urlscan.io logo urlscan.io
SecurityTrails logo

hgv.onboard.org Open in urlscan Pro
108.128.72.146  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hgv.onboard.org/dashboard/targets/target-sheets/vGRqN748
Effective URL: https://hgv.onboard.org/?url=%2Fdashboard%2Ftargets%2Ftarget-sheets%2FvGRqN748
Submission: On November 23 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 1 domains to perform 26 HTTP transactions. The main IP is 108.128.72.146, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is hgv.onboard.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 3rd 2023. Valid for: a year.
This is the only time hgv.onboard.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 108.128.72.146 16509 (AMAZON-02)
4 18.66.112.101 16509 (AMAZON-02)
11 143.204.215.96 16509 (AMAZON-02)
4 18.245.60.58 16509 (AMAZON-02)
26 5
Domain Requested by
11 cdn1.onboard.org hgv.onboard.org
cdn1.onboard.org
5 hgv.onboard.org cdn1.onboard.org
4 cdn2.onboard.org hgv.onboard.org
4 fonts.onboard.org hgv.onboard.org
fonts.onboard.org
26 4

This site contains links to these domains. Also see Links.

Domain
www.onboard.org
Subject Issuer Validity Valid
*.onboard.org
Sectigo RSA Domain Validation Secure Server CA		 2023-10-03 -
2024-11-02		 a year crt.sh
fonts.onboard.org
Amazon RSA 2048 M02		 2023-10-18 -
2024-11-15		 a year crt.sh
cdn2.onboard.org
Amazon RSA 2048 M01		 2023-07-31 -
2024-08-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://hgv.onboard.org/?url=%2Fdashboard%2Ftargets%2Ftarget-sheets%2FvGRqN748
Frame ID: 8D6CEA507FCEE2E082CC7CEC5AFBFC62
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hoteliers - und Gastwirteverband | onboard

Page URL History Show full URLs

  1. https://hgv.onboard.org/dashboard/targets/target-sheets/vGRqN748 Page URL
  2. https://hgv.onboard.org/?url=%2Fdashboard%2Ftargets%2Ftarget-sheets%2FvGRqN748 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js

