heritageaction.com Open in urlscan Pro
2606:4700:20::681a:819 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heritageaction.com/
Effective URL:
https://heritageaction.com/
Submission: On November 21 via manual (November 21st 2023, 6:31:43 pm UTC) from US — Scanned from DE

Summary HTTP 62 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 16 domains to perform 62 HTTP transactions. The main IP is 2606:4700:20::681a:819, located in United States and belongs to CLOUDFLARENET, US. The main domain is heritageaction.com. The Cisco Umbrella rank of the primary domain is 791671.
TLS certificate: Issued by GTS CA 1P5 on November 19th 2023. Valid for: 3 months.

This is the only time heritageaction.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	2606:4700:20:... 2606:4700:20::681a:819	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:440... 2606:4700:4400::6812:21b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
2	184.31.85.59 184.31.85.59	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
6	104.16.96.80 104.16.96.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 4	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	178.128.135.233 178.128.135.233	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
62	19

5 2606:4700:20::681a:819 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

heritageaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:4400::6812:21b8 (United States)

ASN13335 (CLOUDFLARENET, US)

hafa.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

a.opmnstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.31.85.59 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-85-59.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.96.80 (None, )

ASN13335 (CLOUDFLARENET, US)

app-ab04.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

824-mht-304.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o60658.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.135.233 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

z.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	opmnstr.com a.opmnstr.com — Cisco Umbrella Rank: 21222	78 KB
9	digitaloceanspaces.com hafa.nyc3.cdn.digitaloceanspaces.com	912 KB
6	marketo.com app-ab04.marketo.com — Cisco Umbrella Rank: 173084	145 KB
5	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5303 api.omappapi.com — Cisco Umbrella Rank: 5594 z.omappapi.com — Cisco Umbrella Rank: 12893	38 KB
5	heritageaction.com 1 redirects heritageaction.com — Cisco Umbrella Rank: 791671	1 MB
4	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 110	494 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	158 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
2	gstatic.com fonts.gstatic.com	16 KB
2	sentry.io o60658.ingest.sentry.io — Cisco Umbrella Rank: 876400	478 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	131 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3497	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	903 B
1	mktoresp.com 824-mht-304.mktoresp.com — Cisco Umbrella Rank: 222356	318 B
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 68
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4015	28 KB
62	16

	Domain	Requested by
16	a.opmnstr.com	heritageaction.com a.opmnstr.com
9	hafa.nyc3.cdn.digitaloceanspaces.com	heritageaction.com
6	app-ab04.marketo.com	heritageaction.com app-ab04.marketo.com
5	heritageaction.com	1 redirects heritageaction.com
4	www.facebook.com	1 redirects heritageaction.com
4	connect.facebook.net	heritageaction.com connect.facebook.net
3	a.omappapi.com	a.opmnstr.com browser.sentry-cdn.com
2	fonts.gstatic.com	fonts.googleapis.com
2	o60658.ingest.sentry.io	browser.sentry-cdn.com
2	www.google-analytics.com	heritageaction.com www.google-analytics.com
2	www.googletagmanager.com	heritageaction.com www.google-analytics.com
2	munchkin.marketo.net	heritageaction.com munchkin.marketo.net
1	z.omappapi.com	browser.sentry-cdn.com
1	fonts.googleapis.com	a.opmnstr.com
1	region1.google-analytics.com	www.googletagmanager.com
1	api.omappapi.com	browser.sentry-cdn.com
1	824-mht-304.mktoresp.com	munchkin.marketo.net
1	www.youtube.com	heritageaction.com
1	browser.sentry-cdn.com	heritageaction.com
62	19

This site contains links to these domains. Also see Links.

Domain
donate.heritageaction.com
www.heritage.org
keyword-connect.com
saveourschools.com
saveourelections.com
esghurts.com
twitter.com
www.facebook.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
heritageaction.com GTS CA 1P5	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-04`	a year	crt.sh
a.opmnstr.com R3	`2023-11-18` - `2024-02-16`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-31` - `2023-11-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
app-ab04.marketo.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
a.omappapi.com R3	`2023-11-18` - `2024-02-16`	3 months	crt.sh
api.opmnstr.com Amazon RSA 2048 M01	`2023-03-01` - `2024-02-08`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
z.omappapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://heritageaction.com/
Frame ID: 438AFB41969BEECE7EC04EFC928FB3BD
Requests: 60 HTTP requests in this frame

Frame: https://www.youtube.com/embed/443NZ_0gy0Q?wmode=transparent&autoplay=1&rel=0&modestbranding=1
Frame ID: C7886FE86CFE29BE52921793B95E5EF3
Requests: 1 HTTP requests in this frame

Frame: https://app-ab04.marketo.com/index.php/form/XDFrame
Frame ID: 92C7A04C3AAFDB7C1969510CA52343BF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Heritage Action For America

Page URL History Show full URLs

http://heritageaction.com/ HTTP 301
https://heritageaction.com/ Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Marketo Forms (Widgets) Expand

Overall confidence: 100%
Detected patterns

marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

62
Requests

98 %
HTTPS

67 %
IPv6

16
Domains

19
Subdomains

19
IPs

3
Countries

3001 kB
Transfer

8731 kB
Size

13
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://donate.heritageaction.com/storefront/
Title: Shop

Search URL Search Domain Scan URL

URL: https://donate.heritageaction.com/
Title: DONATE

Search URL Search Domain Scan URL

URL: https://www.heritage.org/fighting-for-americas-future
Title: Read our seven-point agenda

Search URL Search Domain Scan URL

URL: https://keyword-connect.com/s/?q=Washington
Title: Washington

Search URL Search Domain Scan URL

URL: https://donate.heritageaction.com/donate
Title: Donate Now

Search URL Search Domain Scan URL

URL: https://saveourschools.com/

Search URL Search Domain Scan URL

URL: https://saveourelections.com/

Search URL Search Domain Scan URL

URL: https://esghurts.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/Heritage_Action

Search URL Search Domain Scan URL

URL: https://www.facebook.com/heritageforamerica/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/HeritageForAmerica

