041a54ff011adc1bf12f680ee0bce7696ee
db5ba5b8a1b6ba0b77ce7c5711797d839feced4aa3a3140009d46bd19e81362f
dd101610bfdd5074e44f8db73ae061dfbd46c7b6a7c860171e525088e85b6474
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de77aed14166ff6c0bee39653090b8cc6eaa2230de83630de11ebfc5f108fa46
dee58973287ce0e25b22d97883e323ebc486931ea8312c752727b8f65ad4114c
dfd6a26b69807c78fe2978086588346e519de4fb087d32e02d5b9e2187cef2f8
e2cfcedba40b99655db54cb6bab8d7eedefb7b6d531da46a1276b6a8dba686c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5588ce889d6a0560724bababe001d0d69f84b8d3ef0c713fe3edc1c439c12ea
e67e9e368e7cd2388c26a924bba5dd02dd5e3f7cb2760ac992ab12a8d3c462d4
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fdba09e5424857290d8e5aa6beb9953d22465dd8cd82e760e549a3f0663320
fd30c4a7fb3732d8d1741ce0a3c67d20c67d41332d571931f7bbfc7f7040ed72