Page Statistics

26
Requests

92 %
HTTPS

0 %
IPv6

1
Domains

4
Subdomains

5
IPs

2
Countries

1666 kB
Transfer

7120 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hgv.onboard.org/dashboard/targets/target-sheets/vGRqN748 Page URL
  2. https://hgv.onboard.org/?url=%2Fdashboard%2Ftargets%2Ftarget-sheets%2FvGRqN748 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
vGRqN748
hgv.onboard.org/dashboard/targets/target-sheets/ 		5 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hgv.onboard.org/dashboard/targets/target-sheets/vGRqN748
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
2504100c6ad59ce8f220e4584950038cd68f00daf975de3560b0733ae60cfea3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.onboard.org; font-src 'self' data: https://*.onboard.org https://fonts.gstatic.com https://fonts.onboard.org; img-src 'self' data: https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://i.ytimg.com https://www.dropbox.com https://*.dl.dropboxusercontent.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://*.onboard.org https://polyfill.io https://www.google.com https://www.gstatic.com https://connect.facebook.net https://www.recaptcha.net 'nonce-RUi0vD8nbz4FtpzfT2kXPg=='; style-src 'self' 'unsafe-inline' https://*.onboard.org https://fonts.googleapis.com https://www.gstatic.com https://fonts.onboard.org; frame-src 'self' https://*.onboard.org https://www.youtube.com https://player.vimeo.com https://www.youtube-nocookie.com https://www.recaptcha.net; connect-src 'self' https://*.onboard.org wss://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://www.facebook.com https://www.recaptcha.net https://yousign.app; form-action 'self' https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://yousign.app; base-uri 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
5576
Content-Security-Policy
default-src 'self' https://*.onboard.org; font-src 'self' data: https://*.onboard.org https://fonts.gstatic.com https://fonts.onboard.org; img-src 'self' data: https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://i.ytimg.com https://www.dropbox.com https://*.dl.dropboxusercontent.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://*.onboard.org https://polyfill.io https://www.google.com https://www.gstatic.com https://connect.facebook.net https://www.recaptcha.net 'nonce-RUi0vD8nbz4FtpzfT2kXPg=='; style-src 'self' 'unsafe-inline' https://*.onboard.org https://fonts.googleapis.com https://www.gstatic.com https://fonts.onboard.org; frame-src 'self' https://*.onboard.org https://www.youtube.com https://player.vimeo.com https://www.youtube-nocookie.com https://www.recaptcha.net; connect-src 'self' https://*.onboard.org wss://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://www.facebook.com https://www.recaptcha.net https://yousign.app; form-action 'self' https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://yousign.app; base-uri 'self'
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Nov 2023 16:06:01 GMT
Etag
W/"2504100c6ad59ce8f220e4584950038c"
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700755562&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=g3RT08tbp%2BCyuUg9Z66%2Bbrm4sHX6IHPd9e5dpahYEDA%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700755562&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=g3RT08tbp%2BCyuUg9Z66%2Bbrm4sHX6IHPd9e5dpahYEDA%3D
Server
Cowboy
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
e40a0150-c704-4ae9-a56d-6ce8d1238396
X-Runtime
0.019357
X-Xss-Protection
1; mode=block
roboto.400,500.css
fonts.onboard.org/ 		3 KB
824 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.onboard.org/roboto.400,500.css
Requested by
Host: hgv.onboard.org
URL: https://hgv.onboard.org/dashboard/targets/target-sheets/vGRqN748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
168cc0fbedbaf31c82336870c2e525bafb3f8fccebbd01f6c375895e168c8b4f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hgv.onboard.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
z0hBPOsYA3g5yiTeINiqHGsD4_IAiKWi
content-encoding
gzip
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 09:05:17 GMT
last-modified
Mon, 24 Oct 2022 11:16:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
25376
x-amz-server-side-encryption
AES256
etag
W/"a1fe496df24560297a09d898fd587283"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
GW5wxqMFF2kcZ9sijs6HLTRU984vzd4DW58BFWd2i_jNlxcADx5osg==
application-dfb10a67c7f6bd5957ed0300840b5a849bc37830646a8dff14dd03f93b71d6a8.css
cdn1.onboard.org/assets/ 		762 KB
89 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn1.onboard.org/assets/application-dfb10a67c7f6bd5957ed0300840b5a849bc37830646a8dff14dd03f93b71d6a8.css
Requested by
Host: hgv.onboard.org
URL: https://hgv.onboard.org/dashboard/targets/target-sheets/vGRqN748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-96.fra53.r.cloudfront.net
Software
Cowboy /
Resource Hash
7a524cf4ee8a2d414e1844615f60a22557bc3b764eb9028ae50b0a427bb91246
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hgv.onboard.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:31:09 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
FRA53-C1
age
840893
x-cache
Hit from cloudfront
content-length
90577
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1699914670&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=WShLe89sX1P9jNZcEklwRJeTp%2FFpkJR6NSf11Uk%2F8dU%3D
last-modified
Mon, 13 Nov 2023 22:21:18 GMT
server
Cowboy
vary
Accept-Encoding,Origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1699914670&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=WShLe89sX1P9jNZcEklwRJeTp%2FFpkJR6NSf11Uk%2F8dU%3D"}]}
content-type
text/css
cache-control
public, max-age=31536000
x-amz-cf-id
6dwK6-oxVBxqkrCJcUQhyLVr96erITNj_WbBbUfpWMRjH2na7gYngQ==
custom_css.css
cdn1.onboard.org/assets/businesses/hgv/ 		0
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn1.onboard.org/assets/businesses/hgv/custom_css.css?t=1700045438
Requested by
Host: hgv.onboard.org
URL: https://hgv.onboard.org/dashboard/targets/target-sheets/vGRqN748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-96.fra53.r.cloudfront.net
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.onboard.org; font-src 'self' data: https://*.onboard.org https://fonts.gstatic.com https://fonts.onboard.org; img-src 'self' data: https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://i.ytimg.com https://www.dropbox.com https://*.dl.dropboxusercontent.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://*.onboard.org https://polyfill.io https://www.google.com https://www.gstatic.com https://connect.facebook.net https://www.recaptcha.net 'nonce-k0dfJu4+6DzbS9aEjaER8w=='; style-src 'self' 'unsafe-inline' https://*.onboard.org https://fonts.googleapis.com https://www.gstatic.com https://fonts.onboard.org; frame-src 'self' https://*.onboard.org https://www.youtube.com https://player.vimeo.com https://www.youtube-nocookie.com https://www.recaptcha.net; connect-src 'self' https://*.onboard.org wss://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://www.facebook.com https://www.recaptcha.net https://yousign.app; form-action 'self' https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://yousign.app; base-uri 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hgv.onboard.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:44:45 GMT
content-security-policy
default-src 'self' https://*.onboard.org; font-src 'self' data: https://*.onboard.org https://fonts.gstatic.com https://fonts.onboard.org; img-src 'self' data: https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://i.ytimg.com https://www.dropbox.com https://*.dl.dropboxusercontent.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://*.onboard.org https://polyfill.io https://www.google.com https://www.gstatic.com https://connect.facebook.net https://www.recaptcha.net 'nonce-k0dfJu4+6DzbS9aEjaER8w=='; style-src 'self' 'unsafe-inline' https://*.onboard.org https://fonts.googleapis.com https://www.gstatic.com https://fonts.onboard.org; frame-src 'self' https://*.onboard.org https://www.youtube.com https://player.vimeo.com https://www.youtube-nocookie.com https://www.recaptcha.net; connect-src 'self' https://*.onboard.org wss://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://www.facebook.com https://www.recaptcha.net https://yousign.app; form-action 'self' https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://yousign.app; base-uri 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
via
1.1 vegur, 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
289278
x-cache
Hit from cloudfront
content-length
0
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700466285&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=MPkeOyKR0SZnerZcX8R1wvPC%2B3rFhjKXPJ041fHTarQ%3D
x-request-id
dea12e64-1499-4541-884d-da132ba38306
x-runtime
0.006110
referrer-policy
strict-origin-when-cross-origin
server
Cowboy
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700466285&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=MPkeOyKR0SZnerZcX8R1wvPC%2B3rFhjKXPJ041fHTarQ%3D"}]}
content-type
text/css; charset=utf-8
vary
Origin
cache-control
max-age=31556952, public
x-amz-cf-id
8YAfq7mxjDN8yDZBeOEmdGaG6gonJJjm_as4Rz0VfYx_ieYseMVxGA==
HGV_Logo_Redesign18_Emblem_RGB.png
cdn2.onboard.org/uploads/business/logo/29/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.onboard.org/uploads/business/logo/29/HGV_Logo_Redesign18_Emblem_RGB.png
Requested by
Host: hgv.onboard.org
URL: https://hgv.onboard.org/dashboard/targets/target-sheets/vGRqN748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb99b3f30797701d962ca5967dc11c7b27d48ac64ccd2b2cd6057f67ed176785