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heritageaction/

Search URL Search Domain Scan URL

URL: https://www.heritage.org/
Title: The Heritage Foundation

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heritageaction.com/ HTTP 301
https://heritageaction.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://www.facebook.com/tr/?id=955848961510457&ev=PageView&dl=https%3A%2F%2Fheritageaction.com%2F&rl=&if=false&ts=1700591497650&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700591497542.1495414828&ler=empty&it=1700591497168&coo=false&rqm=GET HTTP 302
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fheritageaction.com%2F&ec=0&ev=PageView&fbp=fb.1.1700591497542.1495414828&id=955848961510457&if=false&it=1700591497168&ler=empty&o=4126&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1700591497650&v=2.9.138

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
heritageaction.com/
Redirect Chain

http://heritageaction.com/
https://heritageaction.com/

51 KB
13 KB

352ms
253ms

Document
text/html

2606:4700:20::681a:819
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:819 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Craft CMS

Resource Hash

155061c25225c032f5030bcfde8964d8d6f4349a6500378f73edb99d462358c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, s-maxage=31536000, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 829b02b25dfe4da4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 18:31:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAkqTmJcdRwAGuMndLW5uQjBkHQlvq2zrUK5D6qxMNqEsFm8RKEPUr4DqWAlM97Cty%2B3Loy1ICGR%2FXdFN2RctGRxA6nme7ShuvDgca2tzlXBNi6cR2w%2F5Ld842AuDbykndQdhGhv5Ynuyv37kTMUSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Craft CMS
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 829b02b15ffb2c62-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 21 Nov 2023 18:31:35 GMT
Expires: Tue, 21 Nov 2023 19:31:35 GMT
Location: https://heritageaction.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PIlKMHfb3%2Fqxz76N2BVDUmnRiux%2Fh6I%2F%2BwKUmnqq%2BeziorAezQbyysHQK3aN0Ez3Fe0x%2BVxDDipqJJfQLXYznatieyd%2Bew2F0po6TOdaN2SRJTi9%2FBQQjes8bR1Y4s8mhxHkuIN9kXbjm5yIRXKqw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 app.css
heritageaction.com/css/ 423 KB
75 KB 61ms
59ms Stylesheet
text/css 2606:4700:20::681a:819
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heritageaction.com/css/app.css?id=0170756e98d22908ca16e78c9b1345cb

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:819 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3034363efff30e216fdf286e8d4b2d8c87ba12403e72a14247bc346a6c4358d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6076
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Oct 2023 17:16:11 GMT
server: cloudflare
etag: W/"653fe4db-69cd9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQLBGtxVDj0gMD52JmuiUd4vYSpWCIwW8BdnZhRMXi2J4LYqNi37hHs87r4Jd%2BM6%2Fe0bGdaA1mwCEd31X%2Fi3fNineUssUvwZ5aDWDMS1kzrDFH5iqkco66tpVSF6i4n%2FqNRsIZi%2BUCd07Jq6byoBhw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 829b02b3f81d4da4-FRA

GET
H2 200 v3.css
heritageaction.com/css/ 153 KB
29 KB 59ms
58ms Stylesheet
text/css 2606:4700:20::681a:819
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heritageaction.com/css/v3.css?id=1317faa0b532c483c55c816bca78cca9

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:819 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c1047951411859aedf48b5a20d7af2efcd4226217bd0d0589a23ebdd59c56ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6076
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Oct 2023 17:16:11 GMT
server: cloudflare
etag: W/"653fe4db-26251"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7umzEQURXHNOVoZ4Xaa3%2FFeUmBsBurtyBFoxxB6ijtcE%2B%2FWaW9SQ3pV3hAPw2LrJXIKj01zBRB4cD1fNlvmAFYQalT4b%2FZORqbSChBpt56wtCmy3BRtMg8yKMVp1tHoMwenQcjqmqeZFe%2Bcnf7VdlA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 829b02b3f8204da4-FRA

GET
H2 200 Secure-the-Border.png
hafa.nyc3.cdn.digitaloceanspaces.com/assets/_640x480_crop_center-center_none/ 321 KB
322 KB 295ms
157ms Image
image/png 2606:4700:4400::6812:21b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hafa.nyc3.cdn.digitaloceanspaces.com/assets/_640x480_crop_center-center_none/Secure-the-Border.png

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

186fb8e6ecdeeaf48020f569ae152dcf5eaf2525cd2aaaebc16ce02c6cf637d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx000000000000060ff284c-006557cfb2-4d33653d-nyc3b
x-envoy-upstream-healthchecked-cluster
content-length: 329124
last-modified: Tue, 28 Mar 2023 16:24:45 GMT
server: cloudflare
etag: "3c9bafb20d26ee0ec050174a537277ee"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: 2c77dafc-ca5b-4f99-a706-d28f4c212ac1
x-rgw-object-type: Normal
cache-control: max-age=3600, must-revalidate
accept-ranges: bytes
cf-ray: 829b02b4def7364f-FRA

GET
H2 200 police-pledge-logo-400.svg
hafa.nyc3.cdn.digitaloceanspaces.com/assets/_logoCloud/ 25 KB
8 KB 339ms
200ms Image
image/svg+xml 2606:4700:4400::6812:21b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hafa.nyc3.cdn.digitaloceanspaces.com/assets/_logoCloud/police-pledge-logo-400.svg

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed72b51b817a86a5a74311951fcee9061524e08dd895bd1bcf50ef0f70355176

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 02 Nov 2023 15:03:25 GMT
server: cloudflare
x-amz-request-id: tx000000000000060fff373-006557cfb2-4d30364f-nyc3b
etag: W/"808509ddaa894a50bc4c8fc97f4730bf"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/svg+xml
x-do-cdn-uuid: 2c77dafc-ca5b-4f99-a706-d28f4c212ac1
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 829b02b4cef0364f-FRA

GET
H2 200 schools-logo-400.svg
hafa.nyc3.cdn.digitaloceanspaces.com/assets/_logoCloud/ 9 KB
4 KB 226ms
201ms Image
image/svg+xml 2606:4700:4400::6812:21b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hafa.nyc3.cdn.digitaloceanspaces.com/assets/_logoCloud/schools-logo-400.svg