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hgv.onboard.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:44:46 GMT
x-amz-version-id
null
via
1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
last-modified
Thu, 26 Apr 2018 06:24:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
289278
etag
"c2512b9c19a1f622472fc0b5e1d4ea63"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3094
x-amz-cf-id
GIf6zE4Z2J_7dbnvI1YiWgGqlvwGvjZTxoAaQO6ugzKkosjHplN9ug==
dashboard-409c10038e460f40a036c21603227aeb9047aa3080fa6fc9dc3a52aca51756a0.js
cdn1.onboard.org/assets/ 		4 MB
806 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.onboard.org/assets/dashboard-409c10038e460f40a036c21603227aeb9047aa3080fa6fc9dc3a52aca51756a0.js
Requested by
Host: hgv.onboard.org
URL: https://hgv.onboard.org/dashboard/targets/target-sheets/vGRqN748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-96.fra53.r.cloudfront.net
Software
Cowboy /
Resource Hash
409c10038e460f40a036c21603227aeb9047aa3080fa6fc9dc3a52aca51756a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hgv.onboard.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:28:13 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
FRA53-C1
age
70669
x-cache
Hit from cloudfront
content-length
823369
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700684894&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=honqOODI1Jzk9iwxdOnyHSHswqmWJRpGjc8XFvx7NSk%3D
last-modified
Wed, 22 Nov 2023 20:18:10 GMT
server
Cowboy
vary
Accept-Encoding,Origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700684894&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=honqOODI1Jzk9iwxdOnyHSHswqmWJRpGjc8XFvx7NSk%3D"}]}
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
HzllmALum1MR6jnkz3R_bGO7ym4X-LWZTTib8mZGWSB25tX-X8tGCw==
roboto-v30-latin-ext_latin-regular.woff2
fonts.onboard.org/roboto/v30-latin-ext_latin/ 		0
0
angular-locale_de.min.js
cdn1.onboard.org/assets/i18n/angular/1.6.2/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.onboard.org/assets/i18n/angular/1.6.2/angular-locale_de.min.js
Requested by
Host: cdn1.onboard.org
URL: https://cdn1.onboard.org/assets/dashboard-409c10038e460f40a036c21603227aeb9047aa3080fa6fc9dc3a52aca51756a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-96.fra53.r.cloudfront.net
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hgv.onboard.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 13:26:45 GMT
via
1.1 vegur, 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 28 Sep 2023 10:01:40 GMT
server
Cowboy
x-amz-cf-pop
FRA53-C1
age
4588757
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
ChbIXjrDnNWB2Fzxjd1iJEqTS1QVr0DvIc7V8NC7P6mLmHSKBEq68A==
sign_in.json
hgv.onboard.org/de/users/ 		2 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hgv.onboard.org/de/users/sign_in.json
Requested by
Host: cdn1.onboard.org
URL: https://cdn1.onboard.org/assets/dashboard-409c10038e460f40a036c21603227aeb9047aa3080fa6fc9dc3a52aca51756a0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.onboard.org; font-src 'self' data: https://*.onboard.org https://fonts.gstatic.com https://fonts.onboard.org; img-src 'self' data: https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://i.ytimg.com https://www.dropbox.com https://*.dl.dropboxusercontent.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://*.onboard.org https://polyfill.io https://www.google.com https://www.gstatic.com https://connect.facebook.net https://www.recaptcha.net 'nonce-Ef+e/NkY2yD0nL80BmVC+A=='; style-src 'self' 'unsafe-inline' https://*.onboard.org https://fonts.googleapis.com https://www.gstatic.com https://fonts.onboard.org; frame-src 'self' https://*.onboard.org https://www.youtube.com https://player.vimeo.com https://www.youtube-nocookie.com https://www.recaptcha.net; connect-src 'self' https://*.onboard.org wss://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://www.facebook.com https://www.recaptcha.net https://yousign.app; form-action 'self' https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://yousign.app; base-uri 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://hgv.onboard.org/dashboard/targets/target-sheets/vGRqN748
X-XSRF-TOKEN
BEDaFWXC1yYyN1mrUPlI5E0YE+zpCozjWuOiimMj9NLkwdNsFFqiFNFmbkb1OeO3c4AR8EWB67tgtYsParZyCQ==
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Thu, 23 Nov 2023 16:06:02 GMT
Content-Security-Policy
default-src 'self' https://*.onboard.org; font-src 'self' data: https://*.onboard.org https://fonts.gstatic.com https://fonts.onboard.org; img-src 'self' data: https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://i.ytimg.com https://www.dropbox.com https://*.dl.dropboxusercontent.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://*.onboard.org https://polyfill.io https://www.google.com https://www.gstatic.com https://connect.facebook.net https://www.recaptcha.net 'nonce-Ef+e/NkY2yD0nL80BmVC+A=='; style-src 'self' 'unsafe-inline' https://*.onboard.org https://fonts.googleapis.com https://www.gstatic.com https://fonts.onboard.org; frame-src 'self' https://*.onboard.org https://www.youtube.com https://player.vimeo.com https://www.youtube-nocookie.com https://www.recaptcha.net; connect-src 'self' https://*.onboard.org wss://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://www.facebook.com https://www.recaptcha.net https://yousign.app; form-action 'self' https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://yousign.app; base-uri 'self'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Via
1.1 vegur
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700755563&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=T0XZz6eLWMVotEsOL8NfWOr9socLj6WuszdTu8PRMbE%3D
X-Request-Id
3b7be0d9-7f86-44f3-b308-d2cca4e5300f
X-Runtime
0.017684
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
X-Download-Options
noopen
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700755563&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=T0XZz6eLWMVotEsOL8NfWOr9socLj6WuszdTu8PRMbE%3D"}]}
Access-Control-Allow-Origin
https://hgv.onboard.org
Access-Control-Expose-Headers
X-Frame-Options
SAMEORIGIN
Cache-Control
no-cache
Content-Type
application/json; charset=utf-8
Vary
Origin
Primary Request /
hgv.onboard.org/ 		4 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hgv.onboard.org/?url=%2Fdashboard%2Ftargets%2Ftarget-sheets%2FvGRqN748
Requested by
Host: cdn1.onboard.org
URL: https://cdn1.onboard.org/assets/dashboard-409c10038e460f40a036c21603227aeb9047aa3080fa6fc9dc3a52aca51756a0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
afe42c73bee3db303f670851f05b38a9bd8a34413dda36359d4e66474f9c9fac
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.onboard.org; font-src 'self' data: https://*.onboard.org https://fonts.gstatic.com https://fonts.onboard.org; img-src 'self' data: https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://i.ytimg.com https://www.dropbox.com https://*.dl.dropboxusercontent.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://*.onboard.org https://polyfill.io https://www.google.com https://www.gstatic.com https://connect.facebook.net https://www.recaptcha.net 'nonce-MfB5FCcl/wSIvh+g8NhPTQ=='; style-src 'self' 'unsafe-inline' https://*.onboard.org https://fonts.googleapis.com https://www.gstatic.com https://fonts.onboard.org; frame-src 'self' https://*.onboard.org https://www.youtube.com https://player.vimeo.com https://www.youtube-nocookie.com https://www.recaptcha.net; connect-src 'self' https://*.onboard.org wss://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://www.facebook.com https://www.recaptcha.net https://yousign.app; form-action 'self' https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://yousign.app; base-uri 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hgv.onboard.org/dashboard/targets/target-sheets/vGRqN748
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
3793
Content-Security-Policy
default-src 'self' https://*.onboard.org; font-src 'self' data: https://*.onboard.org https://fonts.gstatic.com https://fonts.onboard.org; img-src 'self' data: https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://i.ytimg.com https://www.dropbox.com https://*.dl.dropboxusercontent.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://*.onboard.org https://polyfill.io https://www.google.com https://www.gstatic.com https://connect.facebook.net https://www.recaptcha.net 'nonce-MfB5FCcl/wSIvh+g8NhPTQ=='; style-src 'self' 'unsafe-inline' https://*.onboard.org https://fonts.googleapis.com https://www.gstatic.com https://fonts.onboard.org; frame-src 'self' https://*.onboard.org https://www.youtube.com https://player.vimeo.com https://www.youtube-nocookie.com https://www.recaptcha.net; connect-src 'self' https://*.onboard.org wss://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://www.facebook.com https://www.recaptcha.net https://yousign.app; form-action 'self' https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://yousign.app; base-uri 'self'
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Nov 2023 16:06:02 GMT
Etag
W/"afe42c73bee3db303f670851f05b38a9"
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700755563&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=T0XZz6eLWMVotEsOL8NfWOr9socLj6WuszdTu8PRMbE%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700755563&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=T0XZz6eLWMVotEsOL8NfWOr9socLj6WuszdTu8PRMbE%3D
Server
Cowboy
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
fac94332-6058-4d08-9371-3fbd0fea9067
X-Runtime
0.016323
X-Xss-Protection
1; mode=block
roboto-v30-latin-ext_latin-regular.woff
fonts.onboard.org/roboto/v30-latin-ext_latin/ 		0
0
roboto.400,500.css
fonts.onboard.org/ 		3 KB
824 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.onboard.org/roboto.400,500.css
Requested by
Host: hgv.onboard.org
URL: https://hgv.onboard.org/?url=%2Fdashboard%2Ftargets%2Ftarget-sheets%2FvGRqN748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
168cc0fbedbaf31c82336870c2e525bafb3f8fccebbd01f6c375895e168c8b4f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hgv.onboard.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
z0hBPOsYA3g5yiTeINiqHGsD4_IAiKWi
content-encoding
gzip
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 09:05:17 GMT
last-modified
Mon, 24 Oct 2022 11:16:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
25376
x-amz-server-side-encryption
AES256
etag
W/"a1fe496df24560297a09d898fd587283"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
OAGbWFK7mBDaWRp88gVHdEIFPTfmjSfb4DZk_qR7AUSJkpKgNCiHqA==
application-dfb10a67c7f6bd5957ed0300840b5a849bc37830646a8dff14dd03f93b71d6a8.css
cdn1.onboard.org/assets/ 		762 KB
89 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn1.onboard.org/assets/application-dfb10a67c7f6bd5957ed0300840b5a849bc37830646a8dff14dd03f93b71d6a8.css
Requested by
Host: hgv.onboard.org
URL: https://hgv.onboard.org/?url=%2Fdashboard%2Ftargets%2Ftarget-sheets%2FvGRqN748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-96.fra53.r.cloudfront.net
Software
Cowboy /
Resource Hash
7a524cf4ee8a2d414e1844615f60a22557bc3b764eb9028ae50b0a427bb91246
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hgv.onboard.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:31:09 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
FRA53-C1
age
840893
x-cache
Hit from cloudfront
content-length
90577