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b063340043e47f5cf67a5121bc3199765abbdd829c3d66d055bb23edf718230a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 02 Nov 2023 15:03:20 GMT
server: cloudflare
x-amz-request-id: tx000000000000060ff2886-006557cfb3-4d33653d-nyc3b
etag: W/"1b47b1ca461faa75c43bc98ec38767e3"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/svg+xml
x-do-cdn-uuid: 2c77dafc-ca5b-4f99-a706-d28f4c212ac1
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 829b02b4defa364f-FRA

GET
H2 200 elections-logo-400.svg
hafa.nyc3.cdn.digitaloceanspaces.com/assets/_logoCloud/ 14 KB
3 KB 451ms
426ms Image
image/svg+xml 2606:4700:4400::6812:21b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hafa.nyc3.cdn.digitaloceanspaces.com/assets/_logoCloud/elections-logo-400.svg

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68d56d83622570782ff69e654a6f90c81271f6c207d27b4bd704f8bdb5c91888

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 02 Nov 2023 15:03:22 GMT
server: cloudflare
x-amz-request-id: tx000000000000060ff2a05-006557cfb3-4d35fff7-nyc3b
etag: W/"c7411287e0ef55366870ff07a35671c2"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/svg+xml
x-do-cdn-uuid: 2c77dafc-ca5b-4f99-a706-d28f4c212ac1
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 829b02b4def8364f-FRA

GET
H2 200 Asset-1.svg
hafa.nyc3.cdn.digitaloceanspaces.com/assets/_logoCloud/ 675 KB
270 KB 267ms
243ms Image
image/svg+xml 2606:4700:4400::6812:21b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hafa.nyc3.cdn.digitaloceanspaces.com/assets/_logoCloud/Asset-1.svg

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72bfd89c83a0feaa119c6b84f75fc2b9a38a8d8ccca0e35858500fd985c8b42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 02 Nov 2023 15:03:28 GMT
server: cloudflare
x-amz-request-id: tx000000000000060ff327e-006557cfb3-4cff3ece-nyc3b
etag: W/"09d065d01dbb1213ba33abf007e3c3e8"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/svg+xml
x-do-cdn-uuid: 2c77dafc-ca5b-4f99-a706-d28f4c212ac1
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 829b02b4defb364f-FRA

GET
H2 200 app.js Show response
heritageaction.com/js/ 5 MB
1 MB 167ms
166ms Script
application/javascript 2606:4700:20::681a:819
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heritageaction.com/js/app.js?id=3a0b6e153e8b5843daf44a81e11c1012

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:819 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d34a893380600818dd9b2737a64a3acb09ace84e4e777cb746f0dafba9c2c701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 30 Oct 2023 17:16:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"653fe4db-4c5c66"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZQoFNz84hH3HVF5RzaLinvzLluNeL3HxYF7r4hIzLCRv6NEquhw%2FQxw8nLVMaNkfmAXL8JaaUSrvA3f5wIWzpZTjSl1flHD0JDDQzbCfXfDjheestlVh00AFJ5liXeJkcGw36OLLS%2BKGaJDBjWorw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 829b02b4a9204da4-FRA
x-xss-protection: 1; mode=block

GET
H2 200 api.min.js Show response
a.opmnstr.com/app/js/ 51 KB
18 KB 582ms
95ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/api.min.js
Requested by: Host: heritageaction.com
URL: https://heritageaction.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: b18b7934fcad866d7a86f35e082d61323a9417ef10ded37e30c710dae0d38df4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:36 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-676
cdn-cachedat: 11/21/2023 16:40:45
cdn-pullzone: 293267
last-modified: Wed, 08 Nov 2023 17:53:19 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 728
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"654bcb0f-cb9a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 36795d7a31770903a785d4d20ffee251
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bundle.tracing.min.js Show response
browser.sentry-cdn.com/6.3.5/ 91 KB
28 KB 546ms
58ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.3.5/bundle.tracing.min.js

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

95452478d798faa9db5f23a8cf358c1e82f3082fc8104679b7eb73f75c287427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://heritageaction.com/
Origin: https://heritageaction.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 30 Apr 2021 13:15:51 GMT
server: Fastly
age: 3032449
etag: "3abdd6e4253eae66b666d0886a4950a3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 28391
expires: Thu, 19 Sep 2024 07:58:01 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 534ms
48ms Script
application/x-javascript 184.31.85.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: heritageaction.com
URL: https://heritageaction.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.85.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-85-59.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 18:31:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 125 KB
47 KB 549ms
62ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P3QX48X

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cff876d2cbba6ba93ca4875868a25ca037ad4364d68626b9374d28106e8354b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47643
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Nov 2023 18:31:36 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 514ms
42ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 Nov 2023 18:31:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: JTVrsfUCVr0iPzL3+MbrQd2DULfrvYNKjya8gzrkZd1TF/pLHcu1xXfu2XZDgocN0Vtq8Ph639AQpey7Q3439g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 264ms
45ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Nov 2023 17:19:54 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4302
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 21 Nov 2023 19:19:54 GMT

GET
H2 200 443NZ_0gy0Q
www.youtube.com/embed/ Frame C788 0
0 615ms
130ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/443NZ_0gy0Q?wmode=transparent&autoplay=1&rel=0&modestbranding=1

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heritageaction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 18:31:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 join-fight_190528_210541.jpg
hafa.nyc3.cdn.digitaloceanspaces.com/assets/ 21 KB
21 KB 208ms
201ms Image
image/jpeg 2606:4700:4400::6812:21b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hafa.nyc3.cdn.digitaloceanspaces.com/assets/join-fight_190528_210541.jpg

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a30e2ec2704a73e0503ac8c1969842fc52f05351e86a7feba35daa011be484f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx000000000000060ff2898-006557cfb3-4d3039d8-nyc3b
x-envoy-upstream-healthchecked-cluster
content-length: 21357
last-modified: Wed, 16 Jun 2021 14:07:04 GMT
server: cloudflare
etag: "2a21fdbd62a2af5627cb86e48e9216f0"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 2c77dafc-ca5b-4f99-a706-d28f4c212ac1
x-rgw-object-type: Normal
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 829b02b4defd364f-FRA

GET
H2 200 sentinel-1_190528_210408.jpg
hafa.nyc3.cdn.digitaloceanspaces.com/assets/ 193 KB
193 KB 217ms
205ms Image
image/jpeg 2606:4700:4400::6812:21b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hafa.nyc3.cdn.digitaloceanspaces.com/assets/sentinel-1_190528_210408.jpg

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6214ed4c7b8b8b0695d5c7b064583eaf0f636359bfc1063126cb49cb7be87c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx000000000000060fff4f4-006557d03b-4d3039d8-nyc3b
x-envoy-upstream-healthchecked-cluster
content-length: 197522
last-modified: Wed, 16 Jun 2021 14:04:46 GMT
server: cloudflare
etag: "b8d888d9f803e790f6f6623d60d30bf7"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 2c77dafc-ca5b-4f99-a706-d28f4c212ac1
x-rgw-object-type: Normal
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 829b02b668ed364f-FRA

GET
H2 200 take-action_190528_210444.jpg
hafa.nyc3.cdn.digitaloceanspaces.com/assets/ 20 KB
20 KB 187ms
176ms Image
image/jpeg 2606:4700:4400::6812:21b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hafa.nyc3.cdn.digitaloceanspaces.com/assets/take-action_190528_210444.jpg

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44a563386351f9309ff24a4fe265f01196b583177ff6b8bfbcd691e92781bb04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx000000000000060fff515-006557d03b-4d33653d-nyc3b
x-envoy-upstream-healthchecked-cluster
content-length: 20308
last-modified: Wed, 16 Jun 2021 14:04:29 GMT
server: cloudflare
etag: "dcd1b56d11baaab8684ea32b949e01bc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 2c77dafc-ca5b-4f99-a706-d28f4c212ac1
x-rgw-object-type: Normal
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 829b02b668ef364f-FRA

GET
H2 200 HAFA_yourMembers.jpg
hafa.nyc3.cdn.digitaloceanspaces.com/congress/ 68 KB
69 KB 85ms
74ms Image
image/jpeg 2606:4700:4400::6812:21b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hafa.nyc3.cdn.digitaloceanspaces.com/congress/HAFA_yourMembers.jpg

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e48047a9a98e496733ee9e108874bdbf347154c21b0137f8e0a9746b11864157

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx000000000000060fff4fc-006557d03b-4d3039d8-nyc3b
x-envoy-upstream-healthchecked-cluster
content-length: 70069
last-modified: Fri, 01 Nov 2019 19:11:27 GMT
server: cloudflare
etag: "86dc03a9adc52ae1c6e5d13db3d5878f"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 2c77dafc-ca5b-4f99-a706-d28f4c212ac1
x-rgw-object-type: Normal
cache-control: max-age=28800, must-revalidate
accept-ranges: bytes
cf-ray: 829b02b668f1364f-FRA

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 46ms
46ms Script
application/x-javascript 184.31.85.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.85.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-85-59.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 18:31:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Thu, 29 Feb 2024 18:31:36 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
222 B 49ms
46ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=213647194&t=pageview&_s=1&dl=https%3A%2F%2Fheritageaction.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Heritage%20Action%20For%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2093670942&gjid=1394722374&cid=1357913741.1700591497&tid=UA-16902633-8&_gid=1901137087.1700591497&_r=1&_slc=1&z=1829715240

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e4caed5b501091ffcdd32b8110abef32f8c2b35ebb008138503c21f978c1254e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://heritageaction.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 18:31:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heritageaction.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 forms2.min.js Show response
app-ab04.marketo.com/js/forms2/js/ 208 KB
70 KB 287ms
67ms Script
application/x-javascript 104.16.96.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab04.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/js/app.js?id=3a0b6e153e8b5843daf44a81e11c1012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.96.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6ff9c0c443a9050137759816c352d43e96a673bb4023c2ba231cdbed6fe6f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 18 Oct 2023 05:14:57 GMT
server: cloudflare
age: 475
etag: "2fc1fbe-3414b-607f6b86fa076"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 829b02ba7c5e4db0-FRA
expires: Tue, 21 Nov 2023 22:31:37 GMT

POST
H/1.1 200
OK visitWebPage
824-mht-304.mktoresp.com/webevents/ 2 B
318 B 818ms
126ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://824-mht-304.mktoresp.com/webevents/visitWebPage?_mchNc=1700591497135&_mchCn=&_mchId=824-MHT-304&_mchTk=_mch-heritageaction.com-1700591497134-20259&_mchHo=heritageaction.com&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 18:31:37 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 597d8cc4-a493-4d92-b9c1-3422d2bb399d

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 10 KB
3 KB 775ms
295ms Stylesheet
text/css 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 85016d81a1b51d8867123c56433b2e638844aac2e3dfe64fd79acc1f11c6f983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-661
cdn-cachedat: 11/21/2023 16:40:45
cdn-pullzone: 293267
last-modified: Wed, 08 Nov 2023 17:53:44 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 728
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"654bcb28-2644"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 66c9d3f6f6e0543067547e360390ef6d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 61447 Show response
api.omappapi.com/v2/embed/ 3 KB
2 KB 240ms
139ms XHR
application/json 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/61447?d=heritageaction.com
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.3.5/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 6cf6a02745f04d55883fef3ed25177aebb3e9e11db85c6d310807d3803770e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: gzip
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: HIT
x-cache: Miss from cloudfront
x-optinmonster-account: 69209
x-user-agent: standard--
last-modified: Mon, 03 Apr 2023 20:31:36 GMT
server: Pagely Gateway/1.5.1
etag: W/"8ea99f38b44be6924873969348099922"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: crUPt_qkXv6qjpolunGB_RqAsgO8NWyPktCTwDjLSlxhzhAvMKBBJA==
expires: Tue, 21 Nov 2023 18:21:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
84 KB 64ms
64ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B6KRKX65NF&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f862a01d7a18af184a3408e8e745eba7b1effba42b7b42ee51d9a1454d17ba3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86278
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Nov 2023 18:31:37 GMT

GET
H2 200 566242140145878 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 98ms
98ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/566242140145878?v=2.9.138&r=stable&domain=heritageaction.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03a9755cba5c0eb95142f6b51085f53e4714697a80eb244bf241c547f1fff4a6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 Nov 2023 18:31:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: BEspRunDXYqYyX23HkrBqxmbl/JtX7dcFLUw/7lgM78N/uls0JH4A4abJTHxeAwRJ3nWXRGhUFVAv5gWutoMig==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
o60658.ingest.sentry.io/api/6247534/store/ 41 B
373 B 203ms
50ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o60658.ingest.sentry.io/api/6247534/store/?sentry_key=5911589d325e4dc18728517ee3ddba2c&sentry_version=7