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1699914670&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=WShLe89sX1P9jNZcEklwRJeTp%2FFpkJR6NSf11Uk%2F8dU%3D
last-modified
Mon, 13 Nov 2023 22:21:18 GMT
server
Cowboy
vary
Accept-Encoding,Origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1699914670&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=WShLe89sX1P9jNZcEklwRJeTp%2FFpkJR6NSf11Uk%2F8dU%3D"}]}
content-type
text/css
cache-control
public, max-age=31536000
x-amz-cf-id
8T46jGsuLr7QqXoH0y0YbnC5Bq_bX5EMVTWuw9EKx6ox5ww0qcOVXg==
custom_css.css
cdn1.onboard.org/assets/businesses/hgv/ 		0
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn1.onboard.org/assets/businesses/hgv/custom_css.css?t=1700045438
Requested by
Host: hgv.onboard.org
URL: https://hgv.onboard.org/?url=%2Fdashboard%2Ftargets%2Ftarget-sheets%2FvGRqN748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-96.fra53.r.cloudfront.net
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.onboard.org; font-src 'self' data: https://*.onboard.org https://fonts.gstatic.com https://fonts.onboard.org; img-src 'self' data: https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://i.ytimg.com https://www.dropbox.com https://*.dl.dropboxusercontent.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://*.onboard.org https://polyfill.io https://www.google.com https://www.gstatic.com https://connect.facebook.net https://www.recaptcha.net 'nonce-k0dfJu4+6DzbS9aEjaER8w=='; style-src 'self' 'unsafe-inline' https://*.onboard.org https://fonts.googleapis.com https://www.gstatic.com https://fonts.onboard.org; frame-src 'self' https://*.onboard.org https://www.youtube.com https://player.vimeo.com https://www.youtube-nocookie.com https://www.recaptcha.net; connect-src 'self' https://*.onboard.org wss://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://www.facebook.com https://www.recaptcha.net https://yousign.app; form-action 'self' https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://yousign.app; base-uri 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hgv.onboard.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:44:45 GMT
content-security-policy
default-src 'self' https://*.onboard.org; font-src 'self' data: https://*.onboard.org https://fonts.gstatic.com https://fonts.onboard.org; img-src 'self' data: https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://i.ytimg.com https://www.dropbox.com https://*.dl.dropboxusercontent.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://*.onboard.org https://polyfill.io https://www.google.com https://www.gstatic.com https://connect.facebook.net https://www.recaptcha.net 'nonce-k0dfJu4+6DzbS9aEjaER8w=='; style-src 'self' 'unsafe-inline' https://*.onboard.org https://fonts.googleapis.com https://www.gstatic.com https://fonts.onboard.org; frame-src 'self' https://*.onboard.org https://www.youtube.com https://player.vimeo.com https://www.youtube-nocookie.com https://www.recaptcha.net; connect-src 'self' https://*.onboard.org wss://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://www.facebook.com https://www.recaptcha.net https://yousign.app; form-action 'self' https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://yousign.app; base-uri 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
via
1.1 vegur, 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
289278
x-cache
Hit from cloudfront
content-length
0
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700466285&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=MPkeOyKR0SZnerZcX8R1wvPC%2B3rFhjKXPJ041fHTarQ%3D
x-request-id
dea12e64-1499-4541-884d-da132ba38306
x-runtime
0.006110
referrer-policy
strict-origin-when-cross-origin
server
Cowboy
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700466285&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=MPkeOyKR0SZnerZcX8R1wvPC%2B3rFhjKXPJ041fHTarQ%3D"}]}
content-type
text/css; charset=utf-8
vary
Origin
cache-control
max-age=31556952, public
x-amz-cf-id
KMAEveaPG7zaG8psCVaA5gyHEoUhd18XCYX1a-obe4h9nydyxbqR6A==
welcome-955b29af415f629eb696ea32e21480b8c6958c767d0f36f99ac3ab5008b5b1eb.js
cdn1.onboard.org/assets/ 		1 MB
383 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.onboard.org/assets/welcome-955b29af415f629eb696ea32e21480b8c6958c767d0f36f99ac3ab5008b5b1eb.js
Requested by
Host: hgv.onboard.org
URL: https://hgv.onboard.org/?url=%2Fdashboard%2Ftargets%2Ftarget-sheets%2FvGRqN748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-96.fra53.r.cloudfront.net
Software
Cowboy /
Resource Hash
955b29af415f629eb696ea32e21480b8c6958c767d0f36f99ac3ab5008b5b1eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hgv.onboard.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:40:55 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
FRA53-C1
age
69908
x-cache
Hit from cloudfront
content-length
391359
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700685655&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=WCcZSdb0VfahhZnuiA6elhyf301u80oUOYLNCZdgMF0%3D
last-modified
Wed, 22 Nov 2023 20:18:10 GMT
server
Cowboy
vary
Accept-Encoding,Origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700685655&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=WCcZSdb0VfahhZnuiA6elhyf301u80oUOYLNCZdgMF0%3D"}]}
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
hRACr1_sc6urOytAaxVPUzVfrW5TIQ81pm5Xj77KfoBrY--ZqMxfLw==
HGV_Logo_Redesign18_Emblem_RGB.png
cdn2.onboard.org/uploads/business/logo/29/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.onboard.org/uploads/business/logo/29/HGV_Logo_Redesign18_Emblem_RGB.png
Requested by
Host: hgv.onboard.org
URL: https://hgv.onboard.org/?url=%2Fdashboard%2Ftargets%2Ftarget-sheets%2FvGRqN748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb99b3f30797701d962ca5967dc11c7b27d48ac64ccd2b2cd6057f67ed176785