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.3.5/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

51c36ed8ad7b4df950de8fd1e711c7dbb7dc566f77b5674cd0e5a52e499b7b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://heritageaction.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 217ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B6KRKX65NF&gtm=45je3b81v9125670932&_p=1700591496408&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1357913741.1700591497&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fheritageaction.com%2F&dt=Home%20%7C%20Heritage%20Action%20For%20America&sid=1700591497&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1550
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B6KRKX65NF&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 18:31:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heritageaction.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 521982118334171 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 127ms
94ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/521982118334171?v=2.9.138&r=stable&domain=heritageaction.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fab87c1c832760ef2d6dc2fd17730ae19d89d553063408e5c8b26e7fc6ac6264

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 Nov 2023 18:31:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: qk5PdRrkJgcEWmbN6g9d190+oId2FAoA3mdxtWXD/a1Aj6/Kwtv13T/Uin6pi3hAWcr/DRL+OCWF3y9+mBl4CQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5.c3191d3c.min.js Show response
a.opmnstr.com/app/js/ 16 KB
6 KB 177ms
131ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/5.c3191d3c.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 745b79544835c8ee16198c039bdde0b6ec42333c0f830df5770bd4dcd60a6ac6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-676
cdn-cachedat: 11/21/2023 16:40:45
cdn-pullzone: 293267
last-modified: Wed, 25 Oct 2023 17:45:58 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 709
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65395456-4146"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 5a5afeb3fe0b3f447f236748d574cc7d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 getForm Show response
app-ab04.marketo.com/index.php/form/ 5 KB
2 KB 625ms
625ms Script
application/javascript 104.16.96.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-ab04.marketo.com/index.php/form/getForm?munchkinId=824-MHT-304&form=2331&url=https%3A%2F%2Fheritageaction.com%2F&callback=jQuery112405715809846581124_1700591497470&_=1700591497471
Requested by: Host: app-ab04.marketo.com
URL: https://app-ab04.marketo.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.96.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f81c5efc8d76550eb948cb0f24d57a5a44aac401d7e34b5f3783a9b5e10a08f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-form-service-request-id: 6da0#18bf326f1a1
x-marketo-source: Form Service
cf-ray: 829b02bb5da04db0-FRA
cached: false

GET
H3 200 955848961510457 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 98ms
98ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/955848961510457?v=2.9.138&r=stable&domain=heritageaction.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17b29ad04ca3603f3d836454a3de7c7641495a26562fcdf323b23481eba70807

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 Nov 2023 18:31:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: yoNaqDRRPE+MnTmGSpZD0OeY6jmtfwkwkPxENX5exBaxH4a+sflAcZ7Ie1UqVUQ3LKUS5Q+aYyvATpWaXgWj4Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 121ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=566242140145878&ev=PageView&dl=https%3A%2F%2Fheritageaction.com%2F&rl=&if=false&ts=1700591497543&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700591497542.1495414828&ler=empty&it=1700591497168&coo=false&rqm=GET

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 21 Nov 2023 18:31:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 120ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=521982118334171&ev=PageView&dl=https%3A%2F%2Fheritageaction.com%2F&rl=&if=false&ts=1700591497545&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700591497542.1495414828&ler=empty&it=1700591497168&coo=false&rqm=GET

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 21 Nov 2023 18:31:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 4.1dae6b4d.min.js Show response
a.opmnstr.com/app/js/ 48 KB
14 KB 149ms
149ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/4.1dae6b4d.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 8d7293476de0d15a9417a6f896f642845e90a174c74455e095f5f9a69768b51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-588
cdn-cachedat: 11/21/2023 16:40:45
cdn-pullzone: 293267
last-modified: Wed, 01 Nov 2023 17:12:10 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"654286ea-c029"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 13318976b6e4060a6ddc44df110e1a2b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=955848961510457&ev=PageView&dl=https%3A%2F%2Fheritageaction.com%2F&rl=&if=false&ts=1700591497650&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.170059149754...
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fheritageaction.com%2F&ec=0&ev=PageView&fbp=fb.1.1700591497542.1495414828&id=955848961510457&if=false&it=1700591497168&ler=empty&o=4126&r=stab...

0
31 B

40ms
39ms

Image
text/plain

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fheritageaction.com%2F&ec=0&ev=PageView&fbp=fb.1.1700591497542.1495414828&id=955848961510457&if=false&it=1700591497168&ler=empty&o=4126&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1700591497650&v=2.9.138

Requested by

Host: heritageaction.com
URL: https://heritageaction.com/

Protocol

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 21 Nov 2023 18:31:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 18:31:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
content-type: text/plain
location: /tr/?coo=false&dl=https%3A%2F%2Fheritageaction.com%2F&ec=0&ev=PageView&fbp=fb.1.1700591497542.1495414828&id=955848961510457&if=false&it=1700591497168&ler=empty&o=4126&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1700591497650&v=2.9.138
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 20.1d4b97e9.min.js Show response
a.opmnstr.com/app/js/ 4 KB
2 KB 142ms
142ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/20.1d4b97e9.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: e1b149f9dffc3130750034a65c4a1d2cbefe7ffcef67fcb368f292a065aabeef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-383
cdn-cachedat: 11/21/2023 16:40:45
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:38 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2a-1062"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 6a9af81a751f1d6b7ce8023860d28e91
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 19.b93023b7.min.js Show response
a.opmnstr.com/app/js/ 4 KB
3 KB 113ms
112ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/19.b93023b7.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 263c3a799ea39e2db3c3347bab23a9f98990d9d9633d2d8b833d8766c3dc2b36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-588
cdn-cachedat: 11/21/2023 16:40:45
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:40 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2c-10b0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: a1c969161d245a7286279f448197d418
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 27.78393e5b.min.js Show response
a.opmnstr.com/app/js/ 6 KB
3 KB 137ms
136ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/27.78393e5b.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 5405f21fd05a73a76a85b2021b366df4dcd00dd93ad956d671776622ea5e1ffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-676
cdn-cachedat: 11/21/2023 16:40:45
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:43 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2f-1973"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 5b50da1907dc5fa0a251b375d2223e34
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 32.b9065693.min.js Show response
a.opmnstr.com/app/js/ 11 KB
5 KB 109ms
109ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/32.b9065693.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 11/21/2023 16:40:45
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:33 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f25-2c41"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: adadaa8c07d017c051323284ed621363
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10.970fc188.min.js Show response
a.opmnstr.com/app/js/ 33 KB
10 KB 131ms
131ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/10.970fc188.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 17c637303b3f9d684a1cd953b7999c1c75dc76b644a82dccf29303710d3990af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 11/21/2023 16:40:45
cdn-pullzone: 293267
last-modified: Wed, 01 Nov 2023 17:12:12 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"654286ec-82ae"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: c8fd0ca06ceb6ef56fd6900724a071dd
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.514c5def.min.js Show response
a.opmnstr.com/app/js/ 7 KB
3 KB 397ms
397ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/0.514c5def.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: a0746aee5a2b0032d3d664b8383d97bb3e1f0dce11ececfa1258072a704b1a72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:38 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-676
cdn-cachedat: 11/21/2023 16:40:45
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:37 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f29-1d49"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 3752956eedbac7e4c487142dc9fda76a
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9.c66ab701.min.js Show response
a.opmnstr.com/app/js/ 2 KB
2 KB 106ms
106ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/9.c66ab701.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 8ad9a6bcdc20b0bb29576b861332e7b11719bd11af68024d7676724574070f05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-662
cdn-cachedat: 11/21/2023 16:40:45
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 18:28:00 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"650896b0-879"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 8e7d8f651905ebc3717892889137bcb2
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 11.38e902ad.min.js Show response
a.opmnstr.com/app/js/ 3 KB
2 KB 175ms
175ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/11.38e902ad.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: c110d3e795d9bcb956d5c9ef500d23c7e480a259519d383d5c626293ee413815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-587
cdn-cachedat: 11/21/2023 16:40:45
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:37 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f29-a40"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 266f413650428ea00fadcb8200ba073d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 28.377be946.min.js Show response
a.opmnstr.com/app/js/ 3 KB
2 KB 140ms
140ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/28.377be946.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 8f927cd54d7ef0ffd667f6537f9a9f3ef56fd8f86b32c8dfd534c29da2f2242a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-679
cdn-cachedat: 11/21/2023 16:40:45
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:51 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f37-d7b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 147f52b81213d8a88324080447f62f3d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 26.1898e425.min.js Show response
a.opmnstr.com/app/js/ 2 KB
1 KB 112ms
112ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/26.1898e425.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: c6fd60d4ecfcac36ecdcb7456ecf170d8eef75c883a1e34a4dd7855d23966cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-664
cdn-cachedat: 11/21/2023 16:40:45
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:40 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2c-6b6"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 8b5e782045d3ca64a878e4cdd5641259
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 16.0e435a6f.min.js Show response
a.opmnstr.com/app/js/ 1 KB
1 KB 145ms
145ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/16.0e435a6f.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: c4fbf61bcc8a017d5d9cd2d95105bf88005bc0a3b6c18be6bfee8fc94d0adf52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-663
cdn-cachedat: 11/21/2023 16:40:45
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:35 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f27-51f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 8f2479b38976e2f40887fcb05cbf7b23
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1.ea963399.min.js Show response
a.opmnstr.com/app/js/ 11 KB
3 KB 137ms
137ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/1.ea963399.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 6507a044d207a767ec2971e891b149b58d6d32a6ee1b18068a6d6dd36bc5fa9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-662
cdn-cachedat: 11/21/2023 16:40:45
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:50 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f36-2abc"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 8e0f7efa1e78ac585c2a82d99019a57c
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 21.5aa698b1.min.js Show response
a.opmnstr.com/app/js/ 2 KB
2 KB 189ms
189ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/21.5aa698b1.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 5c756ba00bc22ff5690e08fc74aa2c70cde9b692a4acb7ca813a9dc7168c27d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:37 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-663
cdn-cachedat: 11/21/2023 16:40:45
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:35 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f27-81f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 04da586154831016ed9494c22f2b8f7e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 / Show response
o60658.ingest.sentry.io/api/6247534/envelope/ 41 B
105 B 80ms
79ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o60658.ingest.sentry.io/api/6247534/envelope/?sentry_key=5911589d325e4dc18728517ee3ddba2c&sentry_version=7

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.3.5/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

61996ef9ae34283c9f9151f34267227408fb8c21ba3a168de44a725ebc129e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://heritageaction.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 21 Nov 2023 18:31:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H2 200 forms2.css
app-ab04.marketo.com/js/forms2/css/ 13 KB
3 KB 63ms
63ms Stylesheet
text/css 104.16.96.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab04.marketo.com/js/forms2/css/forms2.css

Requested by

Host: app-ab04.marketo.com
URL: https://app-ab04.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.96.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63113904
cf-cache-status: HIT
age: 5937
content-length: 2623
last-modified: Tue, 26 Sep 2023 22:55:04 GMT
server: cloudflare
etag: "2fc0b48-3437-6064af724e200"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 829b02bfdc074db0-FRA
expires: Tue, 21 Nov 2023 22:31:38 GMT

GET
H2 200 forms2-theme-round.css
app-ab04.marketo.com/js/forms2/css/ 4 KB
1 KB 54ms
54ms Stylesheet
text/css 104.16.96.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab04.marketo.com/js/forms2/css/forms2-theme-round.css

Requested by

Host: app-ab04.marketo.com
URL: https://app-ab04.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.96.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3489d8ddd967153384606a9a3445e5ce147f6d895ecff15576cc011c271d395

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63113904
cf-cache-status: HIT
age: 5050
content-length: 968
last-modified: Tue, 26 Sep 2023 22:55:04 GMT
server: cloudflare
etag: "2fc0b4a-e46-6064af724e200"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 829b02bfdc084db0-FRA
expires: Tue, 21 Nov 2023 22:31:38 GMT

GET
H2 200 XDFrame Show response
app-ab04.marketo.com/index.php/form/ Frame 92C7 2 KB
863 B 152ms
151ms Document
text/html 104.16.96.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab04.marketo.com/index.php/form/XDFrame