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hgv.onboard.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:44:46 GMT
x-amz-version-id
null
via
1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
last-modified
Thu, 26 Apr 2018 06:24:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
289278
etag
"c2512b9c19a1f622472fc0b5e1d4ea63"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3094
x-amz-cf-id
5sVNBTjA5iqoqAbsQY81BGebDIwe9_F2XubfeN5xM0S27Rt45hbkOw==
roboto-v30-latin-ext_latin-regular.woff2
fonts.onboard.org/roboto/v30-latin-ext_latin/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.onboard.org/roboto/v30-latin-ext_latin/roboto-v30-latin-ext_latin-regular.woff2
Requested by
Host: fonts.onboard.org
URL: https://fonts.onboard.org/roboto.400,500.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c445c283da9a171eb4841f32cb343627ef480ed8c80c6dca83ef8287687e62f

Request headers

Referer
https://fonts.onboard.org/roboto.400,500.css
Origin
https://hgv.onboard.org
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:57:53 GMT
x-amz-version-id
jKBEr1TRQT0rAd_enPcTvg33h.HfCFKb
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
29291
x-cache
Hit from cloudfront
content-length
22560
last-modified
Mon, 24 Oct 2022 10:58:02 GMT
server
AmazonS3
etag
"1dfb815c0e707ba03fb3486d94881ca4"
vary
Origin
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
f2tpdfjV6coz6r1CxcmGpCYbAbyviwpXLYBCMz-y5DUBzTm3pDmvNg==
angular-locale_de.min.js
cdn1.onboard.org/assets/i18n/angular/1.6.2/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.onboard.org/assets/i18n/angular/1.6.2/angular-locale_de.min.js
Requested by
Host: cdn1.onboard.org
URL: https://cdn1.onboard.org/assets/welcome-955b29af415f629eb696ea32e21480b8c6958c767d0f36f99ac3ab5008b5b1eb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-96.fra53.r.cloudfront.net
Software
Cowboy /
Resource Hash
3c215f995f6d4476d4007ff7612cf3dff4b3ea18198aa0206e3f6632b5085214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hgv.onboard.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 13:26:45 GMT
via
1.1 vegur, 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 28 Sep 2023 10:01:40 GMT
server
Cowboy
x-amz-cf-pop
FRA53-C1
age
4588758
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
LOPFxQDSSnDgoUgTyha-xX1kk9qy9YeRoBvNaBQFOWJeCE6PXDGsTg==
de.json
cdn1.onboard.org/assets/i18n/core/ 		34 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn1.onboard.org/assets/i18n/core/de.json?v=312
Requested by
Host: cdn1.onboard.org
URL: https://cdn1.onboard.org/assets/welcome-955b29af415f629eb696ea32e21480b8c6958c767d0f36f99ac3ab5008b5b1eb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-96.fra53.r.cloudfront.net
Software
Cowboy /
Resource Hash
a685e3d0d67d237954a02c2c02e63cb33bab3aa08f570a3dad899de1b2c2751a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://hgv.onboard.org/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:50:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur, 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
gzip
x-amz-cf-pop
FRA53-C1
age
69338
x-cache
Hit from cloudfront
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700686226&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=z%2F%2BsPi%2BB2JKEhooTE%2F2a8NG46437W2t1IDWHsqxIlq0%3D
last-modified
Wed, 22 Nov 2023 20:18:10 GMT
server
Cowboy
access-control-max-age
7200
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700686226&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=z%2F%2BsPi%2BB2JKEhooTE%2F2a8NG46437W2t1IDWHsqxIlq0%3D"}]}
access-control-allow-origin
https://hgv.onboard.org
content-type
application/json
access-control-expose-headers
cache-control
public, max-age=31536000
vary
Accept-Encoding,Origin
x-amz-cf-id
FkS3BAzKYMO4d0Xjcx_6KbE9FlGY6mFUw-OkoxfuwKHkD4livpTXHA==
de.json
cdn1.onboard.org/assets/i18n/welcome/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn1.onboard.org/assets/i18n/welcome/de.json?v=312
Requested by
Host: cdn1.onboard.org
URL: https://cdn1.onboard.org/assets/welcome-955b29af415f629eb696ea32e21480b8c6958c767d0f36f99ac3ab5008b5b1eb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-96.fra53.r.cloudfront.net
Software
Cowboy /
Resource Hash
bdbe8b89fcd6b77568494804c7cf0fa681001c723cf0e02cc8fde0c7e6a5d1b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://hgv.onboard.org/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:53:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur, 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
gzip
x-amz-cf-pop
FRA53-C1
age
69172
x-cache
Hit from cloudfront
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700686392&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=%2BiDvgdLj%2BG0Z2lbolAj8kFFJnOYbbVQ5h1%2F9MjR5aTk%3D
last-modified
Wed, 22 Nov 2023 20:18:10 GMT
server
Cowboy
access-control-max-age
7200
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700686392&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=%2BiDvgdLj%2BG0Z2lbolAj8kFFJnOYbbVQ5h1%2F9MjR5aTk%3D"}]}
access-control-allow-origin
https://hgv.onboard.org
content-type
application/json
access-control-expose-headers
cache-control
public, max-age=31536000
vary
Accept-Encoding,Origin
x-amz-cf-id
Yyqa_fcEvWVtBafDCJ6982A637YD4QKbsXoLuoQ5AibVJA6qwGIuzQ==
welcome.json
hgv.onboard.org/de/api/v1/public/businesses/ 		22 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hgv.onboard.org/de/api/v1/public/businesses/welcome.json
Requested by
Host: cdn1.onboard.org
URL: https://cdn1.onboard.org/assets/welcome-955b29af415f629eb696ea32e21480b8c6958c767d0f36f99ac3ab5008b5b1eb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
96d8e9c8b1708782e2a2d8128f21eda52c394da904ebb4bf609e090b42676a8e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.onboard.org; font-src 'self' data: https://*.onboard.org https://fonts.gstatic.com https://fonts.onboard.org; img-src 'self' data: https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://i.ytimg.com https://www.dropbox.com https://*.dl.dropboxusercontent.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://*.onboard.org https://polyfill.io https://www.google.com https://www.gstatic.com https://connect.facebook.net https://www.recaptcha.net 'nonce-loRKxjtzqaaQiHN5joyptQ=='; style-src 'self' 'unsafe-inline' https://*.onboard.org https://fonts.googleapis.com https://www.gstatic.com https://fonts.onboard.org; frame-src 'self' https://*.onboard.org https://www.youtube.com https://player.vimeo.com https://www.youtube-nocookie.com https://www.recaptcha.net; connect-src 'self' https://*.onboard.org wss://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://www.facebook.com https://www.recaptcha.net https://yousign.app; form-action 'self' https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://yousign.app; base-uri 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://hgv.onboard.org/?url=%2Fdashboard%2Ftargets%2Ftarget-sheets%2FvGRqN748
X-XSRF-TOKEN
l3RPEkrOCqhk0QA4FDsZNJC8InFVuawQNAI+y2jAyAB39UZrO1Z/moeAN9Wx+7JnriQgbfkyy0gOVBdOYVVO2w==
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 16:06:03 GMT
Content-Security-Policy
default-src 'self' https://*.onboard.org; font-src 'self' data: https://*.onboard.org https://fonts.gstatic.com https://fonts.onboard.org; img-src 'self' data: https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://i.ytimg.com https://www.dropbox.com https://*.dl.dropboxusercontent.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://*.onboard.org https://polyfill.io https://www.google.com https://www.gstatic.com https://connect.facebook.net https://www.recaptcha.net 'nonce-loRKxjtzqaaQiHN5joyptQ=='; style-src 'self' 'unsafe-inline' https://*.onboard.org https://fonts.googleapis.com https://www.gstatic.com https://fonts.onboard.org; frame-src 'self' https://*.onboard.org https://www.youtube.com https://player.vimeo.com https://www.youtube-nocookie.com https://www.recaptcha.net; connect-src 'self' https://*.onboard.org wss://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://www.facebook.com https://www.recaptcha.net https://yousign.app; form-action 'self' https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://yousign.app; base-uri 'self'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Via
1.1 vegur
Connection
keep-alive
Content-Length
22023
X-Xss-Protection
1; mode=block
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700755564&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=vyLxQWW%2FbbH6aPMrE6lPwm3S4zrAF2SXeXsuOfhnST4%3D
X-Request-Id
b8eced54-0b8a-4a57-b535-5ab9569fcacd
X-Runtime
0.016017
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Etag
W/"96d8e9c8b1708782e2a2d8128f21eda5"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700755564&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=vyLxQWW%2FbbH6aPMrE6lPwm3S4zrAF2SXeXsuOfhnST4%3D"}]}
Content-Type
application/json; charset=utf-8
Vary
Origin
Cache-Control
max-age=0, private, must-revalidate
faqs.json
hgv.onboard.org/de/api/v1/public/ 		1 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hgv.onboard.org/de/api/v1/public/faqs.json
Requested by
Host: cdn1.onboard.org
URL: https://cdn1.onboard.org/assets/welcome-955b29af415f629eb696ea32e21480b8c6958c767d0f36f99ac3ab5008b5b1eb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
910df70c728264df26ed040e80276be7abb3967164e7c07873b3224506e16cee
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.onboard.org; font-src 'self' data: https://*.onboard.org https://fonts.gstatic.com https://fonts.onboard.org; img-src 'self' data: https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://i.ytimg.com https://www.dropbox.com https://*.dl.dropboxusercontent.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://*.onboard.org https://polyfill.io https://www.google.com https://www.gstatic.com https://connect.facebook.net https://www.recaptcha.net 'nonce-xzwGpmLiQ9ZOTgzCoEbdMw=='; style-src 'self' 'unsafe-inline' https://*.onboard.org https://fonts.googleapis.com https://www.gstatic.com https://fonts.onboard.org; frame-src 'self' https://*.onboard.org https://www.youtube.com https://player.vimeo.com https://www.youtube-nocookie.com https://www.recaptcha.net; connect-src 'self' https://*.onboard.org wss://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://www.facebook.com https://www.recaptcha.net https://yousign.app; form-action 'self' https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://yousign.app; base-uri 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://hgv.onboard.org/?url=%2Fdashboard%2Ftargets%2Ftarget-sheets%2FvGRqN748
X-XSRF-TOKEN
l3RPEkrOCqhk0QA4FDsZNJC8InFVuawQNAI+y2jAyAB39UZrO1Z/moeAN9Wx+7JnriQgbfkyy0gOVBdOYVVO2w==
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 16:06:03 GMT
Content-Security-Policy
default-src 'self' https://*.onboard.org; font-src 'self' data: https://*.onboard.org https://fonts.gstatic.com https://fonts.onboard.org; img-src 'self' data: https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://i.ytimg.com https://www.dropbox.com https://*.dl.dropboxusercontent.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://*.onboard.org https://polyfill.io https://www.google.com https://www.gstatic.com https://connect.facebook.net https://www.recaptcha.net 'nonce-xzwGpmLiQ9ZOTgzCoEbdMw=='; style-src 'self' 'unsafe-inline' https://*.onboard.org https://fonts.googleapis.com https://www.gstatic.com https://fonts.onboard.org; frame-src 'self' https://*.onboard.org https://www.youtube.com https://player.vimeo.com https://www.youtube-nocookie.com https://www.recaptcha.net; connect-src 'self' https://*.onboard.org wss://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://www.facebook.com https://www.recaptcha.net https://yousign.app; form-action 'self' https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://yousign.app; base-uri 'self'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Via
1.1 vegur
Connection
keep-alive
Content-Length
1493
X-Xss-Protection
1; mode=block
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700755564&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=vyLxQWW%2FbbH6aPMrE6lPwm3S4zrAF2SXeXsuOfhnST4%3D
X-Request-Id
0bfba0b9-47bb-412b-a250-40e2b0c7a1c5
X-Runtime
0.014114
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Etag
W/"910df70c728264df26ed040e80276be7"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700755564&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=vyLxQWW%2FbbH6aPMrE6lPwm3S4zrAF2SXeXsuOfhnST4%3D"}]}
Content-Type
application/json; charset=utf-8
Vary
Origin
Cache-Control
max-age=0, private, must-revalidate
onboard-small.png
cdn1.onboard.org/assets/images/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.onboard.org/assets/images/logo/onboard-small.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-96.fra53.r.cloudfront.net
Software
Cowboy /
Resource Hash
6b673dcfcc7f427f3421a79deeb1abe91034d639645fbf50446c729b4a4f1ba3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hgv.onboard.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 04:17:57 GMT
via
1.1 vegur, 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 12 Jan 2023 11:16:40 GMT
server
Cowboy
x-amz-cf-pop
FRA53-C1
age
27172086
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
content-length
1832
x-amz-cf-id
oRT2w6qAbvMwrjybbPkL-yFbLgq_UWZcQ4ay3hEoTWXfo90IK7Q7TQ==
HGV_Logo_Redesign18_Emblem_RGB.png
cdn2.onboard.org/uploads/business/logo/29/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.onboard.org/uploads/business/logo/29/HGV_Logo_Redesign18_Emblem_RGB.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb99b3f30797701d962ca5967dc11c7b27d48ac64ccd2b2cd6057f67ed176785