Requested by

Host: app-ab04.marketo.com
URL: https://app-ab04.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.96.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e2203bc85c267cc56022d430bea017eb3611cf1797d2c100aa5ed9acf82955d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://heritageaction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 829b02c07cc94db0-FRA
content-encoding: gzip
content-length: 653
content-type: text/html; charset=utf-8
date: Tue, 21 Nov 2023 18:31:38 GMT
server: cloudflare
strict-transport-security: max-age=63113904
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 forms2.min.js Show response
app-ab04.marketo.com/js/forms2/js/ Frame 92C7 208 KB
69 KB 58ms
58ms Script
application/x-javascript 104.16.96.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab04.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: app-ab04.marketo.com
URL: https://app-ab04.marketo.com/index.php/form/XDFrame

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.96.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6ff9c0c443a9050137759816c352d43e96a673bb4023c2ba231cdbed6fe6f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app-ab04.marketo.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 18 Oct 2023 05:14:57 GMT
server: cloudflare
age: 476
etag: "2fc1fbe-3414b-607f6b86fa076"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 829b02c17e6e4db0-FRA
expires: Tue, 21 Nov 2023 22:31:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
903 B 137ms
49ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins%3Aital%2Cwght%400%2C400%3B0%2C500&display=swap

Requested by

Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/4.1dae6b4d.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

492584db86b05db92e84082fb80ac2d2944bc4c7c8d9ef82cdf8c880b7cee02d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 18:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 18:31:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 18:31:40 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 224ms
40ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins%3Aital%2Cwght%400%2C400%3B0%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heritageaction.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 19:33:17 GMT
x-content-type-options: nosniff
age: 341903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 19:33:17 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 228ms
44ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins%3Aital%2Cwght%400%2C400%3B0%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heritageaction.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:18:30 GMT
x-content-type-options: nosniff
age: 353590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 16:18:30 GMT

GET
H2 200 d1db11a473826cdc9738a6c1f776de99-optin.json Show response
a.omappapi.com/app/campaign-views/037908080056/cddcnozgjvurbmuju0fq/ 39 KB
11 KB 241ms
146ms XHR
application/json 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/campaign-views/037908080056/cddcnozgjvurbmuju0fq/d1db11a473826cdc9738a6c1f776de99-optin.json
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.3.5/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 8cae5cdd56a51aa0ce70b6446aca8aeeb871ea500d7b3d305b3e8231587e379f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:40 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-664
cdn-cachedat: 11/21/2023 18:31:40
cdn-pullzone: 293267
last-modified: Fri, 19 May 2023 21:52:10 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6467ef8a-9c10"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 71a8043c544c8e447280d36a7c500864
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5f47aaf7eabcee1ce2772f4fd77c75c252c80f9c48e4424e2f08b022aa0fa84

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cc844e4b0d6f1680274752-Asset-1.png
a.omappapi.com/users/037908080056/images/ 21 KB
22 KB 182ms
182ms Image
image/webp 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.omappapi.com/users/037908080056/images/cc844e4b0d6f1680274752-Asset-1.png?width=1200&height=1200
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: d83c71ad09b47c44dac3c8d181064f648b471d94dba842f69186b2d7503e5bd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:31:41 GMT
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 11/21/2023 18:31:41
cdn-pullzone: 293267
content-length: 21826
last-modified: Fri, 19 May 2023 21:52:12 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 382
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "6467ef8c-5542"
content-type: image/webp
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 9f190483b846adc33bd3aa5fef103c51
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 204
No Content i Show response
z.omappapi.com/v3/ 0
248 B 488ms
130ms XHR
text/plain 178.128.135.233
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://z.omappapi.com/v3/i?aid=61447&cid=cddcnozgjvurbmuju0fq&sid=5d39cd06311b3&rt=false&dv=desktop&cty=popup&url=&v=5
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.3.5/bundle.tracing.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.135.233 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: kong/3.4.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://heritageaction.com
Date: Tue, 21 Nov 2023 18:31:41 GMT
Access-Control-Allow-Credentials: true
X-Kong-Response-Latency: 16
Server: kong/3.4.2
Connection: keep-alive
vary: Origin

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.heritageaction.com/	1970-01-21 01:59:11	Name: _ga Value: GA1.2.1357913741.1700591497
.heritageaction.com/	1970-01-20 16:24:37	Name: _gid Value: GA1.2.1901137087.1700591497
.heritageaction.com/	1970-01-20 16:23:11	Name: _gat Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 59V0seB4ZNM
.youtube.com/	1970-01-20 20:42:23	Name: VISITOR_INFO1_LIVE Value: OzCVTbHis7o
heritageaction.com/	1970-01-20 17:06:23	Name: activeCongressionalSession Value: 118
.heritageaction.com/	1970-01-21 01:59:11	Name: _mkto_trk Value: id:824-MHT-304&token:_mch-heritageaction.com-1700591497134-20259
heritageaction.com/	1970-01-21 01:59:11	Name: _omappvp Value: zBTVfeUZ3HnVFm95SiWukhKXoRg1pdwWWYe9IWJLHW64THPqcd3U3pPWamfdM2BBR0ESBwdf4Sy1ZK8wccfENcRArAlgJQzd
heritageaction.com/	1970-01-20 16:23:12	Name: _omappvs Value: 1700591497148
.heritageaction.com/	1970-01-21 01:59:11	Name: _ga_B6KRKX65NF Value: GS1.2.1700591497.1.0.1700591497.0.0.0
.app-ab04.marketo.com/	1970-01-20 16:23:13	Name: __cf_bm Value: LR0UaLS9ey7f1RyZKd.VwfJ9WzeQNV0WXFVETh5dDA8-1700591497-0-ASU17u/pFA0/mxo5/rRAmH3yJwH/WgCQJNBANiP20w4o0PdBldk9LE2zbGw2NXJfuJRBOHoUKiYdXUeGDbUZd+A=
.heritageaction.com/	1970-01-20 18:32:47	Name: _fbp Value: fb.1.1700591497542.1495414828
heritageaction.com/	1970-01-20 17:06:23	Name: omSeen-cddcnozgjvurbmuju0fq Value: 1700591501120

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

824-mht-304.mktoresp.com
a.omappapi.com
a.opmnstr.com
api.omappapi.com
app-ab04.marketo.com
browser.sentry-cdn.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
hafa.nyc3.cdn.digitaloceanspaces.com
heritageaction.com
munchkin.marketo.net
o60658.ingest.sentry.io
region1.google-analytics.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
z.omappapi.com
104.16.96.80
178.128.135.233
18.66.112.19
184.31.85.59
192.28.144.124
2001:4860:4802:34::36
2400:52e0:1e00::1082:1
2606:4700:20::681a:819
2606:4700:4400::6812:21b8
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2003
2a00:1450:4001:812::200e
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:600::729
34.120.195.249
03a9755cba5c0eb95142f6b51085f53e4714697a80eb244bf241c547f1fff4a6
155061c25225c032f5030bcfde8964d8d6f4349a6500378f73edb99d462358c7
17b29ad04ca3603f3d836454a3de7c7641495a26562fcdf323b23481eba70807
17c637303b3f9d684a1cd953b7999c1c75dc76b644a82dccf29303710d3990af
186fb8e6ecdeeaf48020f569ae152dcf5eaf2525cd2aaaebc16ce02c6cf637d8
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
263c3a799ea39e2db3c3347bab23a9f98990d9d9633d2d8b833d8766c3dc2b36
3034363efff30e216fdf286e8d4b2d8c87ba12403e72a14247bc346a6c4358d0
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
44a563386351f9309ff24a4fe265f01196b583177ff6b8bfbcd691e92781bb04
492584db86b05db92e84082fb80ac2d2944bc4c7c8d9ef82cdf8c880b7cee02d
51c36ed8ad7b4df950de8fd1e711c7dbb7dc566f77b5674cd0e5a52e499b7b68
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5405f21fd05a73a76a85b2021b366df4dcd00dd93ad956d671776622ea5e1ffc
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a30e2ec2704a73e0503ac8c1969842fc52f05351e86a7feba35daa011be484f
5c756ba00bc22ff5690e08fc74aa2c70cde9b692a4acb7ca813a9dc7168c27d5
61996ef9ae34283c9f9151f34267227408fb8c21ba3a168de44a725ebc129e4e
6214ed4c7b8b8b0695d5c7b064583eaf0f636359bfc1063126cb49cb7be87c1b
6507a044d207a767ec2971e891b149b58d6d32a6ee1b18068a6d6dd36bc5fa9a
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
68d56d83622570782ff69e654a6f90c81271f6c207d27b4bd704f8bdb5c91888
6cf6a02745f04d55883fef3ed25177aebb3e9e11db85c6d310807d3803770e49
6e2203bc85c267cc56022d430bea017eb3611cf1797d2c100aa5ed9acf82955d
72bfd89c83a0feaa119c6b84f75fc2b9a38a8d8ccca0e35858500fd985c8b42f
745b79544835c8ee16198c039bdde0b6ec42333c0f830df5770bd4dcd60a6ac6
7cff876d2cbba6ba93ca4875868a25ca037ad4364d68626b9374d28106e8354b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
85016d81a1b51d8867123c56433b2e638844aac2e3dfe64fd79acc1f11c6f983
8ad9a6bcdc20b0bb29576b861332e7b11719bd11af68024d7676724574070f05
8c1047951411859aedf48b5a20d7af2efcd4226217bd0d0589a23ebdd59c56ab
8cae5cdd56a51aa0ce70b6446aca8aeeb871ea500d7b3d305b3e8231587e379f
8d7293476de0d15a9417a6f896f642845e90a174c74455e095f5f9a69768b51c
8f927cd54d7ef0ffd667f6537f9a9f3ef56fd8f86b32c8dfd534c29da2f2242a
95452478d798faa9db5f23a8cf358c1e82f3082fc8104679b7eb73f75c287427
978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a
a0746aee5a2b0032d3d664b8383d97bb3e1f0dce11ececfa1258072a704b1a72
b063340043e47f5cf67a5121bc3199765abbdd829c3d66d055bb23edf718230a
b18b7934fcad866d7a86f35e082d61323a9417ef10ded37e30c710dae0d38df4
b3489d8ddd967153384606a9a3445e5ce147f6d895ecff15576cc011c271d395
c110d3e795d9bcb956d5c9ef500d23c7e480a259519d383d5c626293ee413815
c4fbf61bcc8a017d5d9cd2d95105bf88005bc0a3b6c18be6bfee8fc94d0adf52
c6fd60d4ecfcac36ecdcb7456ecf170d8eef75c883a1e34a4dd7855d23966cd2
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d34a893380600818dd9b2737a64a3acb09ace84e4e777cb746f0dafba9c2c701
d83c71ad09b47c44dac3c8d181064f648b471d94dba842f69186b2d7503e5bd0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1b149f9dffc3130750034a65c4a1d2cbefe7ffcef67fcb368f292a065aabeef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48047a9a98e496733ee9e108874bdbf347154c21b0137f8e0a9746b11864157
e4caed5b501091ffcdd32b8110abef32f8c2b35ebb008138503c21f978c1254e
e5f47aaf7eabcee1ce2772f4fd77c75c252c80f9c48e4424e2f08b022aa0fa84
e6ff9c0c443a9050137759816c352d43e96a673bb4023c2ba231cdbed6fe6f52
ed72b51b817a86a5a74311951fcee9061524e08dd895bd1bcf50ef0f70355176
f81c5efc8d76550eb948cb0f24d57a5a44aac401d7e34b5f3783a9b5e10a08f6
f862a01d7a18af184a3408e8e745eba7b1effba42b7b42ee51d9a1454d17ba3c
fab87c1c832760ef2d6dc2fd17730ae19d89d553063408e5c8b26e7fc6ac6264

heritageaction.com Open in urlscan Pro 2606:4700:20::681a:819 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

98 %HTTPS

67 %IPv6

16 Domains

19 Subdomains

19 IPs

3 Countries

3001 kBTransfer

8731 kBSize

13 Cookies

13 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

heritageaction.com Open in urlscan Pro
2606:4700:20::681a:819 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

98 %
HTTPS

67 %
IPv6

16
Domains

19
Subdomains

19
IPs

3
Countries

3001 kB
Transfer

8731 kB
Size

13
Cookies

62 HTTP transactions
1 data transactions