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hgv.onboard.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:44:46 GMT
x-amz-version-id
null
via
1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
last-modified
Thu, 26 Apr 2018 06:24:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
289279
etag
"c2512b9c19a1f622472fc0b5e1d4ea63"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3094
x-amz-cf-id
dO0T76NuE0jl4-bZUc7EnqbDNJqwVD9F86lLvjuO3EdALM50yK2aFQ==
default_background4.jpg
cdn2.onboard.org/uploads/business/background_image/29/ 		175 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.onboard.org/uploads/business/background_image/29/default_background4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c2b02d3bf4fccd3b5b8292f5808f58ea96e502d994ac9f75ea49722a1fa5b7c

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hgv.onboard.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 10:25:59 GMT
x-amz-version-id
null
via
1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
last-modified
Fri, 17 May 2019 09:10:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
193205
etag
"aed7c2b7cd0fcef0032b313e44d8d7ca"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
179661
x-amz-cf-id
CbfitXNdYG0ztl5U7ImNGmE3mcXA-Y6jtymSSBp0pvT_wl8rc5KzNA==
roboto-v30-latin-ext_latin-500.woff2
fonts.onboard.org/roboto/v30-latin-ext_latin/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.onboard.org/roboto/v30-latin-ext_latin/roboto-v30-latin-ext_latin-500.woff2
Requested by
Host: fonts.onboard.org
URL: https://fonts.onboard.org/roboto.400,500.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f684d0da0d6fe90b95711213a5bc9431580b0ebecb864f8f8de30ad70eb64559

Request headers

Referer
https://fonts.onboard.org/roboto.400,500.css
Origin
https://hgv.onboard.org
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
ilRuHvxYssZTDMWpX5QjTt.4Epi.8MJK
date
Thu, 23 Nov 2023 07:57:55 GMT
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
29290
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22648
last-modified
Mon, 24 Oct 2022 10:57:55 GMT
server
AmazonS3
etag
"6cad9967814c821174259b5dfa364550"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
BevXkZT2vThRzE2FVon6Xso2UUROHEmGPuidsLPu38jtsJcpAKYhQQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.onboard.org
URL
https://fonts.onboard.org/roboto/v30-latin-ext_latin/roboto-v30-latin-ext_latin-regular.woff2
Domain
fonts.onboard.org
URL
https://fonts.onboard.org/roboto/v30-latin-ext_latin/roboto-v30-latin-ext_latin-regular.woff

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| DialogController function| RecaptchaDialogController function| msNavigationServiceProvider function| MsNavigationController function| msNavigationDirective function| MsNavigationNodeController function| msNavigationNodeDirective function| msNavigationItemDirective function| msNavigationHorizontalDirective function| MsNavigationHorizontalNodeController function| msNavigationHorizontalNodeDirective function| msNavigationHorizontalItemDirective function| isMobile function| convertDateStringsToDates function| SuccessDialogController function| GuidelineDialogController function| TfaActivationSuccessDialogController function| ForgotOtpDialogController function| RegisteredDialogController object| ngFileUpload object| regexIso8601 function| $ function| jQuery function| moment object| angular function| _ object| ngMaterial object| ahoy string| _OMNIAUTH_FACEBOOK_KEY string| _OMNIAUTH_LINKEDIN_KEY string| _ASSET_HOST string| _FACEBOOK_PAGE_NAME string| _RECAPTCHA_PUBLIC_KEY string| _LANGUAGE object| jQuery112407582416745352423

2 Cookies

Domain/Path Name / Value
hgv.onboard.org/ Name: XSRF-TOKEN
Value: K3DZNrsPsvfGUk65tShRohvtoCdGkIHTO%2BYm4lsJ37PL8dBPypfHxSUDeVQQ6PrxJXWiO%2Bob5osBsA9nUpxZaA%3D%3D
hgv.onboard.org/ Name: _onboard_session
Value: QnlSYXByeHFtTDB5WWJJMm9vQkRuU2tBaFloNlRVUnluclU0emszR0JZN1lpY1psYkpJQklvWXVEcXc5T0xWMVR2bmJnbUxOY3ByQUdYSkJYaUI3VTh2clRXRXBRY2Q1Vm5GMFBKZzN1RGVhZTlQNE9GcmliNnVyUHJMOUhzU01MSlVuZDh2eXcwL3p3SGVhUUhXV2h3PT0tLW5qckNPT1kyUW11RFR5ZW5HcjIyZXc9PQ%3D%3D--7b0f153ab556e315b4b8a772992482e09f68c669

1 Console Messages

Source Level URL
Text
network error URL: https://hgv.onboard.org/de/users/sign_in.json
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.onboard.org; font-src 'self' data: https://*.onboard.org https://fonts.gstatic.com https://fonts.onboard.org; img-src 'self' data: https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://i.ytimg.com https://www.dropbox.com https://*.dl.dropboxusercontent.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://*.onboard.org https://polyfill.io https://www.google.com https://www.gstatic.com https://connect.facebook.net https://www.recaptcha.net 'nonce-RUi0vD8nbz4FtpzfT2kXPg=='; style-src 'self' 'unsafe-inline' https://*.onboard.org https://fonts.googleapis.com https://www.gstatic.com https://fonts.onboard.org; frame-src 'self' https://*.onboard.org https://www.youtube.com https://player.vimeo.com https://www.youtube-nocookie.com https://www.recaptcha.net; connect-src 'self' https://*.onboard.org wss://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://www.facebook.com https://www.recaptcha.net https://yousign.app; form-action 'self' https://*.onboard.org https://onboard-live.s3.eu-west-1.amazonaws.com https://yousign.app; base-uri 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block